Phishing Email Examples: 5 Scams You Should Know
Email is a cornerstone of communication today, but it’s also a favorite attack vector of threat actors. Phishing is a deceptively simple but highly effective…
Category: ThreatIntelligence-IncidentResponse
Exposed Passwords on Endpoints Are More Common Than You Think
Passwords are part of life these days. The average person probably has hundreds of them—and they’re all unique, right? RIGHT?! So how are you expected…
The Hackers in the Arena: The Huntress CTF Retrospective
A hacker sits behind a screen and reads the text of a website. It’s the Microsoft 365 login page. The hacker has the username and…
Tradecraft Tuesday Recap: axios npm Supply Chain Compromise
The axios npm supply chain compromise in March came to light as many security incidents do: a post on X in the middle of a…
Attackers Didn’t Wait for AI. They Built Workflows Around It.
The earliest adopter of AI wasn’t your security team. It wasn’t even your vendor. It was the adversary. “Adversarial poetry” is an intriguing phrase making…
Unified EDR + ITDR: Closing the Identity Gap Before Attacks Spread
One incident. No gap. Last week, something happened in a customer environment that neatly captures where identity security is headed. And where it’s been falling…
NIST Scales Back NVD CVE Enrichment: What to Know
NIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates,…
Critical Vuln: Apache ActiveMQ CVE-2023-46604 Exploited
A partner recently deployed Huntress agents on October 30, 2023, after experiencing a “HelloKitty” ransomware attack on October 27. This ransomware attack followed closely with…
Confluence to Cerber: Exploitation of CVE-2023-22518
On October 31, 2023, Atlassian published patches and an advisory for CVE-2023-22518, an improper authorization vulnerability affecting Confluence Data Center and Confluence Server. Later, on…
Bitter Pill | Huntress
In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat…
Critical Vulnerability: SysAid CVE-2023-47246 | Huntress
On November 8, 2023, SysAid published an advisory expressing that their on-premise server software had a previously undisclosed vulnerability and is aware of public in-the-wild…
Key Insights from Huntress’ SMB Threat Report
Small and medium-sized businesses (SMBs) often find themselves in the crosshairs of today’s cybercriminals. While the spotlight often shines on high-profile breaches affecting corporate giants,…