Found 3 bookmarks
Custom sorting
Managing Attack Surface | Huntress Blog
Managing Attack Surface | Huntress Blog
Huntress recently detected interesting activity on an endpoint; a threat actor was attempting to establish a foothold on an endpoint by using commands issued via MSSQL to upload a reverse shell accessible from the web server. All attempts were obviated by MAV and process detections, but boy-howdy, did they try!
·huntress.com·
Managing Attack Surface | Huntress Blog
BlackCat Ransomware Affiliate TTPs
BlackCat Ransomware Affiliate TTPs
This blog post provides a detailed look at the TTPs of a ransomware affiliate operator. In this case, the endpoint had been moved to another infrastructure (as illustrated by various command lines, and confirmed by the partner), so while Huntress SOC analysts reported the activity to the partner, no Huntress customer was impacted by the ransomware deployment.
·huntress.com·
BlackCat Ransomware Affiliate TTPs