News • Insights • Analysis
When launching and persisting attacks at scale, threat actors can inadvertently leave behind traces of information. They often reuse, rotate and share portions of their infrastructure when automating their campaign’s setup before launching an attack. Defenders can leverage this behavior Read More …
This is a follow-up analysis to a previous blog about a zero day exploit where the FortiGuard Incident Response (FGIR) team examined how remote attackers exploited multiple vulnerabilities in an appliance to gain control of a customer’s system. At the Read More …
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of Read More …
Today FortiGuard Labs is releasing this blog post about a case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). At the time of our investigation, two out of the three identified vulnerabilities Read More …
The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month. FunkSec operators appear to use AI-assisted malware development, which can enable even inexperienced actors to quickly produce and Read More …
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments. In Read More …
Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate Read More …
Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce Read More …
In recent investigation into the EAGERBEE backdoor, kaspersky researchers found that it was being deployed at ISPs and governmental entities in the Middle East. The researchers analysis uncovered new components used in these attacks, including a novel service injector designed Read More …
The New Orleans terrorist attacker visited the Louisiana city twice in the weeks before the attack and recorded video of the area using Meta smart glasses, the FBI revealed Sunday. Shamsud-Din Jabbar, 42, stayed at a rental home in New Read More …
