A new open-source bridge helps customers connect Rapid7 vulnerability data to AI agents, assistants and custom workflows with more flexibility, control, and faster access to…
Acknowledgments: Special thanks to Olly Maxwell, Josh Kiriakoff, Jordan Sexton, Ryan Dowd, Jamie Dumas, Amelia Casley, Austin Worline, and Lindsey O’Donnell-Welch for their contributions to…
Ever since the SQL Slammer worm of 2003, and even before then, MSSQL database servers exposed to the Internet with default configurations have been targeted,…
Identifying the Exploit In November 2023, the Huntress team identified novel indicators of an attack where the threat actor used finger.exe (top portion illustrated in…
In the first eight months of 2023, nearly 71.5M individuals’ health records had been breached. On top of this startling stat, 88% of surveyed healthcare…
Executive Summary In the last 12 months, enterprises deployed millions of patches, yet many organizations remain exposed due to delayed remediation and unpatched third-party software.…
Cybercriminals are some of the hardest working people around. For those of us who aren’t among the criminally inclined, a 40-hour work week is more…
UPDATE: Read our full analysis of CVE-2024-1709 & CVE-2024-1708 and detection guidance here. On February 19, 2024, ConnectWise released an advisory related to the disclosure of…
On February 19, 2024, ConnectWise published a security advisory for ScreenConnect version 23.9.8, referencing two vulnerabilities and software weaknesses. The same day, Huntress researchers worked…
You’ve probably seen it by now, but there was a major ConnectWise ScreenConnect vulnerability (CVE-2024-1708 and CVE-2024-1709) – which we’re calling “SlashAndGrab” – that’s been…
The Attack On February 8, 2024, Huntress published the first Attacking MSSQL Servers blog post. On February 23, a Huntress SOC analyst observed similar activity…
In an era where cyber threats like SocGholish are becoming increasingly sophisticated, understanding and combating these attacks is crucial for digital safety. This post delves…
