The Dangers of Storing Unencrypted Passwords
This is an offshoot of our other blog, “Huntress Threat Advisory: Active Exploitation of SonicWall VPNs,” which allowed initial access and was followed by the…
Category: ThreatIntelligence-IncidentResponse
How Malicious Hackers Try to Infiltrate Your IT Team
In the ever-evolving landscape of cyber threats, a new and insidious danger is emerging, shifting focus from external attacks to internal infiltration. While our last…
What Is Managed EDR? | Huntress
A recent blog post that we wrote sparked some conversation in the infosec community about how endpoint detection and response (EDR) products work, how investigations…
What’s the Average Cost of a Data Breach in 2025?
(Doctor Evil voice:) One million dollars. It’s actually multiple millions when it comes to the average cost of a data breach, including both direct and…
SAT effectiveness: Are security awareness training programs reducing human risk?
IT and security teams are increasingly spending more on security awareness training (SAT). But is this investment improving SAT effectiveness? Our latest research report, Mind…
Don’t Sweat the ClickFix Techniques: Variants & Detection Evolution
Executive summary Since the inception of ClickFix last year, this malicious copy-and-paste technique has become an initial access vector of choice for threat actors looking…
Be Offensive: A bold take on Cybersecurity Awareness Month.
Happy Cybersecurity Awareness Month to all who observe. There have now been 21 years of this momentous occasion. Twenty-one years! Old enough to buy…
Top Cyber Threat Trends of 2025 from Deepfakes, ClickFix, and ViewState Exploits
Cloudflare Turnstile challenges leading to MetaStealer. Deepfake meetings impersonating company executives, which trick employees into downloading malicious extensions. Exposed ASP.NET machine keys that open the…
Build a Stronger Security Awareness Program with Huntress
One of the most effective ways to stop a cyberattack is to implement a security awareness training program. Every employee, from the C-suite to the…
Ditch Lame Cybersecurity Tips: These Best Practices Actually Work
For years, we’ve heard the same advice on how to unlock higher levels of cybersecurity greatness. We’re here to tell you that these well-meaning cybersecurity…
How to Offend Your IT Team: Cybersecurity Tips
Cybersecurity Awareness Month is here, and it’s an ideal time to reflect on whether your silly security mishaps have earned your photo a place on…
How to Offend Your IT Team: Cybersecurity Tips
Cybersecurity Awareness Month is here, and it’s an ideal time to reflect on whether your silly security mishaps have earned your photo a place on…