How My StubHub Account Got Hacked
It was a Tuesday night around 9pm. I check my email on my phone and find a notification from StubHub for a transaction just made…
Category: ThreatIntelligence-IncidentResponse
How do you protect computers from attackers if you’re not
The historical answer to this question has been antivirus and firewalls. However, the last several years have demonstrated hackers can slip past these preventative technologies…
Huntress Wins ConnectWise IT Nation Partner’s Choice Award!
Huntress wins prestigious award at this year’s largest MSP industry conference, ConnectWise IT Nation, for industry-leading Managed Detection & Response service. Today, Huntress Labs announced…
Troubleshooting Procmon & Sysmon v3.32
When it comes to troubleshooting software errors, analyzing malware samples, or discovering security misconfigurations, the Sysinternals Suite can likely solve your problem. For many IT and Security…
MSP Moment: Squashing an MSSQL Attack
It all started when NTConnections was called into an organization who reported a SQL Server failure. Like all jobs, their technicians performed some initial discovery…
Security Awareness Training Will Prevent Ransomware
Unless you have been living under a rock for the past month, it is hard not to notice all of the news about the WannaCry…
Redosdru — Encrypting DLL Payloads to Avoid On-Disk Signatures
Lurking within the C:WindowsSystem32 directory was a binary called “wshom.exe”. By manually inspecting the file’s header within a hex editor, we noticed it had been…
Deep Dive: Squashing an MSSQL Attack
When it comes to a breach, one of the first questions typically asked is “how did the attackers get in?”. Unfortunately, this isn’t always an…
MSP Moment | Huntress
Over the past month, the Emotet family of malware has re-emerged as a formidable piece of crimeware, thanks to its new self-propagation techniques (undoubtedly inspired by the…
Huntress Labs to Host Hands-On “Hacking Windows” Training
As you may recall, IT Nation 2016 ended on a high note for Huntress Labs as we were named the “Best Newcomer” in the Partner…
Deep Dive: Kaseya VSA Mining Payload
Background Information Over the last few weeks, our team uncovered dozens of suspicious Scheduled Tasks used to execute a persistent payload with Local System privileges.…
Potentially Unwanted Programs: It’s Not Always Malware
1. Adware Simply put, adware is the name given to software that delivers distracting or unwanted advertisements to your end users. We rarely consider how…