Huntress

Cleo patches zero-day exploited by ransomware gang

Cleo, enterprise, file-sharing, Huntress, News, Ransomware, Rapid7, Sophos /

Cleo patches zero-day exploited by ransomware gang 2024-12-12 at 18:34 By Zeljka Zorz Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. Version 5.8.0.24 of the three products, which was pushed out on Wednesday, plugs the […]

React to this headline:

Loading spinner

Cleo patches zero-day exploited by ransomware gang Read More »

Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623)

Cleo, CVE, Don't miss, file-sharing, Hot stuff, Huntress, News, vulnerability /

Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623) 2024-12-10 at 15:35 By Zeljka Zorz Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday. “We’ve discovered at least 10 businesses whose Cleo servers were

React to this headline:

Loading spinner

Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623) Read More »

Infosec products of the month: September 2024

Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, Netgear, News, Nudge Security, Prompt Security, Rapid7, Revenera, Skyhigh Security, Strivacity, Tenable, Trellix, Vanta, Veritas Technologies, Wing Security /

Infosec products of the month: September 2024 2024-10-01 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, NETGEAR, Nudge Security, Prompt Security, Rapid7, Revenera, Skyhigh Security, Strivacity, Tenable, Trellix,

React to this headline:

Loading spinner

Infosec products of the month: September 2024 Read More »

Hackers breaching construction firms via specialized accounting software

brute-force, credentials, Don't miss, enterprise, Hot stuff, Huntress, News, privileged accounts, SMBs /

Hackers breaching construction firms via specialized accounting software 2024-09-18 at 17:16 By Zeljka Zorz Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. “We’re seeing active intrusions among plumbing, HVAC, concrete, and similar sub-industries,” they noted. A way into corporate networks Ohio-based Foundation

React to this headline:

Loading spinner

Hackers breaching construction firms via specialized accounting software Read More »

New infosec products of the week: September 13, 2024

Druva, Huntress, Ketch, LOKKER, News, Tenable, Trellix, Wing Security /

New infosec products of the week: September 13, 2024 2024-09-13 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Druva, Huntress, Ketch, LOKKER, Tenable, Trellix, and Wing Security. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins Tenable AI Aware

React to this headline:

Loading spinner

New infosec products of the week: September 13, 2024 Read More »

Huntress launches Managed SIEM, eliminating the complexity of traditional SIEMs

Huntress, Industry news /

Huntress launches Managed SIEM, eliminating the complexity of traditional SIEMs 2024-09-10 at 09:31 By Industry News Huntress announces the arrival of its new Managed SIEM solution, designed to serve small—to mid-sized enterprises and their MSP allies with everything a Security Information and Event Management (SIEM) should provide and none of what makes traditional SIEMs ineffective

React to this headline:

Loading spinner

Huntress launches Managed SIEM, eliminating the complexity of traditional SIEMs Read More »

Breaking down the numbers: Q2 2024 cybersecurity funding activity recap

Alethea, BforeAI, Dropzone AI, Entro, Huntress, HYPR, investment, Island, LayerX, Nagomi Security, News, PVML, Semperis, Simbian, SOCRadar, StepSecurity, StrikeReady, Sublime Security, Traceable AI, Transcend, XONA Systems, YesWeHack /

Breaking down the numbers: Q2 2024 cybersecurity funding activity recap 2024-06-25 at 06:01 By Help Net Security We present a list of selected cybersecurity companies that received funding during the second quarter of 2024 (Q2 2024). Alethea April | $20 million Alethea closed a $20 million Series B funding round led by GV, with participation

React to this headline:

Loading spinner

Breaking down the numbers: Q2 2024 cybersecurity funding activity recap Read More »

Huntress adds Active Remediation and macOS coverage to its EDR solution

Huntress, Industry news /

Huntress adds Active Remediation and macOS coverage to its EDR solution 2024-05-24 at 12:01 By Industry News Huntress announced that its Managed Endpoint Detection and Response (EDR) product now includes Active Remediation and macOS coverage. Huntress EDR previously included proactive isolation to stop the spread of threats immediately, click-to-approve remediation, and guided recovery and cleanup.

React to this headline:

Loading spinner

Huntress adds Active Remediation and macOS coverage to its EDR solution Read More »

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, enterprise, exploit, Hot stuff, Huntress, Malware, Mandiant, News, Ransomware, remote access, remote management, Sophos, vulnerability /

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) 2024-02-26 at 13:36 By Zeljka Zorz The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect is a remote desktop solution consisting of server and client

React to this headline:

Loading spinner

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) Read More »

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, exploit, Hot stuff, Huntress, MSP, News, Palo Alto Networks, PoC, remote access, remote management, Shadowserver, vulnerability, WatchTowr /

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) 2024-02-22 at 12:31 By Zeljka Zorz The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newer version of ScreenConnect

React to this headline:

Loading spinner

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) Read More »

Key cybersecurity skills gap statistics you should be aware of

Coursera, cybersecurity, Don't miss, ENISA, ESG, Huntress, ISACA, ISC2, News, Pluralsight, report, skill development, SoftwareONE, survey, Swimlane, ThreatX /

Key cybersecurity skills gap statistics you should be aware of 2024-01-02 at 07:31 By Help Net Security As the sophistication and frequency of cyber threats continue to escalate, the demand for skilled cybersecurity professionals has never been bigger. The skills gap is not merely a statistical discrepancy; it represents a substantial vulnerability in the defense

React to this headline:

Loading spinner

Key cybersecurity skills gap statistics you should be aware of Read More »

SMBs face surge in “malware free” attacks

BEC scams, Don't miss, Hot stuff, Huntress, Malware, News, Ransomware, remote management, SMBs, trends /

SMBs face surge in “malware free” attacks 28/11/2023 at 12:51 By Helga Labus “Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a

React to this headline:

Loading spinner

SMBs face surge in “malware free” attacks Read More »

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

data theft, Don't miss, exploit, extortion, Horizon3.ai, Hot stuff, Huntress, News, PoC, Progress, Rapid7, UK, USA /

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) 13/06/2023 at 14:18 By Zeljka Zorz As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE vulnerability exploited by the Cl0p cyber extortion group to plunder confidential data. CVE-2023-34362 PoC exploit released Horizon3 security

React to this headline:

Loading spinner

PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362) Read More »

It’s time to patch your MOVEit Transfer solution again!

Don't miss, Hot stuff, Huntress, Kroll, Netcraft, News, Progress, SQL injection, vulnerability /

It’s time to patch your MOVEit Transfer solution again! 12/06/2023 at 16:47 By Zeljka Zorz Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations again: With the help of researchers from Huntress, the company has uncovered additional SQL

React to this headline:

Loading spinner

It’s time to patch your MOVEit Transfer solution again! Read More »

Cl0p announces rules for extortion negotiation after MOVEit hack

Censys, Don't miss, extortion, file-sharing, Hot stuff, Huntress, News, Progress, vulnerability /

Cl0p announces rules for extortion negotiation after MOVEit hack 08/06/2023 at 14:03 By Zeljka Zorz The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 to get in contact with them – or they will post their

React to this headline:

Loading spinner

Cl0p announces rules for extortion negotiation after MOVEit hack Read More »

MOVEit Transfer zero-day attacks: The latest info

0-day, attack, data theft, Don't miss, enterprise, file-sharing, Hot stuff, Huntress, News, Progress, Rapid7, TrustedSec, vulnerability /

MOVEit Transfer zero-day attacks: The latest info 02/06/2023 at 12:41 By Zeljka Zorz There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – patches and helpful instructions for customers. The MOVEit Transfer zero-day and updated mitigation and remediation advice Progress Software has updated the

React to this headline:

Loading spinner

MOVEit Transfer zero-day attacks: The latest info Read More »

Scroll to Top