Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has been spotted using Velociraptor, an open-source digital forensics and incident response tool, to maintain covert, persistent access on compromised systems while deploying Warlock, LockBit, and Babuk ransomware on VMware ESXi virtual machines and Windows servers. … More →The post Legit tools, illicit uses: Velociraptor, Nezha turned against victims appeared first on Help Net Security.