Cybercriminals Target Travel Industry with Advanced Phishing Attacks Recent investigations have unveiled a series of sophisticated phishing attacks targeting hotels and travel accommodations, prompting concerns within the industry. Researchers from Norton have indicated that although not all phishing messages can be directly traced back to breaches of internal hotel systems,…
On April 1, 2026, the decentralized exchange Drift, built on the Solana blockchain, was significantly compromised, resulting in an estimated loss of $285 million. The breach was the result of a highly sophisticated attack that allowed unauthorized access to the platform’s administrative powers. According to Drift’s official commentary on the…
A recent active phishing campaign, identified under the codename VENOMOUS#HELPER, has been reported to be targeting various organizations since at least April 2025. This malicious endeavor involves legitimate Remote Monitoring and Management (RMM) software to facilitate sustained remote access to compromised systems. Securonix’s analysis indicates that the campaign has affected…
Malicious Actors Exploit Velociraptor Forensic Tool to Launch Visual Studio Code for C2 Tunneling
Cybersecurity experts have highlighted a recent cyber attack involving the misuse of Velociraptor, an open-source endpoint monitoring and digital forensic tool. This incident showcases the ongoing trend of leveraging legitimate software for nefarious purposes. According to a report from the Sophos Counter Threat Unit Research Team, the attackers employed Velociraptor to download and execute Visual Studio Code, likely aimed at establishing a tunnel to a command-and-control (C2) server they controlled. While the use of legitimate remote monitoring and management (RMM) tools is not new in cyber threats, the adoption of Velociraptor represents a significant shift, allowing attackers to gain a foothold without deploying their own malware. Further investigation into the attack has revealed that the perpetrators exploited Wind…
Attackers Exploit Velociraptor Forensic Tool to Deploy Visual Studio Code for Command-and-Control Tunneling On August 30, 2025, cybersecurity experts unveiled a concerning cyber attack involving the exploitation of Velociraptor, an open-source endpoint monitoring and digital forensic tool. This incident highlights a troubling trend where legitimate software is misused for nefarious…
Malicious Actors Exploit Velociraptor Forensic Tool to Launch Visual Studio Code for C2 Tunneling
Cybersecurity experts have highlighted a recent cyber attack involving the misuse of Velociraptor, an open-source endpoint monitoring and digital forensic tool. This incident showcases the ongoing trend of leveraging legitimate software for nefarious purposes. According to a report from the Sophos Counter Threat Unit Research Team, the attackers employed Velociraptor to download and execute Visual Studio Code, likely aimed at establishing a tunnel to a command-and-control (C2) server they controlled. While the use of legitimate remote monitoring and management (RMM) tools is not new in cyber threats, the adoption of Velociraptor represents a significant shift, allowing attackers to gain a foothold without deploying their own malware. Further investigation into the attack has revealed that the perpetrators exploited Wind…
July 11, 2013
Tensions are rising between Google and Microsoft once again. Recently, Microsoft announced that hackers have been actively taking advantage of a vulnerability disclosed by Google researcher Tavis Ormandy. This flaw, affecting Windows 7 and 8, allows local users to gain escalated privileges, facilitating system compromise.
Microsoft has addressed the vulnerability in its July “Patch Tuesday” updates. However, Ormandy has faced criticism from Microsoft and parts of the security community for publicly revealing the flaw before it was patched—an approach some believe undermines the opportunity for the software developer to respond. Ormandy, in turn, expressed frustrations with Microsoft’s hostile treatment of vulnerability researchers, suggesting that they are often difficult to collaborate with. He advised fellow researchers to consider using pseudonyms when interacting with major tech companies.
Targeted Exploitation of Internet Explorer Vulnerability by Google Researcher On July 11, 2013, a significant vulnerability within Internet Explorer was brought to light by Google researcher Tavis Ormandy, prompting a rapid response from Microsoft. Reports indicate that this specific flaw is being actively exploited by cybercriminals in targeted attacks against…
July 11, 2013
Tensions are rising between Google and Microsoft once again. Recently, Microsoft announced that hackers have been actively taking advantage of a vulnerability disclosed by Google researcher Tavis Ormandy. This flaw, affecting Windows 7 and 8, allows local users to gain escalated privileges, facilitating system compromise.
Microsoft has addressed the vulnerability in its July “Patch Tuesday” updates. However, Ormandy has faced criticism from Microsoft and parts of the security community for publicly revealing the flaw before it was patched—an approach some believe undermines the opportunity for the software developer to respond. Ormandy, in turn, expressed frustrations with Microsoft’s hostile treatment of vulnerability researchers, suggesting that they are often difficult to collaborate with. He advised fellow researchers to consider using pseudonyms when interacting with major tech companies.
Artificial Intelligence & Machine Learning, Data Security, Next-Generation Technologies & Secure Development Former Mandiant Executive Bill Robbins Aims to Advance Browser-Based AI Security Michael Novinson (MichaelNovinson) • February 27, 2026 Bill Robbins, CEO, Menlo Security (Image: Menlo Security) Menlo Security has appointed Bill Robbins, a seasoned leader from Mandiant, as…
Cybersecurity experts have identified a new ransomware strain, named Reynolds, which integrates a novel defense evasion tactic through a built-in Bring Your Own Vulnerable Driver (BYOVD) component. This technique allows the malware to disable security measures and evade detection effectively by exploiting legitimate drivers within its payload. BYOVD is a…
Fraud Management & Cybercrime, Governance & Risk Management, Ransomware VoidCrypt Ransomware Variant Exploits Remote Monitoring Tools, Reports Huntress Greg Sirico • February 13, 2026 Image: Andrey Popov/Shutterstock Recent findings from cybersecurity firm Huntress reveal that employee monitoring software is not only advantageous for management but has also become a valuable…
In its March 2023 Patch Tuesday update, Microsoft disclosed fixes for 80 security vulnerabilities, two of which have been actively exploited in the wild. These vulnerabilities target critical components within the Microsoft ecosystem, with eight categorized as Critical, 71 as Important, and one as Moderate in severity. This update continues…
