rat


Background Last week, FortiGuard Labs captured a JS file that functions as a malware downloader to spread a new variant of the Emotet Trojan. Its original file name is Invoice__779__Apr___25___2017___lang___gb___GB779.js.  A JS file, as you may be aware, is a JavaScript file that can be executed by a Window Script Host (wscript.exe) simply by double-clicking on it. In this blog we will analyze how this new malware works by walking through it step by step in chronological order. A JS file used to spread malware The original JS code... [Read More]
by RSS Xiaopeng Zhang  |  May 03, 2017  |  Filed in: Security Research
Summary On March 24 2017, I discovered and reported on a remote password change vulnerability in Hewlett-Packard Enterprise’s (HPE) Vertica Analytic Database. This week, HPE released Security Bulletin HPESBGN03734, which contains the fix for this vulnerability and identifies it as CVE-2017-5802. Fueled by ever-growing volumes of Big Data found in many corporations and government agencies, HPE’s Vertica Analytics Platform provides an SQL analytics solution built from the ground up to handle massive volumes of data and delivers blazingly... [Read More]
by RSS Honggang Ren  |  Apr 20, 2017  |  Filed in: Security Research
Remote Administration Tools (RAT) have been around for a long time. They provide users and administrators with the convenience of being able to take full control of their systems without needing to be physically in front of a device. In this age of global operations, that’s a huge deal. From troubleshooting machines across countries to observing employees across rooms, RAT solutions have become widely used tools for remote maintenance and monitoring. Unfortunately, malware authors often utilize these same capabilities to compromise systems.... [Read More]
by RSS Floser Bacurio Jr. and Joie Salvio  |  Aug 29, 2016  |  Filed in: Security Research
The TeamViewer news is yet another example of the changing dynamics in cybersecurity today. Fortinet’s Aamir Lakhani offers some perspective.Why is the TeamViewer news important to consider?The TeamViewer attack appears to be an organized and sophisticated attack. We have seen criminal organizations spend a great deal of money and efforts increasing their skills in order for them to conduct cybercrime. Ransomware is a good example or why criminal organizations do this. It is both extremely valuable and profitable. Likewise, a remote access and... [Read More]
by RSS John Welton  |  Jun 02, 2016  |  Filed in: Industry Trends & News
The latest big budget release out of Hollywood takes on the very lucrative world of blackhat hacking with the appropriately named, "Blackhat". Fortinet sponsored theaters around North America for a sneak peak at the movie and a look at how hackers have been portrayed through the years. Jonas Tichenor sits down with Fortinet Global Security Strategist, Derek Manky from Universal Studios to show you the event and the myths versus reality!  [Read More]
by RSS Jonas Tichenor  |  Jan 20, 2015  |  Filed in: Industry Trends & News
Details are still emerging on the cyberespionage malware known as Regin, but it’s clear that this is no ordinary Trojan. Regin is not new software, despite making headlines this weekend with a myriad of news outlets citing Symantec’s recent white paper on the sophisticated malware. Regin includes several Remote Access Trojan (or RAT, also known as Remote Access Toolkit) features such as capturing screenshots, controlling mouse point-and-click functions, and network monitoring. It also has basic forensic capabilities like recovering deleted... [Read More]
by RSS Chris Dawson  |  Nov 25, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Sep 13, 2014  |  Filed in: Industry Trends & News
This month's Security Threat Landscape with Network World's Keith Shaw and Fortinet's Derek Manky covers everything from the FBI crack down on Blackshades to eBay. [Read More]
by RSS Michael Perna  |  Jun 02, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  May 17, 2014  |  Filed in: Industry Trends & News
Why are we discussing pest control on a security blog? Anyone who is remotely aware of internet security would know that Remote Access Tools (RATs) are not new to the internet. The concept is not new, but its implications don't fail to make my brain flip every time I think of it. A good idea of how 'personal' these can get is described in this very interesting piece Arstechnica did earlier this year on RAT breeders and how they discuss, amass and even 'giveaway' their 'slaves'. (They seem to have a funny bone too, poking fun at their ugly slaves... [Read More]
by RSS Ruchna Nigam  |  Aug 19, 2013  |  Filed in: Security Research