Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams prioritize risk and enhance security outcomes can be misused by threat actors for nefarious purposes.
For example, Rapid7 researchers are aware that the digital forensics and incident response (DFIR) tool Velociraptor has been observed being leveraged by threat actors to execute a ransomware campaign. Rapid7 has implemented detections for this and other Velociraptor-related misuse, and is not impacted by this incident.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hunters International ransomware gang threatens to leak US Marshals data
August 27, 2024
The Hunters International ransomware group is threatening to leak what it claims to be 386 GB of data from the U.S. Marshals Service (USMS), more than a year after the federal law enforcement agency suffered a major ransomware attack. The gang claims the data, comprising more than 327,000 files, includes “Top Secret” documents, gang files, information ...
- Unveiling Mobile App Vulnerabilities: How Popular Apps Leak Sensitive Data
August 27, 2024
In an increasingly digital world, the importance of mobile security cannot be overstated. With millions of apps available on Google’s Play Store and Apple’s App Store, users trust developers to safeguard their personal information. Unfortunately, this trust is often misplaced. A key step in preventing unauthorized access to user data is encryption, especially when it comes ...
- SMS scammers use toll fees as a lure
August 27, 2024
In April 2024, the FBI warned about a new type of smishing scam. Smishing is the term we use for phishing attacks sent via text message. This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees. The scammers send a text claiming that ...
- Cyber attacks on law firms jumped by 77% over the past year
August 27, 2024
The number of successful cyber attacks against UK law firms rose by 77% in the past year to 954, up from 538 the year before, according to a new study of the threat. Chartered accountants Lubbock Fine said that the wave is driven by criminals seeing law firms as prime targets for ransomware attacks or blackmail. This ...
- HZ Rat backdoor for macOS attacks users of China’s DingTalk and WeChat
August 27, 2024
In June 2024, Kaspersky discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples Kaspersky found almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form ...
- Ransomware attacks on schools threaten student data nationwide
August 26, 2024
Imagine a criminal gaining unrestricted access to your child’s most private information — medical records, Social Security numbers and even details about their daily bus ride to school. This alarming scenario is becoming a reality for a growing number of families as sophisticated cybercriminals increasingly target schools across the United States, holding their computer systems ...