Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

Velociraptor is a legitimate software tool used by network defenders for threat hunting and incident response. It uses agents ...
CSO Online

Open-source DFIR Velociraptor was abused in expanding ransomware efforts

China-based threat actors abused outdated Velociraptor to maintain persistence and help deploy Warlock, LockBit, and Babuk ...

Starburst aims AI-ready data platform at the ‘agentic workforce’

The model-to-data framework allows AI models to access governed data across on-premises or cloud environments without ...
The Hacker News

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

The access afforded by the ANTSWORD web shell is then used to run the "whoami" command to determine the privileges of the web ...
CSO Online

Open-source monitor turns into an off-the-shelf attack beacon

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia.
Infosecurity Magazine

Nezha Tool Used in New Cyber Campaign Targeting Web Applications

A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT ...