PureLogs: Delivery via PawsRunner Steganography | FortiGuard Labs

Fortinet is a global security provider, providing security services for more than 1.5 million customers across the globe, including the world's largest network, and a report on the global threat landscape.

Pulse ID: 6a0a9b64431abfcd7fccd5a1
Pulse Link: https://otx.alienvault.com/pulse/6a0a9b64431abfcd7fccd5a1
Pulse Author: Tr1sa111
Created: 2026-05-18 04:53:56

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AWS #CyberSecurity #FortiGuard #FortiGuardLabs #InfoSec #OTX #OpenThreatExchange #Steganography #bot #Tr1sa111

The categorization of the Fortinet web filter is hilarious. I got a report that a certain website is incorrectly blocked by our firewall. After looking into it, the specific website belongs to a large organization.

Different organizational levels of this large organization are categorized as:

• Political organization (federal level)
• General organization (state level)
• Advocacy organization (local level), giving it an R age rating (18+)

The “correct” classification should be either general organization or simply “business”.

This is wrong on many levels. Why are advocacy groups blocked by default? Why do they have an R rating (because politics is only for adults? But then why only advocacy groups and not political organizations?).

#fortinet #fortigate #fortiguard

I have updated my blog to different yet suitable theme. Everything is good but this one anomaly. When I open one menu from the blog, the browser will redirect the tab to http (and cause fortiguard alert). Changing the http to https manually from the browser fix the problem. What is the problem? my server running nginx and inside the config, there is a directive to redirect http to https (normal configuration)

note: when using freebsd (current laptop), error/block never occurred

#fortiguard #web #hugo