Securing Healthcare: Handling Cyber Threats with Care
In today’s world, IT operations are becoming more and more decentralized. And this shift makes things particularly complicated for those in the healthcare sector, like…
Category: ThreatIntelligence-IncidentResponse
Full Transparency: Controlling Apple’s TCC
Apple’s commitment to user privacy is well known. One of the key components of their privacy controls is the Transparency Consent and Control (TCC) framework.…
Intelligence Insights: April 2026 | Red Canary
Highlights from March Coming in at number 1 on this month’s top 10 most prevalent threat list is activity related to March 2026’s axios npm…
Mitigate RedSun Zero-Day Without A Patch
Key Takeaways RedSun is a critical zero-day vulnerability in Microsoft Defender that allows low-privileged users to gain SYSTEM access No patch is currently available, leaving…
Ransomware Deployment Attempts Via TeamViewer
Huntress SOC analysts recently alerted customers regarding two disparate endpoints identified as being minimally impacted by ransomware; that is, only a limited number of ransomware…
Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting
Key Takeaways We recently discovered an exposed server that was used for multi-victim exploitation, staging, review, and validation. Claude Code and OpenClaw were used as…
RATs! Remote Management Software from the Hacker’s Perspective
If you missed Tradecraft Tuesday on January 9, you missed out on a banger episode! The tl;dr on what we covered is: RMMs and command…
Exploitation of Windows Server Update Services Remote Code
Acknowledgments: Special thanks to Luke Wilkinson, Joshua Kiriakoff, and Jordan Sexton for their contributions to this investigation and writeup. TL;DR: Huntress has observed threat actors…
36 Must-Know Password Statistics for 2026
Password security is the first defense against cyber threats, and with billions of credentials stolen each year, it’s important to practice good password hygiene. If…
Phishing Techniques Spotted: Email Examples & Red Flags
In this article, we break down five real phishing email examples using the latest email phishing techniques, and share the phishing red flags that can…
Attackers Love Your VPN To-Do List
This blog was updated on April 17 to include threat activity we’re observing with Nightmare-Eclipse’s BlueHammer, RedSun, and UnDefend exploitation techniques. One of the many…
Untangling a Linux Incident With an OpenAI Twist
Acknowledgments: Special thanks to Harlan Carvey and Lindsey O’Donnell-Welch for their contributions to this blog and research. Everyone’s talking about AI’s impact on cybersecurity, from…