fast international shipping
ISO 9001/27001 Corporate certification
Manufacturer certified experts for your project-
fast international shippingISO 9001/27001 Corporate certificationManufacturer certified experts for your project
The Fortinet Threat Landscape Report provides insights into the key threats and trends detected and tracked by the FortiGuard Labs team, and the report for the latest quarter shows that cybercriminals continue to focus on finding ways to stay one step ahead of their professional cybersecurity adversaries.
FortiGuard Labs has observed attacks targeting publicly available edge services with remote code execution exploits over the past quarter. Once criminals gain a foothold at the edge, they use this attack vector to distribute their malware to targets within the network, with the same result as if they had used phishing to deliver the same payloads.
Another strategy used by the attackers is based on Adblock. Adblock uses a key to mark approved ad pages so they can be whitelisted and not blocked. However, this key has been identified by attackers and is exploited to whitelist their malicious websites. These websites can then serve their malicious ads or even serve as a phishing site for users who rely on the adblocker solution to block malicious websites and content.
The HTML/Framer.INF!tr IPS signature that detects these websites is high on our list of the most common malware variants detected in all regions of the world in the third quarter of 2019. However, it is important to note that some of these detections may be false positives due to the way Adblock is designed, making it difficult to generate a completely reliable signature.
In the last quarter, FortiGuard Labs observed that at least two ransomware families are available as Ransomware-as-a-Service offerings. By using this RaaS model, the authors of these malware tools are significantly lowering the bar for launching such attacks, both in terms of overhead and expertise.
A banking Trojan is particularly malicious because the developers have added the ability for the malware to deliver malicious payloads. This means that attackers using this new malware-as-a-service offering can infect targeted networks with additional malware.
A new phishing strategy steals email threads, not just email addresses, from infected devices. It then develops an infected response from someone in the thread and sends it to the other thread participants disguised as part of the thread.
Many of these attacks and exploits are successful because vulnerable systems are not adequately protected. Older vulnerabilities can be successfully protected by performing a risk assessment and then prioritising the likelihood of a device being exploited via the FortiGuard Security Rating Service. In addition to patching and updating devices, organisations should also consider implementing intent-based network segmentation and non-trust access strategies to prevent critical devices and vulnerable systems from being exploited. Segmentation also minimises the risks of a successful intrusion by reducing the available attack surface.
Download: Fortinet Threat Landscape Report