SlashAndGrab: ScreenConnect Post-Exploitation in the Wild (CVE-2024-1709 & CVE-2024-1708) | Huntress

Adversaries have been VERY busy in the wake of the ScreenConnect vulnerabilities (CVE-2024-1709 & CVE-2024-1708).…

Details on Apple’s Shortcuts Vulnerability: A Deep Dive into CVE-2024-23204

CVE-2024-23204 sheds light on the critical importance of continuous security vigilance. Apple's Shortcuts application, designed…

“To live is to fight, to fight is to live! – IBM ODM Remote Code Execution

In previous blogs, we’ve discussed some of the big players in the enterprise software space,…

“To live is to fight, to fight is to live! – IBM ODM Remote Code Execution

In previous blogs, we’ve discussed some of the big players in the enterprise software space,…

“To live is to fight, to fight is to live! – IBM ODM Remote Code Execution

In previous blogs, we’ve discussed some of the big players in the enterprise software space,…

Following MITRE’s footsteps in analyzing malware behavior

The MITRE framework helps all defenders speak the same language regarding attackers' modus operandi. VirusTotal…

Understanding the ConnectWise ScreenConnect CVE-2024-1709 & CVE-2024-1708 | Huntress

This blog discusses the Huntress Team's analysis efforts of the two vulnerabilities and software weaknesses…

Decrypted: HomuWitch Ransomware

HomuWitch is a ransomware strain that initially emerged in July 2023. Unlike the majority of…

Detection Guidance for ConnectWise CWE-288 | Huntress

Stay secure with Huntress! Learn about critical vulnerabilities tied to ConnectWise, including CWE-288 authentication bypass.…

Micropacthes For "OverLog", Remote Denial of Service Vulnerability in Windows Event Log Service (CVE-2022-37981)

 We recently delivered patches for the "LogCrusher" vulnerability that allows an attacker to remotely crash…