As cyber threats continue to grow and evolve, so does the need for innovative solutions and reliable threat intelligence. Using millions of global network sensors, FortiGuard Labs monitors the worldwide attack surface and employs artificial intelligence (AI) to mine that data for new threats, ensuring you are prepared for what’s coming.
When a cybersecurity attack with large ramifications affects numerous organizations, FortiGuard Outbreak Alerts are here to help you understand what happened, learn the technical details of the attack, and how you can protect yourself now and in the future.
What is Apache ActiveMQ Ransomware Attack?
Ransomware attackers are targeting servers running outdated and vulnerable versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). Read more
CVE-2023-46604 is an unauthenticated deserialization vulnerability in ActiveMQ's OpenWire transport connector. Successful exploitation allows an attacker to execute arbitrary code with the same privileges of the ActiveMQ server. As technical details on exploiting CVE-2023-46604 are publicly available, applying the security updates should be prioritized.
An Outbreak Alert report is posted on the FortiGuard Labs website, it provides details on all the FortiGuard services that provide detection and protection, as well as how to respond, recover, and identify the attack. Read less
What is Citrix Bleed Attack?
The Citrix Bleed Attack targets the Citrix NetScaler Application Delivery Controller and NetScaler Gateway appliances. The attack exploits a buffer overflow vulnerability that can result in a takeover of legitimate user sessions on the appliances. The session takeover bypasses password and multi-factor authentication. Read more
The exploitation could allow threat actors the ability to hijack existing authenticated sessions, allowing them to bypass multifactor authentication (MFA). FortiGuard has blocked a thousand attack attempts on network devices on a daily basis.
An Outbreak Alert report is posted on the FortiGuard Labs website, it provides details on all the FortiGuard services that provide detection and protection, as well as how to respond, recover, and identify the attack. Read less
What is Cisco IOS XE Web UI Vulnerability?
A newly identified vulnerability on the Web UI of the Cisco IOS XE is exploited in the wild. It is a privilege escalation vulnerability tracked under CVE-2023-20198. Read more
The vulnerability targets the Web UI of the Cisco IOS XE devices. The exploitation could allow a remote, unauthenticated attacker to create an administrative account on the affected system. The attacker can then use that account to gain control of the whole system, install a backdoor to the device and further infiltrate the network.
An Outbreak Alert report is posted on the FortiGuard Labs website, it provides details on all the FortiGuard services that provide detection and protection, as well as how to respond, recover, and identify the attack. Read less
Cyberattacks can occur at any time. The number of outbreak alerts you receive can vary anywhere from once per month to several times per week.
Join Fortinet's top threat experts as they delve into today's critical cybersecurity topics and the ever-evolving cyber threat landscape.
|
Join us for another episode of the FortiGuard Labs Threat Intelligence Podcast as Jonas Walker and Aamir Lakhani join forces to discuss the recent MOVEit vulnerability and how the Cl0p ransomware groups have orchestrated an extensive campaign around it, making over $100M in revenue.
Listen Now
FortiGuardLabs uncovers the ongoing exploits targeting CVE-2023-46604, with the emergence of a new Golang botnet "GoTitan". Learn more.
FortiGuard Labs exposes the KONNI campaign's distribution of using a counterfeit Russian military operation document. Read more on the details of the attack chain.
FortiGuard Labs sheds insights into the operations, tactics, and impact, including a novel technique involving ESXi-based ransomware of an incident involving the Rhysida ransomware group. Learn more.
Learn more about the NoEscape ransomware group, a potential successor to Avaddon, which emerged in May 2023, targeting organizations in various industries for financial gain.
Read FortiGuard Labs' latest threat predictions look at the latest attack tactics and techniques organizations might see in 2024 and beyond.
The Knight ransomware, a successor to the Cyclops ransomware, has been active since August 2023 and employs double-extortion tactics to extort money from victims. Learn more.
FortiGuard Labs analyzes ExelaStealer, a relatively new, open-source InfoStealer. Written in Python, and capable of stealing sensitive information from users.
Akira is a relatively new multi-OS ransomware that encrypts and exfiltrates victims' files and demands ransom for file decryption. Learn more.
To address the talent shortage facing SOC teams Fortinet's enhanced services help SOC teams reduce their cyber risk concerns and allowing more time for higher-priority projects. View the details in the press release.
FBI Warns against public phone charging stations
New research underscores the importance of effective cyber awareness training for employees to decrease cyber risks, with more than 50% of leaders indicating their employees lack proper knowledge
“Fortinet is honored to become a member of JCDC to build on our existing collaboration and trusted relationship with the U.S. government to help improve our nation’s cybersecurity.” - Ken Xie, Founder, Chairman of the Board, and Chief Executive Officer at Fortinet
By integrating current threat intelligence into defense strategies, cybersecurity staff can effectively anticipate, prevent, and respond to cyberattacks. This webinar will walk through the concept of Threat Informed Defense, the MITRE CTID, two recently published projects, and current projects in the works.
The threat landscape is changing faster than ever. Over the past six months, FortiGuard Labs identified 10,666 new ransomware variants—twice as many as in the previous 6 months. See what our experts had to say.
Our FortiGuard Labs experts discuss the cyber threat activity we saw in the second half of 2022, predictions for 2023, and smart strategies you can implement today.
The FortiGuard Incident Response team provides both proactive and reactive incident response services, which are platform-agnostic and available to all organizations across the globe. Incident response teams like ours get unique exposure to attacks and threat vectors compared to many teams working in the cybersecurity field as we are often involved in investigating incidents where the victim’s defenses have failed.
FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.
An Annual Perspective by FortiGuard Labs
New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.
FortiGuard Labs 1H 2023 Global Threat Landscape Report provides valuable intelligence and early warning for potential threat activity.
New vulnerabilities are on the rise, but don’t count out the old. Don’t become a statistic - get the latest Global Threat Landscape report.
FortiGuard Labs believes that sharing intelligence and working with other threat intelligence organizations improves protections for customers and enhances the effectiveness of the entire cybersecurity industry. Our leadership helps take the fight to our adversaries and produces a more successful disruption model by leveraging these relationships.
For decades we have been faced with the classic ‘last mile’ challenge when it comes to information sharing and threat intelligence.
Watch Now
Fortinet is now an official Research Partner with MITRE Engenuity’s Center for Threat-Informed Defense (Center).
Read Blog
FortiGuard application security services protect, monitor, and optimize application performance and usage.
Find solution guides, eBooks, data sheets, analyst reports, and more.
