❌

Reading view

Nightmare-Eclipse Tooling Seen in Real-World Intrusion

Huntress observed in-the-wild use of Nightmare-Eclipse tooling, including BlueHammer, RedSun, and UnDefend, in a live intrusion involving FortiGate VPN compromise as the initial access, reconnaissance commands, and likely tunneling activity.

  •  

Untangling a Linux Incident With an OpenAI Twist

A Linux user recently tried to respond to potentially malicious behavior on their machine using OpenAI’s Codex coding agent, before installing the Huntress agent. What ensued shows the unexpected impacts of this AI use case on DFIR investigations.

  •  

Attackers Love Your VPN To-Do List

VPN misconfiguration is behind 70% of intrusions. See real Huntress SOC incidents and learn the simple steps to close your biggest open door before attackers walk through it.

  •  

The Three-Finger Test

See why the viral "three-finger test" is almost outdated, and how to build resilient security processes that protect your organization from identity-based attacks and social engineering, no matter how advanced the AI gets.

  •  

That β€œFriendly” Prompt is ClickFix

That "friendly" prompt is a ClickFix scam. Learn about this advanced social engineering tactic that tricks users into running malicious code on their own systems, and why security resilience is your winning bet.

  •  
❌