Skip to content
Fortinet: Threat Landscape Report Q1

Fortinet: Threat Landscape Report Q1

Q1 2019 Introduction and Overview

It’s time once again to head back out into the wilds of the cyber threat landscape to review another quarter of mischief and mayhem. Thank you for choosing us as your guide, and we look forward to spending the next dozen-ish pages helping to get you caught up on important Q1 events and prepared for the future. Here’s a quick synopsis of the attractions we’ll visit this quarter:

The Fortinet Threat Landscape Index : This summary measure of how bad it is out there was more volatile than ever, but rose a slight 1% overall during the quarter.

Tools and Tricks for Living Off the Land : Threat actors increasingly leverage legitimate tools already installed on target systems to carry out cyberattacks. We discuss several of these tools and how they’re being used.

Playbook Preview: Silence Group : This threat actor traditionally targets financial institutions in Russia and eastern Europe, but has expanded both their scope and repertoire over the years. We catch you up on their latest tactics.

Attackers Thinking More About ThinkPHP : Exploits targeting the ThinkPHP framework hit the #2 spot, reminding us that attackers don’t discriminate against lesser-known technologies to accomplish their goals on a global scale.

Coinhive Becomes Victim of Its Own “Success” : The Monero-based cryptomining service Coinhive, which became a favorite of cyber criminals, shut down in Q1. We study the effects of that move through the lens of our telemetry data.

Exploratory Analysis: A Web of (Filtered) Connections : Do threat actors carry out phases of their attack on different days of the week? Do threats use the same infrastructure for exploitation and control? We explore those questions here.

Content Management Needs Constant Management : We all know WordPress is a magnet for attacks, but what about less well-known CMS? We examine new exploits you need to know about if you use these tools in your organization.

Ransomware Becoming More Tailored and Targeted : Once the poster child for indiscriminate attacks, recent ransomware attacks exhibit a more designer and destructive nature. We trace this trend using several recent examples.

The findings in this report represent the collective intelligence of FortiGuard Labs, drawn from a vast array of network sensors collecting billions of threat events observed in live production environments around the world. According to independent research, Fortinet has the largest security device footprint in the industry. This unique vantage point offers excellent views of the cyber threat landscape from multiple perspectives that we’re excited to share with you this quarter. Read the full report here.

Previous article Fortinet’s FortiWeb Cloud Powers Continent 8’s New WAF-as-a-Service offering

More Fortinet News Posts

  • Fortinet adds new security to SASE platform
    March 22, 2023 The Tech Geeks

    Fortinet adds new security to SASE platform

    Fortinet adds new security, management features to its SASE platform FortiSASE can now link SASE resources to SD-WAN apps via multiple Fortinet SD-WAN hubs. The company has exanded its Secure Private Access offering that ties SASE resources together with SD-WAN-based...

    Read now
  • Fortinet unveils custom ASIC
    March 14, 2023 The Tech Geeks

    Fortinet unveils custom ASIC

    Fortinet unveils custom ASIC to boost firewall performance, efficiency Fortinet’s new custom chip, the FortiSP5, will power its converged network and security devices. Fortinet is introducing a new ASIC that promises to meld the security and network functions of its...

    Read now