Oftentimes, a blog is a collaborative effort by many people across different teams at Huntress. Learn more about individual authors here.
You’re the “Why” Behind the Huntress Hub
Phishing in the Fast Lane: The Attacker’s Eye View
Huntress Recognized with 44 New G2 Leader Badges for Summer 2024
When Trust Becomes a Trap: How Huntress Foiled a Medical Software Update Hack
Hackers Are Hiding in Plain Sight: Insights from Our 2024 Cyber Threat Report
Healthcare in the Crosshairs: Insights from Our 2024 Cyber Threat Report
A Surge in Ransomware: Insights from Our 2024 Cyber Threat Report
Will Patients’ Data Ever Be Safe if We Let GPTs Into Healthcare?
Which States Are Most at Risk for Cyberattacks on Government and Infrastructure?
Time Travelers Busted: How to Detect Impossible Travel
Attacking MSSQL Servers, Pt. II
SlashAndGrab: The ConnectWise ScreenConnect Vulnerability Explained
SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708)
Think Your ScreenConnect Server Is Hacked? Here’s What To Look For.
A Catastrophe For Control: Understanding the ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)
Detection Guidance for ConnectWise CVE-2024-1709
Vulnerability Reproduced: Immediately Patch ScreenConnect 23.9.8
Attacking MSSQL Servers
MFT Exploitation and Adversary Operations
Navigating the SMB Threat Landscape: Key Insights from Huntress’ SMB Threat Report
The Evolution of the Huntress Neighborhood Watch Program
Critical Vulnerability: SysAid CVE-2023-47246
Bitter Pill: Third-Party Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack
Confluence to Cerber: Exploitation of CVE-2023-22518 for Ransomware Deployment
Critical Vulnerability: Exploitation of Apache ActiveMQ CVE-2023-46604
Critical Vulnerabilities: WS_FTP Exploitation
Critical Vulnerability: WebP Heap Buffer Overflow (CVE-2023-4863)
Netscaler Exploitation to Social Engineering: Mapping Convergence of Adversary Tradecraft Across Victims
Enhancing Cybersecurity for MSPs in Australia and New Zealand
Threat Hunting and Tactical Malware Analysis
Investigating New INC Ransom Group Activity
How Security-Centric Procedures and Training Helped Huntress Catch a $100,000 BEC Scam
Another PaperCut: CVE-2023-39143 Remote Code Execution
Business Email Compromise via Azure Administrative Privileges
Thwarting Financial Fraud: Shutting Down Hackers in Microsoft 365
One MSP, Three Microsoft 365 Compromises, 72 Hours
Understanding GDAP and Its Operational Impact
Threat Advisory: XMRig Cryptomining By Way Of TeamViewer
Critical Vulnerabilities in PaperCut Print Management Software
Securing Your Business: The Vital Role of Cyber Insurance
OWASSRF Explained: Analyzing the Microsoft Exchange RCE Vulnerability
Clearing the Air: Overblown Claims of Vulnerabilities, Exploits & Severity
Cybersecurity Basics: A Chat With Syncro
Checking the EDR Box: Evolving Endpoint Protection and the Next Iteration of Huntress
Putting the Dee(Dee) in Defense: Huntress Acquires Curricula
Introducing the Huntress Neighborhood Watch Program
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike
Huntress Donates $100,000 to DIVD Bug Bounty Program to Elevate SMB Cybersecurity, Calls on MSP Vendors to Follow Suit