Cyber Security Headlines Velociraptor C2 tunnel, Baltimore’s expensive con, ransomware gangs multiply
17 snips
Sep 1, 2025 Discover the latest on cyber threats with a deep dive into the Velociraptor tool's misuse for command and control tunneling. Learn about Baltimore's staggering $1.5 million loss due to social engineering. The podcast also highlights the rise of smaller ransomware gangs as law enforcement tightens its grip. Don't miss discussions on recent cybersecurity updates, including Amazon's success against a Russian cyberattack and improvements in messaging app security.
AI Snips
Chapters
Transcript
Episode notes
Forensics Tools Can Become Attack Vectors
- Threat actors are abusing legitimate forensic tooling like Velociraptor to create C2 tunnels and avoid custom malware deployment.
- This shows incident response tools can become inadvertent footholds when attackers weaponize them.
Baltimore's Costly Vendor Spoofing
- The City of Baltimore was socially engineered into changing a contractor's bank details and lost $1.5 million across two payments.
- Accounts payable lacked protections and only one of the two payments has been recovered so far.
Takedowns Fragment Ransomware Ecosystem
- Takedowns of large ransomware groups mainly removed infrastructure, causing members to splinter into many smaller gangs.
- Researchers link the surge in new gangs to commoditized tooling, domain expertise, and abundant AI lowering barriers to entry.