Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools
First seen on blog.talosintelligence.com
Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
