Threat Coverage: How FortiEDR detects and protects...

gthirugnanasa · 01-04-2022

Introduction The FortiGuard Responder team has observed attempts to employ a proxy execution technique that uses the Microsoft MSBuild to deploy Cobalt Strike beacons throughout customer environments. This technique was also observed and reported by ...

gthirugnanasa · 12-13-2021

Introduction A critical remote code execution vulnerability in Apache Log4j is actively being exploited in the wild. Log4j is a widely used Java-based logging audit framework within Apache. The vulnerability is due to insufficient input validation an...

gthirugnanasa · 12-08-2021

Zerologon (CVE-2020-1472) continues to draw attention even a year after its initial disclosure in Sep 2020. Zerologon is currently one of the most extensively exploited post-exploitation Windows vulnerabilities, having been adopted by several ransomw...

gthirugnanasa · 09-16-2021

IntroductionA new threat group named Hive who deploy a ransomware variant of the same name have begun to ramp-up operations around the globe. Notable recent intrusions in North America have propelled this group into the sights of the cyber security c...

gthirugnanasa · 09-16-2021

Introduction Microsoft has released patch, mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in MSHTML that affects Microsoft Windows. Exploitation of this vulnerability allows a remote attacker to take con...

User Statistics

User Activity

Threat Coverage: How FortiEDR protects against MSBuild Proxy Execution

Threat Coverage : How FortiEDR protects against the exploitation of Log4shell

Threat Coverage : How FortiEDR defends against the exploitation of Zerologon

Threat Coverage: How FortiEDR protects against Hive ransomware

Threat Coverage: How FortiEDR defends against the exploitation of Microsoft's remote code execution vulnerability CVE-2021-40444

Threat Coverage: How FortiEDR detects and protects...

KCS