Recent intelligence from Forescout Research indicates that a new ransomware gang known as SuperBlack, potentially linked to members of the LockBit operation, is actively exploiting two vulnerabilities in Fortinet's firewall appliances. This gang, associated with a threat actor named Mora_001, is leveraging specific authentication bypass flaws to gain administrative rights, facilitating their lateral movement within victim networks. The complexity of contemporary ransomware operations is highlighted, with specialized teams collaborating and utilizing overlapping techniques, evident in their exhibitions of familiar post-exploitation behaviors akin to LockBit’s strategy.
An emergent ransomware gang linked to the notorious LockBit operation is exploiting vulnerabilities in Fortinet appliances, showcasing the evolving ransomware landscape.
The attacker's methods, emphasizing collaborative efforts within ransomware ecosystems, illustrate the complex nature of modern cyber threats with their efficient exploitation of vulnerabilities.
Collection
[
|
...
]