Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams prioritize risk and enhance security outcomes can be misused by threat actors for nefarious purposes.
For example, Rapid7 researchers are aware that the digital forensics and incident response (DFIR) tool Velociraptor has been observed being leveraged by threat actors to execute a ransomware campaign. Rapid7 has implemented detections for this and other Velociraptor-related misuse, and is not impacted by this incident.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DarkGate Opens Organizations for Attack via Skype, Teams
October 17, 2023
From July to September, Trend Micro observed the DarkGate campaign (detected by Trend Micro as TrojanSpy.AutoIt.DARKGATE.AA) abusing instant messaging platforms to deliver a VBA loader script to victims. This script downloaded and executed a second-stage payload consisting of a AutoIT scripting containing the DarkGate malware code. It’s unclear how the originating accounts of the instant messaging ...
- Analyzing cyber activity surrounding the conflict in the Middle East
October 17, 2023
In light of the ongoing escalation in the Middle East, Group-IB’s Threat Intelligence unit has been monitoring the activity of different threat actors involved in the conflict in cyber space. As they noted in the Hi-Tech Crime Trends 2022/2023 report, any rise in political tensions or the outbreak of hostilities is almost always accompanied by ...
- Hackers trying to corrupt AI, raising level of ransomware threat
October 17, 2023
Cyber criminals are actively trying to corrupt generative artificial intelligence (AI), which may then put the ability to create ransomware in the hands of individuals. The looming threat is what keeps Mr Willis Lim, the director of the National Cyber Threat Analysis Centre at the Cyber Security Agency of Singapore (CSA), up at night. Generative ...
- Over 70pc of Irish businesses suffered cyber attack in the past 12 months – report
October 17, 2023
Over 70pc of Irish businesses have suffered a cyber attack over the past year, a new report from insurer Hiscox has revealed. Around 71pc of the 200 Irish businesses surveyed experienced a cyber attack in the past 12 months, up 22pc from the same period last year. Ireland also had the highest median average number ...
- Kaspersky uncovers APT campaign targeting APAC government entities
October 17, 2023
Kaspersky researchers have discovered a persistent campaign compromising a specific type of secure USB drive used to provide encryption for safe data storage. Dubbed “TetrisPhantom,” this espionage effort targets government entities in the Asia-Pacific region (APAC), and shows no discernible overlap with any known threat actor. These and other findings are detailed in Kaspersky’s new ...
- Urgent global response needed for “insidious” cybercrime – Interpol
October 16, 2023
SINGAPORE – New types of cybercrime are emerging all the time. Manipulative and well-organized cybercriminals are exploiting digital technologies to tailor their attacks and target weaknesses in online systems, networks and infrastructures. The complex and borderless nature of cybercrime is compounded by the involvement of transnational organized crime groups, underlining the need to mount an ...