Open-source technologies and communities are a big part of the Rapid7 ethos, and that’s not by chance – it’s by design. Rapid7 believe that their Metasploit, AttackerKB, and Velociraptor initiatives help create a strong threat intelligence foundation as well as a secure digital future for all. Unfortunately, the same open-source tools that help security teams prioritize risk and enhance security outcomes can be misused by threat actors for nefarious purposes.
For example, Rapid7 researchers are aware that the digital forensics and incident response (DFIR) tool Velociraptor has been observed being leveraged by threat actors to execute a ransomware campaign. Rapid7 has implemented detections for this and other Velociraptor-related misuse, and is not impacted by this incident.
Read more…
Source: Rapid7
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Large Organizations Face Up to Several Million Targeted Bot Attacks per Day
December 12, 2018
According to an Osterman Research report, 211 large organizations with a mean of 16,822 employees have reported that during most weeks they experienced an average of 3,700 bot attacks targeting Internet exposed web apps. Bot attacks (also known as botnet attacks) make use of large numbers of connected computers to try and take down entire networks, websites, ...
- Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure
December 11, 2018
Nation-state conflict has come to dominate many of the policy discussions and much of the strategic thinking about cybersecurity. When events of geopolitical significance hit the papers, researchers look for parallel signs of sub rosa cyber activity carried out by state-sponsored threat actors—espionage, sabotage, coercion, information operations—to complete the picture. After all, behind every story may lurk ...
- DarkVishnya: Banks attacked through direct connection to local network
December 6, 2018
While novice attackers, imitating the protagonists of the U.S. drama Mr. Robot, leave USB flash drives lying around parking lots in the hope that an employee from the target company picks one up and plugs it in at the workplace, more experienced cybercriminals prefer not to rely on chance. In 2017-2018, Kaspersky Lab specialists were invited to research ...
- IoT Botnets Behind 78% of Malware Network Events in 2018 According to Report
December 6, 2018
Internet of things (IoT) botnet activity during 2018 was behind roughly 78% of all network malware events detected by the NetGuard Endpoint Security solution deployed on more than 150 million devices according to a report by the Nokia Threat Intelligence Lab. The Nokia Threat Intelligence Report 2019 report was also performed using multiple malware sandboxes and honeypots, on both ...
- ESET discovers 21 new Linux malware families
December 6, 2018
Although Linux is a much more secure operating system compared to the more widely used Windows, it is not impervious to misconfigurations and malware infections. Over the past decade, the number of malware families targeting Linux has grown, but the total number of threats is still orders of magnitude under the malware numbers reported attacking Windows systems. This smaller ...
- Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency
November 27, 2018
A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, built to simplify working with Node.js streaming modules and it is available through the npmjs.com repository. Although the malicious code was discovered last week, researchers were able to determine ...