Dispelling Ransomware Deployment Myths | Huntress
When a ransomware attack occurs, the focus is most often on the encryption of files. Initial access is often glossed over or simply assumed. In…
Category: ThreatIntelligence-IncidentResponse
The RSAC 2026 Conference talks worth catching
Another year and yet another RSAC Conference looms. While there are a few invite-only events on Sunday, this year’s conference starts in earnest on Monday,…
Secure AI Models and Endpoints with Inventory-First AI Security | Qualys TotalAI
Key Takeaways AI security demands a paradigm shift, treating models, endpoints, and integrations as dynamic attack surfaces requiring continuous governance. Inventory-driven visibility is foundational to…
Dealing with Imperfect Telemetry: Techniques for Effective Incident Response
We’ve all seen threat reports and intrusion write-ups that look deeply polished, with a cohesive timeline that highlights incredible telemetry and analysis skills. Cool diagrams…
Looking Through a Pinhole at a Qilin Ransomware Attack
A big part of a security analyst’s everyday role is figuring out what actually happened during an incident. We can do that by piecing together…
Huntress and DEFCERT Are Streamlining CMMC Assessment Prep
What we built Our team at DEFCERT collaborated with the team at Huntress to build resources that partners and “Organizations Seeking Assessment” (OSAs) can use…
Deobfuscating Files for Flags: Huntress CTF 2025 Retro
Imagine this: you’re a hacker, and you’re working through an executable file made up of a compiled AutoIT script. You’ve decompiled the script (thanks to…
MFA for Business: Benefits, Methods & Why It Still Matters
When it comes to cybersecurity, there will never be a silver bullet, but multi-factor authentication (MFA) might be one of the closest contenders for that…
Threats Plague Educational Organizations | Huntress
As a managed endpoint detection and response (EDR) company, we see attacks hitting all kinds of sectors. But cyberattacks hitting the education sector can be…
Huntress Lands on the Microsoft Marketplace
Big news! Huntress products are now available on the Microsoft Marketplace. Whether you’re looking to level up endpoint security, increase identity resilience, or just simplify how…
Huntress Acquires Inside Agent | Huntress
Identity-based cyberattacks are becoming more pervasive, leaving businesses grappling with increasingly sophisticated threats. With 40% of security incidents now connected to identity vulnerabilities, organizations are…
Velociraptor WSUS Exploitation, Pt. I: WSUS-Up?
Acknowledgments: Special thanks to Ben Folland for his contributions to this investigation and writeup. In November, Huntress analysts detected an incident where threat actors likely…