Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

Several days have passed since the dramatic reveal of CVE-2021-44228 (aka Log4Shell), an easily exploitable (without authentication) RCE flaw in Apache Log4j, a popular open-source Java-based logging utility that’s seemingly used by most enterpri… Continue reading Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

A critical zero-day vulnerability in Apache Log4j (CVE-2021-44228), a widely used Java logging library, is being leveraged by attackers in the wild – for now, fortunately, primarily to deliver coin miners. Reported to the Apache Software Foundati… Continue reading Critical RCE 0day in Apache Log4j library exploited in the wild (CVE-2021-44228)

New infosec products of the week: October 15, 2021

Here’s a look at the most interesting product releases from the past week, featuring releases from Aqua Security, AT&T, Datto, Huntress and ReliaQuest. ReliaQuest releases two capabilities within its XDR platform to improve security operation effi… Continue reading New infosec products of the week: October 15, 2021

Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks

Huntress launched a series of platform enhancements designed to protect small and midsize businesses (SMBs) from modern cyberthreats. The release includes the general availability of the company’s Managed Antivirus (AV) service, new host isolation capa… Continue reading Huntress launches endpoint protection capabilities to defend SMBs from cyberattacks

ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware

Three so-called “ProxyShell” vulnerabilities are being actively exploited by various attackers to compromise Microsoft Exchange servers around the world, the Cybersecurity and Infrastructure Security Agency (CISA) warned over the weekend. T… Continue reading ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware

Huntress Raises $40M to Become the Go-To Cybersecurity Platform for SMBs, Arm Reseller Partners with New Services

Led by JMI Equity, this latest fundraising enables Huntress to further its commitment to delivering cybersecurity to the 99% via local and national resellers. ELLICOTT CITY, Md., May 06, 2021 (GLOBE NEWSWIRE) — Huntress, the leading provider of m… Continue reading Huntress Raises $40M to Become the Go-To Cybersecurity Platform for SMBs, Arm Reseller Partners with New Services

Huntress Launches Managed Antivirus Service to Streamline Endpoint Security for MSPs and IT Administrators

The new service enables simplified and centralized management of Microsoft Defender Antivirus ELLICOTT CITY, MD, January 26, 2021 – Huntress, the leading provider of managed detection and response (MDR) with human-powered threat hunting, announced toda… Continue reading Huntress Launches Managed Antivirus Service to Streamline Endpoint Security for MSPs and IT Administrators

Huntress Acquires Network-Aware Endpoint Detection and Response Technology from Level Effect to Strengthen Platform Capabilities

The acquisition brings malicious network traffic detection and expanded forensic capabilities to the Huntress Security Platform regardless of endpoint location ELLICOTT CITY, Md., Jan. 12, 2021 (GLOBE NEWSWIRE) — Huntress, the leading provider of… Continue reading Huntress Acquires Network-Aware Endpoint Detection and Response Technology from Level Effect to Strengthen Platform Capabilities