❌

Reading view

Nightmare-Eclipse Tooling Seen in Real-World Intrusion

Huntress observed in-the-wild use of Nightmare-Eclipse tooling, including BlueHammer, RedSun, and UnDefend, in a live intrusion involving FortiGate VPN compromise as the initial access, reconnaissance commands, and likely tunneling activity.

  •  

Untangling a Linux Incident With an OpenAI Twist

A Linux user recently tried to respond to potentially malicious behavior on their machine using OpenAI’s Codex coding agent, before installing the Huntress agent. What ensued shows the unexpected impacts of this AI use case on DFIR investigations.

  •  

Attackers Love Your VPN To-Do List

VPN misconfiguration is behind 70% of intrusions. See real Huntress SOC incidents and learn the simple steps to close your biggest open door before attackers walk through it.

  •  
❌