Botnet


Educational institution networks continue to be a favorite playground for cybercriminals. Because of the age and interests of the majority of educational users, these networks tend to incorporate cutting edge technologies and strategies. [Read More]
by RSS Tony Giandomenico  |  Jan 31, 2018  |  Filed in: Industry Trends, Security Research
At one time, we were challenged to ask not what our country could do for us but what we could do for our country. It is time that the leading organizations in digital technology come together once again to ask the same. [Read More]
by RSS Phil Quade  |  Jan 29, 2018  |  Filed in: Business and Technology, Industry Trends
The first Okiru sample appeared around October 2017 ,and FortiGuard Labs created a write up of its development last December, which included worm capabilities and the embedding of two different exploits. As a follow up, we will now share our findings on the latest Okiru variant that targets ARC processors. [Read More]
by RSS Rommel Joven & David Maciejak  |  Jan 25, 2018  |  Filed in: Security Research
FortiGuard Labs has been actively monitoring FALLCHILL and validating all IOCs, whether we discovered them ourselves through one of our millions of sensors deployed around the world, or collected from the hundreds of threat sharing feeds we subscribe to. Our comprehensive threat information-sharing program includes Governments, Certs, and Strategic Partners from around the world. [Read More]
by RSS FortiGuard SE Team  |  Nov 17, 2017  |  Filed in: Security Research
By now, everyone should be aware of two things related to IoT devices. The first is that these devices are being deployed everywhere, with no sign of slowing down. The second is that many of these devices are notoriously insecure. [Read More]
by RSS FortiGuard SE Team  |  Nov 16, 2017  |  Filed in: Security Research
Today, the billions of online IoT devices present an even more daunting challenge because they generally don't receive the level of control, visibility, and protection that traditional systems receive. Coupled with widespread automation-based attacks, the potential for damage is even greater. Recent developments, outlined below, reveal why it's time to take IoT security seriously. [Read More]
by RSS Derek Manky  |  Oct 30, 2017  |  Filed in: Industry Trends
BlueBorne affects devices supporting Bluetooth. As such, the PoC they demoed does not spread over Bluetooth: it takes control of a given Bluetooth victim. Apparently, the researchers said they locally created a botnet. But that was clearly a local inside test, and we have no details regarding the botnet's payload. [Read More]
by RSS Axelle Apvrille  |  Sep 19, 2017  |  Filed in: Security Research
The first day here at Black Hat is over. On the expo floor, a number of vendors are promoting that they now provide critical threat intelligence along with the other technologies they provide. Of course, in general, this is a good thing. The biggest challenge organizations have historically faced has been a lack of visibility into their networks, especially cloud and virtualized environments. The challenge, however, is how are organizations supposed to consume, correlate, and make use of all of this information? Dozens of intelligence feeds from... [Read More]
by RSS Anthony Giandomenico  |  Jul 27, 2017  |  Filed in: Industry Trends
This is the second part of FortiGuard Labs’ deep analysis of the new Emotet variant. In the first part of the analysis we demonstrated that by bypassing the server-side Anti-Debug or Anti-Analysis technique we could download three or four modules (.dll files) from the C&C server. In that first blog we only analyzed one module (I named it ‘module2’). In this blog, we’ll review how the other modules work. Here we go. [Read More]
by RSS Xiaopeng Zhang  |  May 09, 2017  |  Filed in: Security Research
In part 1 of FortiGuard Labs’ analysis of a new variant of the BADNEWS backdoor, which is actively being used in the MONSOON APT campaign, we did a deep technical analysis of what this backdoor of capable of and how the bad guys control it using the command and control server. In this part of the analysis, we will try to discover who might be behind the distribution of these files. [Read More]
by RSS Jasper Manuel and Artem Semenchenko  |  Apr 05, 2017  |  Filed in: Security Research