{"id":16786,"date":"2019-11-05T18:40:29","date_gmt":"2019-11-06T02:40:29","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/11\/05\/news-10525\/"},"modified":"2019-11-05T18:40:29","modified_gmt":"2019-11-06T02:40:29","slug":"news-10525","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/11\/05\/news-10525\/","title":{"rendered":"FortiGuard Labs Weekly Threat Update \u2013 Week of 18 October 2019"},"content":{"rendered":"<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12\">\n<div class=\"cmp cmp-text aem-GridColumn aem-GridColumn--default--12\">\n<p>Each week, FortiGuard Labs publishes our Threat Intelligence Brief that profiles some of the more interesting and impactful security events from the week. Here are some of the topics that we covered this week:<\/p>\n<ul>\n<li>An Iran-linked advanced persistent threat (APT) group, with ties to attacks on the U.S. presidential reelection campaign, recently added new\u00a0techniques to its stockpile in an apparent ramp-up of their operations. Charming Kitten, also known as Phosphorus, APT35, and Ajax Security Team, is escalating their volume of spear-phishing attempts as well as adding new impersonation vectors to its campaign. We detail the new tactics and show the relation to an attack Microsoft recently observed.\n<\/li>\n<li>We discuss a new vulnerability discovered in the Linux sudo command that could allow unprivileged users to execute commands as root. When executing commands on a Linux operating system, unprivileged users can use the sudo (superuser do) command to execute commands as root as long as they have been given permission or know the root user&#8217;s password.\n<\/li>\n<li>Read more about the &quot;<a href=\"https:\/\/www.fortinet.com\/blog\/business-and-technology\/fortinet-wins-cybersecurity-breakthrough-award-nse-institute.html\">Professional Certification Program of the Year<\/a>&quot; award that Fortinet recently received. Fortinet offers extensive certification learning courses that start with an introduction to the threat landscape, followed by the evolution of cybersecurity, and more.\n<\/li>\n<li>This week we profile new research on analysis of the Winnti Group&#8217;s backdoor dubbed &quot;PortReuse.&quot; This is an interesting white paper that is worth a read as it discusses, among other things, some of the methods used to stay covert.\n<\/li>\n<li>We also discuss how smartphone users are being phished via calendar app invitations. A feature of this emailing and calendar application allows users to see event invitations in emails in their calendars without adding it themselves. A smartphone user using this calendar application will then get push notifications. Scammers are using this feature to lure victims into clicking on a phishing link.<\/li>\n<\/ul>\n<p>You can find more details about these and other issues in the FortiGuard Labs Weekly Threat Intelligence Brief.\u00a0<a href=\"https:\/\/fortiguard.com\/resources\/threat-brief?utm_source=blog&amp;utm_campaign=2019-q3-threat-brief\">Read<\/a>\u00a0this week&#8217;s issue and\u00a0<a href=\"https:\/\/secure.fortinet.com\/FortiGuard\">subscribe<\/a>\u00a0to the weekly email distribution.<\/p>\n<p><i>Learn more about\u00a0<a href=\"https:\/\/www.fortinet.com\/fortiguard\/threat-intelligence\/threat-research.html?utm_source=nreleaseblog&amp;utm_campaign=2018-q2-fortiguardlabs-cta\">FortiGuard Labs<\/a>\u00a0and the FortiGuard Security Services\u00a0<a href=\"https:\/\/www.fortinet.com\/support-and-training\/support-services\/fortiguard-security-subscriptions.html?utm_source=blog&amp;utm_campaign=2018-blog-security-services\">portfolio<\/a>.\u00a0<\/i><\/p>\n<p><i>Read about the FortiGuard\u00a0<a href=\"https:\/\/www.fortinet.com\/support-and-training\/support-services\/fortiguard-security-subscriptions\/security-rating.html?utm_source=blog&amp;utm_campaign=2018-blog-security-rating-service\">Security Rating Service<\/a>, which provides security audits and best practices.<\/i><\/p>\n<\/p><\/div>\n<div class=\"raw-import aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"text-container\">\n<div id=\"om-qxx1b0gslklfu2kjckea-holder\"><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<p><a href=\"http:\/\/feedproxy.google.com\/~r\/fortinet\/blog\/threat-research\/~3\/7kd53HAltq4\/fortiguard-labs-threat-update-october-18-2019.html\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/fortinet\/blog\/threat-research<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn about the cyber threats uncovered during the week of October 14, 2019.&lt;img src=&#8221;http:\/\/feeds.feedburner.com\/~r\/fortinet\/blog\/threat-research\/~4\/7kd53HAltq4&#8243; height=&#8221;1&#8243; width=&#8221;1&#8243; alt=&#8221;&#8221;\/&gt;<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10424,10378],"tags":[],"class_list":["post-16786","post","type-post","status-publish","format-standard","hentry","category-fortinet","category-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16786","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16786"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16786\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16786"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16786"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}