Weekly Threat Briefs

FortiGuard Labs uses its industry leading global infrastructure of threat sensors, honeypots, and collectors to provide you with the largest source of data of any pure play network security vendor. Data is collected from all of these sources on a continual basis and analyzed by Fortinet’s world-wide team of analysts to provide you with a weekly recap of the incidents and threats you care the most about.

On this page you will find an archive of our weekly Threat Intelligence Briefs, as well as the ability to sign up to receive these briefs every Friday. Join the thousands of other security-minded professionals who receive these weekly briefs!

Meeting the "Ministrer" - The common adage "things are not always as they seem" lends itself well to the cyber world. Phishing explicitly tries to convince an email recipient that a message is legitimate and trustworthy when it is not. This equally applies to cases where the sender is interested...

Sep 23, 2022
Path Filter Bypass Vulnerabilities in Java Open Source Projects - In the web application world, a URL path is always used to map a web request to a designated web service on the backend. As a security precaution, a web application typically has a path filter mechanism to prevent an unauthorized...

Sep 16, 2022
Development in the case of the Synacor Zimbra Collaboration MBoxImport Vulnerabilities - On August 25, 2022, FortiGuard Labs released an Outbreak Alert about multiple high severity vulnerabilities in the Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 in mboximport functionality that receives a...

Sep 09, 2022
How to Protect Your OT Network - Without Disrupting Operations - A good portion of existing operational technology (OT) networks were originally built during the air gap days, where isolation from other enterprise systems made for sufficient security. As digital transformation initiatives drive...

Sep 02, 2022
A Tale of PivNoxy and Chinoxy Puppeteer - Recently, a simple and short email with a suspicious RTF attachment that was sent to a telecommunications agency in South Asia caught the attention of FortiGuard Labs. The email, disguised as having come from a Pakistani government division, delivered...

Aug 26, 2022