Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams prioritize risk and enhance security outcomes can be misused by threat actors for nefarious purposes.
For example, Rapid7 researchers are aware that the digital forensics and incident response (DFIR) tool Velociraptor has been observed being leveraged by threat actors to execute a ransomware campaign. Rapid7 has implemented detections for this and other Velociraptor-related misuse, and is not impacted by this incident.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Three underwater data cables providing Internet through Red Sea are cut amid Al Houthi militant attacks
March 4, 2024
An incident in the Red Sea has cut three underwater sea cables providing internet and telecommunications around the world as the waterway remains a target of Yemen’s Houthi militants, officials said on Monday. A statement by Hong Kong-based HGC Global Communications acknowledged the cuts but did not say what caused the lines to be severed. Read more… Source: ...
- South Africa: CIPC cyber attack leaves millions of entities vulnerable across nation
March 4, 2024
Sensitive data of at least three-million entities and individuals who were registered with the Companies and Intellectual Property Commission (CIPC) could have fallen into the wrong hands when the organisation’s database was hacked this week. Addresses, credit card details, ID numbers and names of companies and individuals might be compromised and the CIPC has called on ...
- BiBi attacks Israel: Pro-Hamas hackers use new malware to attack Israeli companies
March 3, 2024
A wave of new cyberattacks from pro-Hamas hackers using the BiBi malware has been identified in Israel in recent days. This involves four new variants of malware that are able to evade antivirus engines, according to the VirusTotal platform. The BiBi malware is a wiper-type malware designed to erase and corrupt data. Unlike other types of ...
- North Carolina: Around £2.1 million has been stolen from the housing agency as the US Secret Service is investigating
March 3, 2024
It is a little-known clothing firm based out of an anonymous residential street in Scotland’s biggest city, with overflowing bags and boxes of rubbish piled up outside its front door. But a Glasgow company is at the centre of a multi-million pound fraud investigation by the US Secret Service into millions of public money that was ...
- 20 million Cutout.Pro AI service users hit by massive data breach
March 2, 2024
AI-powered photo and video editing platform Cutout.Pro has become the latest victim to what has turned out to be a pretty sizeable data breach. Personal information relating to as many as 20 million users, including email addresses, hashed and salted passwords, IP addresses, and names has been exposed, prompting significant privacy and security concerns. Read more… Source: MSN ...
- LockBit cyberattack: Fulton County refuses to pay ransom as deadline passes
March 1, 2024
Fulton County leaders say they have not paid any ransom to the criminal group claiming responsibility for the cyberattack that affected several of the county’s agencies. The group LockBit had set a deadline of 8:49 a.m. on Thursday for Fulton County to pay the ransom or risk having stolen data leaked onto the dark web. This ...