3 Hot Takes and Tips for Cybersecurity Awareness Month 2023
Happy National Cybersecurity Awareness Month! In an era where it feels like threats are coming at us from all angles, it’s more crucial than ever…
Category: ThreatIntelligence-IncidentResponse
Why Are You Still Paying for Antivirus?
Don’t worry, this isn’t one of those “AV is dead” articles. I read that headline almost ten years ago—I didn’t believe it then, and I…
Huntress Managed ITDR (formerly MDR for Microsoft 365)
Since our inception, Huntress has had a guiding principle to protect the 99%. This ethos has led us to create products, features, and functionality that…
Phishing Email Examples: 5 Scams You Should Know
Email is a cornerstone of communication today, but it’s also a favorite attack vector of threat actors. Phishing is a deceptively simple but highly effective…
Exposed Passwords on Endpoints Are More Common Than You Think
Passwords are part of life these days. The average person probably has hundreds of them—and they’re all unique, right? RIGHT?! So how are you expected…
The Hackers in the Arena: The Huntress CTF Retrospective
A hacker sits behind a screen and reads the text of a website. It’s the Microsoft 365 login page. The hacker has the username and…
Tradecraft Tuesday Recap: axios npm Supply Chain Compromise
The axios npm supply chain compromise in March came to light as many security incidents do: a post on X in the middle of a…
Attackers Didn’t Wait for AI. They Built Workflows Around It.
The earliest adopter of AI wasn’t your security team. It wasn’t even your vendor. It was the adversary. “Adversarial poetry” is an intriguing phrase making…
Unified EDR + ITDR: Closing the Identity Gap Before Attacks Spread
One incident. No gap. Last week, something happened in a customer environment that neatly captures where identity security is headed. And where it’s been falling…
NIST Scales Back NVD CVE Enrichment: What to Know
NIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates,…
Critical Vuln: Apache ActiveMQ CVE-2023-46604 Exploited
A partner recently deployed Huntress agents on October 30, 2023, after experiencing a “HelloKitty” ransomware attack on October 27. This ransomware attack followed closely with…
Confluence to Cerber: Exploitation of CVE-2023-22518
On October 31, 2023, Atlassian published patches and an advisory for CVE-2023-22518, an improper authorization vulnerability affecting Confluence Data Center and Confluence Server. Later, on…