Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.
The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the attackers
Months After Being Notified, a Software Vendor is Still Exposing Confidential and Sealed Court Records
In a special edition of “No need to hack when it’s leaking,” DataBreaches reports on a software vendor that, despite multiple attempts by multiple parties,
