Deep Analysis of New Poison Ivy Variant

August 23, 2017

Recently, the FortiGuard Labs research team observed that a new variant of Poison Ivy was being spread through a compromised PowerPoint file. We captured a PowerPoint file named Payment_Advice.ppsx, which is in OOXML format. Once the victim opens this file using the MS PowerPoint program, the malicious code contained in the file is executed. It downloads the Poison Ivy malware onto the victim’s computer and then launches it. In this blog, I’ll show the details of how this happens, what techniques are used by this malware, as well as...

Read more...

Previous Article
What Does a Ransomware Attack in Healthcare Really Cost?
What Does a Ransomware Attack in Healthcare Really Cost?

Ransomware attacks are becoming more prolific in the healthcare sector to great cost. Learn how much ransom...

Next Article
We Have Seen the Enemy, and It Is Us
We Have Seen the Enemy, and It Is Us

Fortinet just released its Global Threat Landscape Report for Q2. Much of the data it provides is just what...