FortiGuard
The FortiGuard Domain Reputation service is a licensed subscription that maintains a database of DNS Domain Names that pose a threat to your network and clients.
mrobson
Staff
Staff
Article Id 250915
Description

 

The FortiGuard Incident Response team is ready to assist with the discovery, containment, and remediation of intrusions that have originated from the 3CX supply chain attack.

Whilst adversary infrastructure associated with this campaign was taken down quickly reporting indicates multiple compromised endpoints across the globe.

The campaign resulted in the deployment of info stealer malware that could result in the use of valid credentials for future attacks if not properly scoped and mitigated.

 

Scope

 

FortiGuard.

 

Solution

 

Engaging Response Services:

 

To engage the IR team directly for help with an investigation please use the ‘Experienced a breach?’ link available here:

https://www.fortinet.com/solutions/enterprise-midsize-business/security-as-a-service/fortiguard-inci...

This webpage also has additional information on IR services and helps to prepare for cyber incidents.

 

Engaging Proactive Services:

 

If there are any questions about whether to be a victim of this campaign or to proactively prepare and the security teams to better handle threats like this, it is possible to engage the Incident Response Readiness service.

The FortiGuard IR Readiness service can assess the security posture and provide support to patch holes in the defenses, build playbooks to combat emerging threats and war game the existing processes as part of tabletop activities.

 

Related document:

https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sb-fortiguard-incident-readines...

Contributors