Fortgale Blog » malware

March 23, 2026 ·Malware Analysis

Protected: Matanbuchus – Malware Analysis

There is no excerpt because this is a protected post.

September 20, 2023 ·Emerging Threats

Cyber Attack Risk: Follina

Risks and Solutions How to protect and how to react The identification of this type of compromise can occur on different levels: Fortgale recommends performing proactive threat hunting activities to identify this type of compromise potentially undetected by the systems mentioned above. Choose the solution that best fit your company

Read the analysis

September 20, 2023 ·Emerging Threats

CloudMensis: Spyware hitting MacOS

A new backdoor for MacOS systems has been discovered in recent days by ESET researchers. The goal of the malware is to exfiltrate information from the victim system by exploiting cloud storage services.The Backdoor, named by CloudMensis researchers, recovers information such as documents, email messages and attachments, files on removable devices, screenshots and the sequence … Read more

Read the analysis

July 19, 2021 ·Emerging Threats

The most trending vulnerabilities among Cybercriminals

CVEs most actively exploited by criminal groups: targeting trends, time-to-exploit metrics and prioritisation guidance for vulnerability management programmes.

Read the analysis

July 12, 2021 ·Emerging Threats

REvil Kaseya — sample analysis

Technical analysis of the REvil ransomware sample dropped through the Kaseya VSA supply-chain compromise: code structure, encryption logic, and supply-chain risk lessons.

Read the analysis

June 21, 2021 ·Emerging Threats

BackdoorDiplomacy — threat against Ministries of Foreign Affairs

BackdoorDiplomacy APT activity against diplomatic missions and telecom operators: tooling, infrastructure overlap with known Chinese clusters and victim profiles.

Read the analysis

June 21, 2021 ·Emerging Threats

LokiBot campaign — update of 21 June 2021

LokiBot campaign of 21 June 2021: lure templates, dropper chain, exfiltration channels and IOC indicators across the latest waves.

Read the analysis

June 14, 2021 ·Uncategorized

Malware TrickBot – June 2021

An Italian malspam campaign has been identified with the objective of delivering TrickBot malware via an Excel attachment. The malware has been traced back to the sat1 botnet. TrickBot is a banking trojan developed to steal login credentials for victims’ banking sites through the use of webinjects. Since June 2018, TrickBot has been upgraded with … Read more

Read the analysis

June 14, 2021 ·Emerging Threats

Avaddon shuts down — decryption keys released publicly

Avaddon ransomware operation closure with public release of decryption keys: recovery scope for past victims and post-shutdown affiliate movement signals.

Read the analysis

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie & Privacy