Ransomware Attacks Involve Exploitation of DFIR Tool Velociraptor by Threat Actors
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in sophisticated cyberattacks.
The security...
Chaos Ransomware Evolves to Become Faster, Smarter and More Dangerous
Chaos ransomware has undergone a significant transformation in 2025, marking its first departure from .NET programming with the introduction of Chaos-C++, a sophisticated variant that...
Yurei Ransomware Exploits SMB Shares and Removable Drives to Encrypt Files
CYFIRMA has observed a new ransomware strain, Yurei, emerging in early September 2025 that targets Windows environments with highly sophisticated encryption and anti-forensic techniques.
Written...
Ransomware Gangs Exploit Remote Access Tools for Persistence and Defense Evasion
Ransomware operators have increasingly turned to legitimate Remote Access Tools (RATs) like AnyDesk, UltraViewer, RustDesk, and Splashtop to establish stealthy footholds and evade detection....
GoAnywhere 0-Day RCE Exploited in the Wild to Deploy Medusa Ransomware
A critical zero-day vulnerability in GoAnywhere Managed File Transfer’s (MFT) License Servlet is being actively exploited by threat actors to deploy Medusa ransomware.
Fortra...
