EternalBlue allows remote control with no user credentials. This NSA exploit lets attackers move laterally without touching a keyboard. Here are 5 lessons from its operation you need to know👇 1️⃣ Exploits memory mismanagement in SMBv1 EternalBlue leverages a flaw in

Salt Typhoon hid inside U.S. Army National Guard networks for 9 months. No malware. No alerts. Just broken fundamentals. Here are 5 urgent lessons every organization must act on to avoid being next👇 1️⃣ Don’t wait for 0-days. Patch known CVEs CVE-2024-3400 and CVE-2023-20198

Outdated systems are holding the DoD back. Matt D'vertola & Michael Christopherson break down how to modernize with Kubernetes, beat bureaucracy, and rethink legacy infrastructure. This episode of This Is Fine is a must-listen for anyone serious about DevSecOps in government!

Is your VPN is lying to you? Does it say users are legitimate when they’re not? In this blog, William Elchert dives into how Akira ransomware actors bypass MFA using legacy credentials and a patched SonicWall vulnerability to gain admin access without triggering alarms. Key

From login to encryption in under 24 hours. This breakdown shows exactly how Akira operators exploit SonicWall SSL VPNs using valid credentials, bypassing MFA and skipping malware entirely in early stages. If you're not monitoring post-auth activity or auditing migrated

This past month saw a clear shift in cyber threats.  Here are the key takeaways from our August wrap-up: 🔶 Trusted channels and mobile threats: Adversaries abused platforms like Microsoft Teams and Telegram, while mobile banking attacks surged via malvertising and fake app

How can small-to-medium businesses fight insider threats? Insider threats can be a huge risk for small and medium-sized businesses (SMBs). It's crucial to understand how to handle them effectively. For SMBs, the risks are especially high because: 👤 They often have fewer

Is your organization granting attackers a ready-made platform for stealthy, resilient persistence? Attackers continue to exploit Windows scheduled tasks and services, leveraging these trusted features to embed their malicious activity deep within your systems.  The latest

Is your vulnerability program keeping up with your network? Your attack surface is more complex than ever, with new cloud models, mobile endpoints, and operational technologies. Relying on a traditional approach can leave critical risks exposed. We help our partners implement

Did you know a new ransomware family is rapidly evolving from a Windows threat to a cross-platform threat?  First seen in April 2025, BERT ransomware has quickly expanded its attacks to include Linux environments, posing a significant risk to critical infrastructure worldwide.

Your endpoint is the frontline of your security. That's why Endpoint Detection and Response (EDR) and Managed EDR (MDR) are no longer optional, they are the new cornerstones of modern defense. Don't just defend your endpoints. Anticipate the attack. Learn more about our EDR

Is your organization prepared for a ransomware group that's more than a financial threat?  The Interlock ransomware group has rapidly evolved since emerging in September 2024 into a sophisticated threat actor that has claimed 57 victims across different sectors. The most

How do you protect your network from insider threats? The answer lies in strategic network segmentation 👇

A Chinese state-sponsored APT group, Salt Typhoon, maintained undetected access to multiple U.S. Army National Guard network for nine months.  This breach, viewed as a strategic escalation by U.S. defense officials, resulted in the exfiltration of highly sensitive materials.

How is AI changing the cybersecurity landscape?  The role of AI in cybersecurity is more important than ever because it can automate a number of processes. It can help to identify and respond to threats faster and more efficiently than humans alone In this episode of ‘This Is

AI's biggest impact on your workflow?  Drastically reducing your Mean Toil Time (MTT).  Andrew King, the CISO at Hunter Strategy, explains why this is the most important KPI it brings to the table 👇

Is your public sector institution ready to move at the speed of tomorrow? Legacy infrastructure and budget constraints often stand in the way of innovation. Amazon Web Services (AWS) offers a powerful, secure foundation for public sector digital transformation. It's not just

How do you turn breakthrough ideas into secure, production-ready solutions? Hunter Strategy Labs offers R&D Software Professional Services to help you do just that, through cutting-edge prototyping, custom architecture, and security-first innovation. We help you transform your

Drowning in security alerts? It's time to stop the noise and find the real threats. Our Log Management & SIEM Engineering service uses a 3-phase strategy to optimize your alerting for real threats, not false alarms. Learn more: hunterstrategy.net/#/capabilities…

Don't rely on clumsy copy-pasting to get data into your LLM.  There's a better way to get faster, more accurate results. 👇