FortiGuard Labs Weekly Threat Brief summarizes the latest hot threat activity and insights from across this week's cyber threat landscape. 

Here is a recap of what we are covering in this week’s Threat Brief:

This week Fortinet released our quarterly Threat Landscape Report. This report distills our intelligence and analysis garnered from billions of events per day into our own unique perspective of the threat landscape. Here are a few of the topics we discuss in this report:

• Older vulnerabilities continue to remain attractive to cybercriminals, who are aware that users have a hard time patching timely. We saw more vulnerabilities targeted from 2007, than from 2018-2019 combined.
• We expose the top ten chart toppers from our IPS, Malware and Botnet prevalence stats. It is important to know what is in the eyes of the bad actors so you know where to shore up your defenses.
• While phishing still remains one of the top attack vectors, in Q3 we saw some unexpected spikes in attacks targeting edge services with remote code execution attacks.
• Real-time operating systems monitor things like hospital devices and critical infrastructures, so any vulnerability exploiting these platforms can be quite destructive. We delve into some vulnerabilities affecting real-time operating systems that could impact 200 million devices.
• Cybercriminals are increasingly using banking Trojans to drop other payloads and additional banking malware on infected systems to maximize their opportunity for financial gain.

FortiGuard Labs released an Emotet adversarial playbook. Emotet is among the more dangerous threats active today. Emotet started as a banking Trojan in 2014, but due to its modular nature, it has grown to incorporate botnet capabilities, evasive techniques and other features. It is currently indiscriminately targeting victims worldwide. The Emotet playbook provides you with details about the collection of tools, techniques, and procedures that the cybercriminals behind this growing threat.

We also detailed November's Patch Tuesday security updates from Microsoft, Adobe, and Intel. Several of these vulnerabilities were discovered by FortiGuard Labs researchers.

The Lazarus APT group has been relentless. You might also know them as HIDDEN COBRA. Over time, they have turned their sights on government and defense organizations, as well as the energy and financials sectors. Grab the latest Threat Intelligence Brief to read some recent detailed research on this prolific threat actor group.

You can find more details about these and other issues in the FortiGuard Labs Weekly Threat Intelligence Brief.

Read this week's issue and subscribe to the weekly email distribution.

Thanks,
Jeannette