Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams prioritize risk and enhance security outcomes can be misused by threat actors for nefarious purposes.
For example, Rapid7 researchers are aware that the digital forensics and incident response (DFIR) tool Velociraptor has been observed being leveraged by threat actors to execute a ransomware campaign. Rapid7 has implemented detections for this and other Velociraptor-related misuse, and is not impacted by this incident.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Finastra Notifies Customers of Data Breach
February 19, 2025
British financial technology firm Finastra has notified customers impacted by a data breach that occurred over three months ago. Between October 31 and November 8, 2024, an unauthorized third party accessed the company’s secure file transfer platform (SFTP), used to share files with customers. Although the breach was detected on November 7, and the company acknowledged ...
- Spam and phishing in 2024
February 19, 2025
In 2024, cybercriminals targeted travel enthusiasts using fake hotel and airline booking websites. In one simple scheme, a fraudulent site asked users to enter their login credentials to complete their booking — these credentials ended up in criminal hands. Sometimes, the fake login form appeared under multiple brand names at once (for example, both Booking ...
- Multiple Vulnerabilities Discovered in NVIDIA CUDA Toolkit
February 19, 2025
This article reviews nine vulnerabilities Palo Alto researchers recently discovered in two utilities called cuobjdump and nvdisasm, both from NVIDIA’s Compute Unified Device Architecture (CUDA) Toolkit. The researchers have coordinated with NVIDIA, and the company has released an update in February 2025 to address these issues. The vulnerabilities are tracked as the following Common Vulnerabilities and ...
- Philippines reports foreign cyber intrusions targeting intelligence data, but no breaches
February 18, 2025
The Philippines has detected foreign attempts to access intelligence data, but its cyber minister said on Tuesday no breaches have been recorded so far. Attempts to steal data are wide-ranging, said minister for information and communications Ivan Uy. Advanced Persistent Threats or APTs have repeatedly attempted but failed to infiltrate government systems, suggesting the country’s cyber-defences ...
- StaryDobry ruins New Year’s Eve, delivering miner instead of presents
February 18, 2025
On December 31, cybercriminals launched a mass infection campaign, aiming to exploit reduced vigilance and increased torrent traffic during the holiday season. Kaspersky telemetry detected the attack, which lasted for a month and affected individuals and businesses by distributing the XMRig cryptominer. This previously unidentified actor is targeting users worldwide—including in Russia, Brazil, Germany, Belarus and ...
- 50,000 electronic attacks countered daily by UAE Cybersecurity Council
February 17, 2025
Dr. Mohammed Hamad Al Kuwaiti, Chairman of the UAE Cybersecurity Council, stated that the UAE possesses an advanced cybersecurity system capable of predicting and countering most electronic attacks before they occur. He noted that the average daily cyberattacks on key sectors exceeds 50,000, all of which are proactively deterred and mitigated. In statements to the Emirates ...