Huntress for CMMC Compliance | Huntress
TL;DR: Visit huntress.com/cmmc for the latest information on how Huntress helps support our customers and partners on their CMMC journey In our Huntress Hub, you’ll find…
Category: ThreatIntelligence-IncidentResponse
Kawabunga, Dude, You’ve Been Ransomed!
Huntress analysts recently observed an incident where a newer ransomware variant, KawaLocker (also known as KAWA4096) ransomware, was deployed. It’s not unusual for new ransomware…
Exposing Data Exfiltration: Detecting LOLBins, TTPs, and Ransomware Tactics
Huntress frequently sees data staging and exfiltration activity, particularly with ransomware threat actors. These threat actors will collect, stage, and exfiltrate data prior to file…
Cephalus Ransomware: Don’t Lose Your Head
In mid-August, we came across a ransomware variant called Cephalus in two separate incidents. Recently, we’ve seen a slew of newer ransomware families (like Crux…
Join Huntress’ John Hammond & Dave Kleinatland on a Journey of the Dark Web
Welcome to the dark web. Maybe you’re a threat actor looking to cash in on the latest data swiped in a breach. Maybe you’re a…
From a Fake AnyDesk Installer to MetaStealer
ClickFix attacks have been ticking up for over a year now, as attackers find success in tricking users into executing malicious code on their computers…
Debunking Microsoft 365 & Identity Myths
When it comes to identity security in Microsoft 365, the forecast is often cloudy, especially when some vendors lean into half-truths or conveniently cropped facts…
Obscura, an Obscure New Ransomware Variant
On 29 August 2025, Huntress analysts encountered a previously unseen ransomware variant called “Obscura.” This name was taken from the ransom note (README_Obscura.txt), which also…
What Is Multi-Factor Authentication (MFA)?
Many common passwords can take a threat actor only minutes or even seconds to hack. That’s why having multiple layers of protection, including a strong…
What Is Multi-Factor Authentication (MFA)?
Many common passwords can take a threat actor only minutes or even seconds to hack. That’s why having multiple layers of protection, including a strong…
What Is Single Sign-On? The Practical Guide
Quick answer: Single sign-on, or SSO, is a user authentication method that lets an individual sign in to a single account and get access across…
An Attacker’s Blunder Gave Us a Look Into Their Operations
Figure 8: Threat actor starts to rely on automated workflows The threat actor also appeared to be interested in other AI tools to help with…