The content of the phishing email, written in Korean, asks recipients to open the attached PowerPoint file to review a purchase order. It is designed to infect users with the Agent Tesla malware. click...
FortiGuard Labs found a malware sample being distributed in the wild targeting TP-link wireless routers. It leverages a recently post-authenticated RCE vulnerability released barely two weeks prior. click here to read full Article Read...
Fortinet researchers observed numerous payloads attempting to leverage the CVE-2021-36260 vulnerability to probe the status of devices or extract sensitive data from victims. click here to read full Article Read more on Malware updates...
The file name Covid22 plays off the current Coronavirus disease but applies that same image of fear and destruction to computers, potentially creating a cyber-pandemic in 2022. click here to read full Article Read...
In September, researchers observed numerous threat actors targeting this vulnerability whose goal was to download a malicious payload that would install a backdoor or miner in a user’s network. click here to read full...
The 15 zero-day vulnerabilities discovered affect Corel PDF Fusion, Corel PhotoPaint Standard 2020, Corel Presentations 2020, Corel WordPerfect 2020, and Corel DrawStandard 2020. click here to read full Article Read more on Malware updates...
The Ranison ransomware family appears to have been around since at least early 2017, giving it more than four years of longevity as compared to under two years for most other ransomware. click here...
FortiGuard Labs has now begun to encounter offers of fake vaccine passports as lures in email scams. It reflects how cybercriminals think that they can successfully exploit this issue. click here to read full...
Dridex is a Trojan malware, also known as Bugat or Cridex, which is capable of stealing sensitive information from infected machines and delivering and executing malicious modules (dll). click here to read full Article...
On September 7, 2021, Microsoft disclosed an active in-the-wild attack affecting Microsoft Windows. This vulnerability, CVE-2020-40444, is a remote code execution vulnerability in MSHTML and does not currently have a patch. click here to...
Once its infection routine is completed, this ransomware variant replaces the desktop wallpaper with a dropped .bmp file notifying the victim to look for a file containing instructions. click here to read full Article...
As part of a rather unique encryption procedure, the Diavol ransomware operates using user-mode Asynchronous Procedure Calls (APCs) without a symmetric encryption algorithm. click here to read full Article Read more on Malware updates...
The source code of the notorious MIRAI IoT malware was released to the public by its author back in 2016. This event led to the rise of numerous copycats, creating their own flavors of...
FortiGuard Labs has discovered yet another COVID-themed lure designed to compel unsuspecting victims to click on what appears to be an innocuous link that leads to a malicious zip file attachment. click here to...
When FormBook starts in a target process, it loads an ntdll.dll module and then overrides its data with the deployed FormBook malware. This disguises FormBook as an ntdll.dll module when it runs. click here...
Essentially, this is a typical scam, much like the recent Bitcoin exchange scams seen on Twitter. But this is a first for the YouTube platform. And it also made the claim that it was...
