As cyber threats continue to grow and evolve, so does the need for innovative solutions and reliable threat intelligence. Using millions of global network sensors, FortiGuard Labs monitors the worldwide attack surface and employs artificial intelligence (AI) to mine that data for new threats, ensuring you are prepared for what’s coming.
When a cybersecurity attack with large ramifications affects numerous organizations, FortiGuard Outbreak Alerts are here to help you understand what happened, learn the technical details of the attack, and how you can protect yourself now and in the future.
What is the Check Point Quantum Security Gateways Information Disclosure Attack?
A zero-day vulnerability affecting Check Point Security Gateways is being exploited by attackers to gain remote access. The vulnerability can allow an attacker to read sensitive information on Check Point Security Gateways enabled with remote Access VPN or Mobile Access Software Blades. Check Point mentioned in their advisory that the exploitation attempts were seen as early as April 7, 2024. Read more
The vulnerability CVE-2024-24919 allows an unauthenticated remote attacker to read the contents of an arbitrary file located on the affected appliance, including disclosing the password hashes for local accounts. Weak passwords can be compromised, leading to further misuse and potential lateral movement within the network. CISA has also added CVE-2024-24919 to its "known exploited" catalogue.
An Outbreak Alert report is posted on the FortiGuard.com, it provides details on all the FortiGuard services that can provide detection, and protection, as well as how to respond, recover, and identify the attack. Read less
What is the D-Link Multiple Devices Attack?
FortiGuard Labs observed a critical level of attack attempts in the wild targeting multiple vulnerabilities found on different D-Link Routers and NAS devices. Read more
FortiGuard Labs telemetry shows continued attacks targeting D-Link devices. 50,000+ unique IPS devices blocked these attempted attacks in the week of the release of the outbreak. The exploits have been available publicly and as of now, we are not aware of any patches available from the vendor as many of the impacted products are End-of-Life products that may not be supported anymore. Users are requested to review the impacted products and follow vendor guidelines for mitigating risks.
An Outbreak Alert report is posted on FortiGuard.com, it provides details on all the FortiGuard services that provide detection, and protection, as well as how to respond, recover, and identify the attack. Read less
What is the Black Basta Ransomware?
Black Basta is a type of ransomware-as-a-service (RaaS) that was first discovered in April 2022. Since then, its affiliates have targeted numerous businesses and critical infrastructure in North America, Europe, and Australia. By May 2024, Black Basta has impacted over 500 organizations worldwide. This Ransomware-as-a-Service (RaaS) model not only offers ransomware service, but also facilitates an infrastructure for payment processing, and ransom negotiation, and provides technical support to its affiliates. Read more
FortiGuard Labs continues to observe detections in the wild related to the BlackBasta ransomware group. The ransomware has been seen to use techniques to gain initial access such as phishing and exploiting public facing applications. It previously exploited the PrintNightmare (CVE-2021-34527), ZeroLogon (CVE-2020-1472) and Follina (CVE-2022-30190) vulnerabilities, and recently, it exploited the ConnectWise vulnerability (CVE-2024-1709).
An Outbreak Alert report is posted on the FortiGuard Labs website. It provides details on all the FortiGuard services that provide detection and protection, as well as how to respond, recover, and identify the attack.
Read less
Cyberattacks can occur at any time. The number of outbreak alerts you receive can vary anywhere from once per month to several times per week.
Join Fortinet's top threat experts as they delve into today's critical cybersecurity topics and the ever-evolving cyber threat landscape.
|
Join us for another episode of the FortiGuard Labs Threat Intelligence Podcast as Jonas Walker and Aamir Lakhani join forces to discuss the recent MOVEit vulnerability and how the Cl0p ransomware groups have orchestrated an extensive campaign around it, making over $100M in revenue.
Listen Now
A new phishing campaign was recently captured by our FortiGuard Labs that spreads a new Agent Tesla variant targeting Spanish-speaking people. Learn more.
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. Learn more.
FortiGuard Labs analysis of a zEus batch stealer distributed via a crafted Minecraft source pack. Learn more.
In this report, we examine the cyberthreat landscape in 2H 2023 to identify trends and offer insights on what security professionals should know.
FortiGuard Labs discovered the new botnet “Goldoon” targeting D-Link devices through related vulnerability CVE-2015-2051. Learn more.
The KageNoHitobito and DoNex are recent ransomware that are financially motivated, demanding payment from victims to decrypt files. Learn more.
FortiGuard Labs unearthed a malicious PyPi package that aims to extract sensitive information from unsuspecting victims. Get an analysis of its origins and propagation methods.
FortiGuard Labs unveils Moobot, Miori, AGoent, Gafgyt and more exploiting TP-Link Archer AX21 vulnerability CVE-2023-1389. Learn more.
FBI Warns against public phone charging stations
To address the talent shortage facing SOC teams Fortinet's enhanced services help SOC teams reduce their cyber risk concerns and allowing more time for higher-priority projects. View the details in the press release.
New research underscores the importance of effective cyber awareness training for employees to decrease cyber risks, with more than 50% of leaders indicating their employees lack proper knowledge
“Fortinet is honored to become a member of JCDC to build on our existing collaboration and trusted relationship with the U.S. government to help improve our nation’s cybersecurity.” - Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet
By integrating current threat intelligence into defense strategies, cybersecurity staff can effectively anticipate, prevent, and respond to cyberattacks. This webinar will walk through the concept of Threat Informed Defense, the MITRE CTID, two recently published projects, and current projects in the works.
The threat landscape is changing faster than ever. Over the past six months, FortiGuard Labs identified 10,666 new ransomware variants—twice as many as in the previous 6 months. See what our experts had to say.
Our FortiGuard Labs experts discuss the cyber threat activity we saw in the second half of 2022, predictions for 2023, and smart strategies you can implement today.
FortiGuard Labs Global Threat Landscape Report offers a snapshot of the active threat landscape and highlights the latest industry trends.
Gain an in-depth understanding of various threat categories, including vulnerabilities, targeted attacks, ransomware campaigns, and OT- and IoT-related threats.
FortiGuard Labs’ threat predictions report examines a new era of advanced persistent cybercrime, discusses how AI is changing the attack game, and shares fresh trends to watch for in 2024.
The FortiGuard Incident Response team provides both proactive and reactive incident response services, which are platform-agnostic and available to all organizations across the globe. Incident response teams like ours get unique exposure to attacks and threat vectors compared to many teams working in the cybersecurity field as we are often involved in investigating incidents where the victim’s defenses have failed.
FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.
An Annual Perspective by FortiGuard Labs
New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.
FortiGuard Labs Global Threat Landscape Report offers a snapshot of the active threat landscape and highlights the latest industry trends.
FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.
New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.
FortiGuard Labs believes that sharing intelligence and working with other threat intelligence organizations improves protections for customers and enhances the effectiveness of the entire cybersecurity industry. Our leadership helps take the fight to our adversaries and produces a more successful disruption model by leveraging these relationships.
For decades we have been faced with the classic ‘last mile’ challenge when it comes to information sharing and threat intelligence.
Watch Now
Fortinet is now an official Research Partner with MITRE Engenuity’s Center for Threat-Informed Defense (Center).
Read Blog
FortiGuard application security services protect, monitor, and optimize application performance and usage.
Find solution guides, eBooks, data sheets, analyst reports, and more.
