Bitter Pill | Huntress
In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat…
Category: ThreatIntelligence-IncidentResponse
Critical Vulnerability: SysAid CVE-2023-47246 | Huntress
On November 8, 2023, SysAid published an advisory expressing that their on-premise server software had a previously undisclosed vulnerability and is aware of public in-the-wild…
Key Insights from Huntress’ SMB Threat Report
Small and medium-sized businesses (SMBs) often find themselves in the crosshairs of today’s cybercriminals. While the spotlight often shines on high-profile breaches affecting corporate giants,…
Can’t Touch This: Data Exfiltration via Finger
During the various phases of an attack, it’s not uncommon for threat actors to use “living off the land” binaries (LOLBins) or scripts and libraries…
MFT Exploitation and Adversary Operations
Threat actors of varying types continue to target managed file transfer (MFT) applications for exploitation. The latest concerning MFT vulnerability was identified by Converge Technology…
macOS Terms and Trends You Should Know About
In a recent episode of Tradecraft Tuesday, I was joined by Patrick Wardle, Founder of Objective-See Foundation, to talk all about how macOS malware is…
CIS Controls Security Awareness Training
CIS Controls Security Awareness Training The CIS Controls require organizations to implement a security awareness training program as part of Control 14. Huntress’ fun security…
Huntress MDR for Microsoft 365 Update
Over the last year, we’ve worked our asses off to prepare for an inbound tidal wave of identity-focused tradecraft. Considering our partners’ significant investments in…
Exploring the Value of Indicators In Small Business Defense
In the realm of cyber threat intelligence (CTI), technical indicators, commonly known as “indicators of compromise” (IOCs), play a pivotal role. Indicators feature prominently in…
Orienting Intelligence Requirements to the Small Business Space
The discipline of intelligence, particularly in the context of cyber operations, features a number of formal concepts and processes that may appear distracting or irrelevant…
Teach Yourself to Phish | Huntress
Security awareness training is easy to think about as a passive item. You go buy a training platform or SCORM files for your LMS, assign…
Effortless Phishing Simulations Now Part of Huntress
We’re thrilled to unveil the latest addition to Huntress Managed Security Awareness Training: Managed Phishing! Over the past year, we’ve worked tirelessly to shape Huntress…