samedi 11 octobre 2025 à 15:04
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.
The threat actor's use of the security utility was documented by Sophos last month. It's assessed that the attackers
vendredi 10 octobre 2025 à 15:31
A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts.
"Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain access to third-party human resources (HR) software as a service (SaaS) platforms like Workday," the
vendredi 10 octobre 2025 à 13:42
Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that's assessed to have come under active exploitation since at least September 11, 2025.
The company said it began its investigation on September 11 following a "potential vulnerability" reported by a customer, uncovering "potentially suspicious
vendredi 10 octobre 2025 à 13:00
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt.
But not all AI SOC platforms are created equal.
From prompt-dependent copilots to autonomous, multi-agent systems, the current market offers