How a Pharmacy Cyberattack is a Warning Sign for
Early in 2024, the United States healthcare sector was rocked by a devastating cyberattack on Change Healthcare, a pivotal player in health technology processes nationwide.…
Category: ThreatIntelligence-IncidentResponse
Unmasking an Attack Chain of MuddyWater
Acknowledgments: Special thanks to Tyler Marzen and Anna Pham for their contributions to this investigation and write-up. TL;DR: Huntress has identified and detailed a full…
A Threat Actor Abuses Another Free Trial
TL; DR Huntress discovered a threat actor was exploiting vulnerabilities (like SolarWinds Web Help Desk) and exfiltrating victim data to a free trial instance of…
3-2-1 Backup Rule: What It Is + How To Implement
3-2-1 backup rule definition The 3-2-1 backup rule is a data protection strategy where you keep three copies of your data on two different types…
Elastic Security Labs uncovers BRUSHWORM and BRUSHLOGGER — Elastic Security Labs
Key takeaways A South Asian financial institution was targeted with two custom malware components: a modular backdoor (BRUSHWORM) and a keylogger (BRUSHLOGGER) BRUSHWORM features anti-analysis…
Huntress Expands Into Proactive Security Posture Management
At Huntress, we’ve made our name catching and wrecking the hackers who slip past defenses. Now, we’re making it hard for them to even get…
AI Model Refusal Detection for Prompt Injection, Insider Threats
Tenable One’s new Model Refusal Detection turns an LLM’s refusal to execute a risky or suspicious prompt into a high-fidelity early warning signal. It helps…
Scarlet Goldfinch’s year in ClickFix
Red Canary has just released the 2026 Threat Detection Report, unveiling the top 10 most prevalent threats we detected over last year. Six out of…
Something Phishy in the /tmp Folder
Think your Macs are immune? Think again. In a recent attack observed by the Huntress AI-Centric SOC, one employee fell for what looked like an…
Meet Cody Browning, a Beekeeper in Cybersecurity
At Huntress, we often say we’re a team of “ethical badasses.” But what does that actually mean? It means we don’t just build software; we…
7 Key Manufacturing Cybersecurity Trends for 2026
In manufacturing, a hacked computer is like a wrench in the gears, halting production and losing money—fast. According to our recent cyber threat report, manufacturing…
A _declassified Look Inside the Dark Economy of Cybercrime
The first episode of our “_declassified” series might change the way you think about cybercrime forever…and we hope it does. Because, like special guest Jim…