We are no longer battling against the classic Hollywood depiction of cyber criminals. Hackers are now acting at the same maturity level as leading software vendors — using advanced automation tactics to find their next targets, making it easier to deploy and scale their attacks, and innovating faster than ever…

Update 1/26/2020: MITRE assigned CVE-2020–7984 for this vulnerability. Update 12:55pm 1/24/2020: SolarWinds has released two hotfixes for the vulnerabilities! You can find these fixes on their support website. According to the documentation these hotfixes disable N-central’s device auto-import feature temporarily. A future release will re-enable the feature. • 12.1 SP1…

We’ve updated each section with additional information we gained from discussions with Bishop Fox and with the ConnectWise Control team. Additionally ConnectWise released a summary matrix of the analyses and their own response. In computer security, responsible disclosure is a vulnerability disclosure model in which an issue is publicly disclosed…

This week we had the opportunity to help an MSP partner contain and remediate an Emotet/TrickBot infection that impacted a client with 50+ computers and servers. Considering how quickly TrickBot reinfects systems and drops ransomware, this was the perfect opportunity to kick the tires on our new Assisted Remediation beta…

There’s not a day that goes by where I don’t hear cringe-worthy stories of sales tactics peddling FEAR, UNCERTAINTY, and DOUBT (FUD) to close deals. Within the cybersecurity industry, it’s such a common practice you can find numerous pleas to “cut the crap”. See: Forbes, CRN, Help Net Security and…

Periodically, a large scale cybersecurity issue requires “all hands on deck” from the Huntress Team (see WannaCry, Kaseya Cryptominer, GANDGRAB outbreak). The unfolding ASUS Live Update fiasco also happens to be one of those moments. …

I was recently tagged in a Twitter thread about an obscure DOS feature in relation to auto-launching applications (commonly called persistence in offensive cyber security). …

Preventive security products like antivirus have made major strides in their ability to detect malicious behaviors as opposed to weak/static signatures. When implemented properly, these heuristics are capable of discovering even the most cleverly obfuscated routines. But don’t ring the victory bells yet. This cat-and-mouse game is just getting started… …

Every so often, the Huntress ThreatOps Team receives questions from our partners asking for our perspective on IT security and malware related issues. We typically respond with quick/tactical feedback and close the ticket afterwards. However, many of these responses are great lessons to learn from. …