Published inHuntressI Have a Lot to be Thankful for in 2020Thanksgiving 2015: I was a punk with hacking skills but hardly knew SMB security (let alone MSPs). The MSP community had SMB skills but…Nov 27, 2020Nov 27, 2020
Published inHuntressPhishing, Office 365 and CybercrimeOne of the most common targets of phishing and Business Email Compromise are Microsoft 365 / Office 365 credentials. Although most…Sep 17, 2020Sep 17, 2020
Published inHuntressValidating the SolarWinds N-central “Dumpster Diver” VulnerabilityThanks to the efforts of multiple MSP partners, our team was notified about a zero-day vulnerability posted to PacketStorm for SolarWinds…Jan 24, 2020Jan 24, 2020
Published inHuntressValidating the Bishop Fox Findings in ConnectWise ControlIn computer security, responsible disclosure is a vulnerability disclosure model in which an issue is publicly disclosed only after a…Jan 22, 2020Jan 22, 2020
Published inHuntressAssisted Remediation in ActionThis week we had the opportunity to help an MSP partner contain and remediate an Emotet/TrickBot infection that impacted a client with 50+…Nov 15, 2019Nov 15, 2019
Published inHuntressIncident Education: Sales Ammo for the IT ArsenalThere’s not a day that goes by where I don’t hear cringe-worthy stories of sales tactics peddling FEAR, UNCERTAINTY, and DOUBT (FUD) to…May 16, 2019May 16, 2019
Published inHuntressRapid Response: ASUS Live Update Attack (Operation ShadowHammer)A simple overview on how hackers pushed backdoored updates to over a million ASUS devices running Windows.Mar 26, 2019Mar 26, 2019
Published inHuntressFailing to Revive AUTOEXEC.BAT on Windows 7 & 10I was recently tagged in a Twitter thread about obscure DOS functionality in relation to auto-launching functionality (commonly called…Dec 30, 2018Dec 30, 2018
Published inHuntressAttackers Abuse Trust with IndirectionPreventive security products like antivirus have made major strides in their ability to detect malicious behaviors as opposed to…Aug 16, 2018Aug 16, 2018
Published inHuntressAsk Huntress: Fake .XPS Invoice Leading to PhishingEvery so often, the Huntress ThreatOps Team receives questions from our partners asking for our perspective on IT security and malware…Jul 17, 2018Jul 17, 2018