variant


FortiGuard Labs just recently found new Sage ransomware samples that, while they appear to still be Sage 2.2, now have added tricks focused on anti-analysis and privilege escalation. In this article, we will share our findings of these recent updates. [Read More]
by RSS Floser Bacurio Jr., Wayne Low, and Jasper Manuel  |  Oct 29, 2017  |  Filed in: Security Research
Recently, the FortiGuard Labs research team observed that a new variant of Poison Ivy was being spread through a compromised PowerPoint file. We captured a PowerPoint file named Payment_Advice.ppsx, which is in OOXML format. Once the victim opens this file using the MS PowerPoint program, the malicious code contained in the file is executed. It downloads the Poison Ivy malware onto the victim’s computer and then launches it. In this blog, I’ll show the details of how this happens, what techniques are used by this malware, as well as... [Read More]
by RSS Xiaopeng Zhang  |  Aug 23, 2017  |  Filed in: Security Research
A few days ago, while scouring through Fortinet’s Kadena Threat Intelligence System (KTIS), we found an emerging spam campaign. Initially, it was the scale that caught our attention, and then it got a lot more interesting when the payload was found out to be a new variant of the infamous Locky. [Read More]
by RSS Floser Bacurio, Joie Salvio, Rommel Joven  |  Aug 14, 2017  |  Filed in: Security Research
Cerber 4.1.0 is already here!  In this blog we will share information about this updated version uncovered by Fortinet, including its differences and similarities compared to previous versions.  Cerber is a classic ransomware tool that encrypts victims’ files and then demands payments to decrypt them. Victims are given a period of time for making the payments and then (hopefully) having their original unencrypted files restored. Cerber marks encrypted files with a specific extension. In previous versions (Cerber 2 and 3), encrypted... [Read More]
by RSS Sarah (Qi) Wu and Jacob (Kuan Long) Leong  |  Oct 31, 2016  |  Filed in: Security Research