A fresh ransomware gang is following a familiar playbook. Mora_001 is exploiting Fortinet vulnerabilities to deploy SuperBlack ransomware, with tactics hinting at LockBit ties. The new OBSCURE#BAT campaign is using social engineering to deliver the r77 rootkit, hitting victims across nations. In another vein, February saw a massive spike in ransomware attacks, with a record number of victims, making it the most devastating month in ransomware history. Here are the top 10 highlights from the past 24 hours.
01
A new ransomware group, Mora_001, has been discovered exploiting two Fortinet vulnerabilities to gain access and deploy a new ransomware called SuperBlack, with suspected links to the LockBit group.
02
A new malware campaign, OBSCURE#BAT, has been using social engineering tactics to deliver the r77 rootkit, primarily targeting the U.S., Canada, Germany, and the U.K.
03
An ongoing phishing campaign impersonates Booking[.]com and uses ClickFix social engineering attacks to infect hospitality workers with various types of malware, including info-stealers and RATs.
04
GitLab has released security updates to address nine vulnerabilities in its Community Edition and Enterprise Edition, with two of them being critical authentication bypass issues in the ruby-saml library.
05
Fraudsters are impersonating the Clop ransomware gang to extort businesses, exploiting vulnerabilities in managed file transfer software and claiming to have exfiltrated sensitive data.
06
February saw a record-breaking 126% increase in ransomware victims compared to the same month the previous year, with 962 victims claimed, marking it as the worst month in ransomware history.
07
Cisco Talos discovered a Miniaudio out-of-bounds write vulnerability and three Adobe vulnerabilities, all of which have been patched by their respective vendors.
08
Australia, the U.K, and the U.S. have jointly imposed sanctions on Zservers, a Russian bulletproof hosting provider, and several associated individuals for facilitating cybercrime activities, including ransomware attacks.
09
The Danish cybersecurity agency has issued a threat assessment, warning of a rise in state-sponsored cyber espionage activities targeting the telecommunications sector in Europe.
10
Cybercriminals are exploiting the Ramadan period to launch targeted crypto scams, using social engineering and trust to deceive victims into transferring their digital assets.
