Researchers at Forescout have identified a new ransomware group, Mora_001, that has been active since January 2022. It has used two Fortinet vulnerabilities to develop and deploy its individual ransomware, ‘SuperBlack’, allegedly based on the leaked LockBit 3.0 ransomware. Mora_001’s use of similar post-exploitation patterns and communication channels to LockBit hints at a potential connection between the two groups.
Phishing Campaign Impersonates Booking.com, Plants Malware
Cybersecurity professionals have raised concerns over a new phishing campaign that imitates Booking.com to plant credential-stealing malware. The threat, first detected in December 2024, targets
