Velociraptor incident response tool abused for remote access
This approach represents an evolution from threat actors abusing remote monitoring and management tools
Similar Posts
ShinyHunters sent Google an extortion demand; Shiny comments on current activities
Bys sYesterday morning, DataBreaches woke up to a message on Telegram: Even the NSA can’t stop or identify us anymore. The FBI and everyone else is irrelevant and incompetent as far as we’re concerned :). When DataBreaches asked ShinyHunters if anything in particular had inspired that statement, “Shiny1” responded: I heard the NSA is investigating and…
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
Bys sMicrosoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. “Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,” the Microsoft Threat Intelligence team said in a post shared…
When ransomware listings create confusion as to who the victim was
Bys sWhen a ransomware gang names one target but links to another target or posts a description of a different target, journalists and researchers may understandably be left wondering who was attacked. If the threat actors have posted proof of claims, it may be possible to figure out who the target was, but with no proof…
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Bys sCybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
Bys sCyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea’s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware…
Ohio law to require local governments to formally approve ransomware payments
Bys sCleveland.com reports: In response to Cleveland and other local governments around Ohio being targeted with cyberattacks and ransomware threats, the state of Ohio will soon require all counties, cities, townships, school districts, libraries, and other local governments to have a cybersecurity policy that adheres to certain standards, as well as only allow locals to approve…