-
Security researchers at Cisco Talos have confirmed that ransomware operators are actively exploiting Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in their attacks. This marks the first definitive link between a legitimate security tool and a ransomware incident. The campaign, which deployed three separate ransomware strains, is attributed with moderate confidence to […] The post Hackers Exploit DFIR Tool ‘Velociraptor’ in Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco Talos has confirmed that ransomware operators are now leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool, to gain stealthy, persistent access and deploy multiple ransomware variants against enterprise envi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In 2025, the notorious Chaos ransomware has undergone a dramatic transformation, emerging with a sophisticated C++ variant that represents the most dangerous iteration to date. This marks the first time Chaos has departed from its traditional .NET foun…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The notorious Cl0p ransomware group has been actively exploiting a critical zero-day vulnerability in Oracle’s E-Business Suite (EBS), targeting enterprise customers through CVE-2025-61882. This sophisticated attack campaign has prompte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Targeting Windows systems, Yurei employs advanced file encryption and stealth techniques to maximize impact and minimize detection. Encrypted files are appended with the extension .Yurei, and victims receive a ransom note named _README_Yurei.txt with T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Modern ransomware operations have evolved far beyond simple opportunistic attacks into sophisticated, multi-stage campaigns that exploit legitimate Remote Access Tools (RATs) to maintain stealth and persistence while systematically dismantling organiza…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security teams face a rapidly evolving campaign that abuses compromised SonicWall SSL VPN credentials to deliver Akira ransomware in under four hours—dwell times among the shortest ever recorded for this type of threat. Within minutes of successful aut…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Trend Micro have discovered a new and dangerous variant of LockBit ransomware that targets Windows, Linux, and VMware ESXi systems, utilizing advanced obfuscation techniques and sophisticated cross-platform capabilities. Ad…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a new Ransomware-as-a-Service (RaaS) strain named BQTLOCK that is actively targeting Windows users through Telegram channels and dark web forums. Since mid-July, affiliates of the service have been distributing a ZIP…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Volvo Group has disclosed that a recent ransomware attack on its human resources software provider, Miljödata, may have resulted in unauthorized access to personal information belonging to its North American workforce. The incident underscore…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
