{"id":16793,"date":"2019-11-05T18:42:02","date_gmt":"2019-11-06T02:42:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/11\/05\/news-10532\/"},"modified":"2019-11-05T18:42:02","modified_gmt":"2019-11-06T02:42:02","slug":"news-10532","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/11\/05\/news-10532\/","title":{"rendered":"FortiGuard Labs Weekly Threat Update \u2013 Week of 01 November 2019"},"content":{"rendered":"<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12\">\n<div class=\"cmp cmp-text aem-GridColumn aem-GridColumn--default--12\">\n<p>Each week, FortiGuard Labs publishes a <a href=\"https:\/\/fortiguard.com\/resources\/threat-brief?utm_source=blog&amp;utm_campaign=2019-q3-threat-brief\">Threat Brief<\/a> to subscribers that profiles notable hot topics and threats that were discovered or discussed during the week. Here is a recap of what we are covering in this week\u2019s Threat Brief:<\/p>\n<ul>\n<li>Mobile device security threats, and Android-based malware in particular, are on the rise. In fact, 14% of all cyber threats \u2013 not just on mobile devices \u2013 are now detected on Android devices. With employees accessing critical business apps from personal devices, the risk exposure to introducing malicious attacks into your organization through a compromised mobile device is high. Protecting your organization is everyone&#8217;s responsibility, and in this week\u2019s report we outline five critical elements needed to enhance your cyber security awareness program.\n<\/li>\n<li>While we\u2019re on the topic of mobile device security, this week we saw some prominent mobile threat activity, including a new xHelper Trojan dropper that is not only able to reinstall itself on Android devices after it is removed, but it can do so even after a full factory reset of the device. Once infected, the device connects to a command and control server where additional payloads, such as droppers, rootkits, and more are downloaded.\n<\/li>\n<li>FortiGuard Labs researchers recently came across a number of websites advertising cryptocurrency exchange platforms. Upon further analysis, we found that these sites were phishing sites, with domains registered and hosted on a Russian website hosting service. If you are investing in cryptocurrency, be sure you use legitimate exchange platforms.\n<\/li>\n<li>The WordPress Plugin MM Forms Community is prone to vulnerabilities that let attackers upload arbitrary files. This week we discuss a specific vulnerability that we have seen experience a 20% increase in attacks over the last month, with Belarus and Spain recording the most activity.\n<\/li>\n<li>Raccoon is an information stealer sold in underground forums as a Malware-as-a-Service (MaaS). When this information stealer was first discovered back in April, it was only available in Russian and sold in Russian hacking forums. Now, the Raccoon developers have expanded their market reach to English hacking forums. Read this week\u2019s Threat Brief to learn the interesting details behind this malware.\n<\/li>\n<li>We also profile some malware tools used by threat actors named after characters and items found in a popular Japanese anime series. Overall, these tools have been found to have various nefarious capabilities, such as information stealing, password harvesting, keylogging, and more. These tools are currently targeting shipping and transportation companies in Kuwait.<\/li>\n<\/ul>\n<p>You can find more details about these and other issues in the FortiGuard Labs Weekly Threat Intelligence Brief. Follow these links to\u00a0<a href=\"https:\/\/fortiguard.com\/resources\/threat-brief?utm_source=blog&amp;utm_campaign=2019-q3-threat-brief\">read<\/a>\u00a0this week&#8217;s issue and\u00a0<a href=\"https:\/\/secure.fortinet.com\/FortiGuard\">subscribe<\/a>\u00a0to the weekly email distribution.\u00a0 \u00a0\u00a0<\/p>\n<p><i>Learn more about\u00a0<a href=\"https:\/\/www.fortinet.com\/fortiguard\/threat-intelligence\/threat-research.html?utm_source=nreleaseblog&amp;utm_campaign=2018-q2-fortiguardlabs-cta\">FortiGuard Labs<\/a>\u00a0and the FortiGuard Security Services\u00a0<a href=\"https:\/\/www.fortinet.com\/support-and-training\/support-services\/fortiguard-security-subscriptions.html?utm_source=blog&amp;utm_campaign=2018-blog-security-services\">portfolio<\/a>.\u00a0<\/i><\/p>\n<p><i>Read about the FortiGuard\u00a0<a href=\"https:\/\/www.fortinet.com\/support-and-training\/support-services\/fortiguard-security-subscriptions\/security-rating.html?utm_source=blog&amp;utm_campaign=2018-blog-security-rating-service\">Security Rating Service<\/a>, which provides security audits and best practices.<\/i><\/p>\n<\/p><\/div>\n<div class=\"raw-import aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"text-container\">\n<div id=\"om-qxx1b0gslklfu2kjckea-holder\"><\/div>\n<\/div><\/div>\n<\/p><\/div>\n<p><a href=\"http:\/\/feedproxy.google.com\/~r\/fortinet\/blog\/threat-research\/~3\/vt3BtZdAxqs\/fortiguard-labs-threat-update-november-1-2019.html\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/fortinet\/blog\/threat-research<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Learn about the cyber threats uncovered during the week of November 1, 2019.&lt;img src=&#8221;http:\/\/feeds.feedburner.com\/~r\/fortinet\/blog\/threat-research\/~4\/vt3BtZdAxqs&#8221; height=&#8221;1&#8243; width=&#8221;1&#8243; alt=&#8221;&#8221;\/&gt;<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10424,10378],"tags":[],"class_list":["post-16793","post","type-post","status-publish","format-standard","hentry","category-fortinet","category-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16793","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16793"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16793\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16793"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}