New 0-Day Vulnerabilities Found in Microsoft Exchange
Our team is currently investigating new 0-day vulnerabilities in Microsoft Exchange servers that could lead to Remote Code Execution (RCE) for an authenticated user. Our…
Category: ThreatIntelligence-IncidentResponse
A Sneak Peek at hack_it 2022
We’re super excited to announce that hack_it is back! hack_it teaches hacker tradecraft and helps us defenders see cybersecurity from a different perspective. This year’s…
ConnectWise/R1Soft RCE & Supply Chain Risks
UPDATE 2/27/23: As recently spotted by Fox-IT and subsequently reported in SecurityWeek, a critical vulnerability discovered last year in ConnectWise’s R1Soft Server Backup Manager software…
macOS Support Is Here! | Huntress
As you may have noticed, macOS malware is still very much a thing these days. We covered some of the malware variants that were seen…
Creating macOS Ransomware | Huntress
With the General Availability release of the Huntress macOS agent, we wanted to share some of the Apple-y stuff we’ve been up to behind the…
Do You Have a Security Hygiene Checklist in Place?
As a managed service provider (MSP), you’re the backbone of your customer’s cyber infrastructure. Your team knows what it takes to run operations smoothly: a…
Tradecraft, Shenanigans and Spice: hack_it 2022 Recap
It’s near the end of the year, and that can only mean one thing here at Huntress: it’s hack_it season. Not to brag, but this…
Threat Advisory: Qakbot Activity Is Rising
Qakbot has been spreading like wildfire. Huntress has seen a 400% increase in Qakbot cases in the past two months (several hundred incidents) in comparison…
Incident Response: A Choose Your Own Adventure Exercise
When I was a kid, I loved choose your own adventure books. You made decisions and could become a powerful Sho-Gun warrior—or if you chose…
Meet Andrea Colon, Restoring Peace of Mind in a Paranoid Digital World
In this edition of our “Employee Spotlight” series, I sat down with Andrea Colon, an Account Executive who sees the human side of cyber warfare…
Threat Actors Weaponize Tiflux RMMs in Malspam Attacks
Acknowledgements: Huntress wishes to recognize the contributions of SOC analysts Tanner Filip, Jose Oregon, and Priscilla Ibarra, and Lindsey O’Donnell-Welch for help hunting telemetry for…
Metasploit Wrap-Up 05/15/2026
Weaponizing a text editor for fun and profit Gather round, dear readers, because today, we (by we, we mean @h00die) dropped the ultimate persistence mechanism:…