This week Fortinet released our Q3 Global Threat Landscape report. Every second of every day, FortiGuard Labs is collecting data gathered from millions of devices and sensors around the world. We distill that threat intelligence into our quarterly threat report where we can provide our unique narrative of the threat world.

Spikes at the Network Edge - In this issue we explore recent unexpected spikes in attacks targeting edge services with remote code execution exploits. Cybercriminals are more and more extending their tactics beyond phishing and establishing footholds at the network edge, then use that attack vector to begin delivering malware to targets inside the network.

Design Flaw Exploited - A design flaw in legitimate ad blocking tools is being abused to support illicit schemes. Adblock Plus uses a key to detect approved advertisement sites so they can be whitelisted. However the key is being exploited to exempt malicious sites from being blocked.

Old Vulnerabilities Targeted - More vulnerabilities from 2007 are being exploited, than from 2018-2019 combined. Bad actors are leveraging tried and true old vulnerabilities to exploit victims. They understand well that users have a difficult time patching timely. Unpatched vulnerabilities, despite their age, can heighten your risk exposure.

RaaS Continues to Expand - The authors behind the GandCrab ransomware proved Ransomware-as-a-Service (RaaS) is a lucrative business model. We observed two other significant ransomware families—Sodinokibi and Nemty—being deployed in a similar manner suggesting the ransomware-as-a-service model is gaining ground.

Emotet Botnet Playbook - Emotet is among the more dangerous threats active today. Emotet started as a banking Trojan in 2014, but due to its modular nature, it has grown to incorporate botnet capabilities, evasive techniques and other features. This threat has the potential to cause catastrophic damage. Its modular nature and constant updates ensure its longevity. It is currently indiscriminately targeting victims worldwide.

Real-time Operating Systems Vulnerable - We also discuss vulnerabilities on real-time operating systems. These operating systems are difficult to patch as they require real-time usage to monitor things like hospital devices, energy production systems, manufacturing devices, and much more. However, the vulnerabilities can have significant impact to operations and people. It is imperative that non-traditional infrastructures are included in your vulnerability management strategy.

There are many other interesting and provocative stories and data points covered in this report. I encourage you to read the full report as it provides the real-world view that you can use to better understand the threat landscape, from a prevalence and impact point of view, and drive better risk management and prioritization with organizations.

Download Report HERE