Latest news with #Huntress
Axios
05-08-2025
- Business
- Axios
Exclusive: Former cyber chief Jen Easterly joins Huntress as adviser
Former CISA director Jen Easterly is joining the advisory board at cybersecurity company Huntress, the company announced today. Why it matters: The news, shared exclusively with Axios, marks the first private sector role for Easterly since she left government — and her first job announcement since West Point rescinded her teaching job offer last week following far-right pressure. What she's saying: "It was disappointing given my association with West Point — I was a cadet there, I was a professor there for two and a half years — and I was excited about the opportunity to go back and be part of the department where I'd spent so much time," Easterly told Axios. "I've been super encouraged by the incredible support from the community, to include the amazing cybersecurity community," she added. "Now, I'm really focused on moving forward and working with companies like Huntress." Zoom in: Huntress, founded by a group of former National Security Agency operators, is a managed services provider that focuses heavily on small to medium-size businesses and is increasingly competing for contracts with larger enterprises. Last year, the company raised a $150 million Series D round valuing it at $1.5 billion. Easterly said she's eager to join the company because of its focus on protecting what she called " target rich, resource poor" entities, including critical infrastructure operators who don't have the time, money or resources to fight opportunistic cybercriminals and nation-state hackers. In a statement, Huntress CEO Kyle Hanslovan said the company plans to use Easterly's "expertise to experiment with exciting new ways to harness our threat intelligence, augment our [security operations center] experts with AI, and strengthen our partnerships throughout the industry." What's next: Finding new ways to tap AI is a top priority for both Huntress and Easterly as she starts her new role. Huntress has been developing tools to accelerate the use of AI within existing cyber defenses. "Any business that doesn't figure out how they can leverage the power of AI to augment and assist the incredible technical talent of humans is not going to be successful in this age," Easterly said.
Yahoo
24-07-2025
- Yahoo
This forgotten FTP flaw lets hackers take full control - millions of servers exposed across the world
When you buy through links on our articles, Future and its syndication partners may earn a commission. Hackers launched attacks just one day after the flaw's full technical write-up was made public Many servers stayed vulnerable for weeks despite a fix being released long before the disclosure Null byte injection in the username field lets attackers bypass login and run Lua code Security researchers have confirmed attackers are actively exploiting a critical vulnerability in Wing FTP Server, a widely used solution for managing file transfers. Researchers at Huntress say the flaw identified as CVE-2025-47812 was disclosed publicly on June 30, and exploitation began almost immediately, just a day later. This vulnerability allows unauthenticated remote code execution (RCE), enabling attackers to run code as root or SYSTEM on vulnerable servers. Wing FTP Server remains vulnerable in unpatched systems Wing FTP Server is deployed across enterprise and SMB environments, and it is used by more than 10,000 organizations globally, including high-profile clients such as Airbus, Reuters, and the US Air Force. The vulnerability exists in versions 7.4.3 and earlier and has been patched in version 7.4.4, which was released on May 14, 2025. Despite the fix being available for over a month, many users remained unpatched when technical details were made public. Security researcher Julien Ahrens, explained the issue stems from improper input sanitization and unsafe handling of null-terminated strings. The weakness allows a null byte injected in the username field to bypass authentication and insert malicious Lua code into session files. These files, when deserialized by the server, trigger code execution at the highest system level. One attacker created malicious session files that used certutil and to fetch and execute remote payloads. Although the attack was ultimately unsuccessful, thanks in part to Microsoft Defender, researchers noted that the intruders attempted to escalate privileges, perform reconnaissance, and create new users to maintain persistence. Another attacker reportedly had to look up how to use curl mid-attack, and one even involved a second party during the operation. This shows the persistence of attackers who are likely scanning for exposed Wing FTP instances, including those running outdated versions. Even if attackers lacked sophistication, the vulnerability remains highly dangerous. Researchers recommend upgrading to version 7.4.4 immediately, but where updates aren't possible, disabling HTTP/S access, removing anonymous login options, and monitoring session file directories are essential mitigation steps. Three additional vulnerabilities were reported: one enabling password exfiltration through JavaScript, another exposing system paths via an overlong cookie, and a third highlighting the server's lack of sandboxing. While these pose serious risks, CVE-2025-47812 has received the highest severity rating due to its potential for complete system compromise. Via The Register and BleepingComputer You might also like Here's a list of the best firewalls around today These are the best endpoint security tools right now Data of all 6.5 million Co-op members stolen - CEO says she is 'incredibly sorry'
Techday NZ
09-07-2025
- Business
- Techday NZ
Huntress & Microsoft partner to boost business cybersecurity
Huntress has announced a partnership with Microsoft aimed at improving cybersecurity for businesses using Microsoft's security products and services. The partnership will see Huntress' cybersecurity solutions integrated with Microsoft Defender for Endpoint, Defender for Business, Defender Antivirus, as well as Microsoft 365 Business Premium, E3, and E5 licenses. The companies state that the collaboration is designed to offer enhanced protection to businesses of all sizes that rely on Microsoft's ecosystem, many of whom face resource and expertise challenges in making full use of their security investments. Addressing cybersecurity challenges Over 300 million organisations worldwide use Microsoft's software, but according to Huntress, many struggle to access the complete capabilities of the security tools included with their Microsoft licenses. Organisations with limited in-house cybersecurity abilities often leave advanced threat protection features underutilised. Huntress' solutions - including Endpoint Detection and Response (EDR), Identity Threat Detection and Response (ITDR), Security Information and Event Management (SIEM), and Security Awareness Training (SAT) - are designed to integrate smoothly with existing Microsoft environments. These tools are supported by a 24/7 Security Operations Center (SOC) which the company says enables continuous protection against emerging threats. Quotes from leadership "Huntress was founded to make enterprise-grade security accessible to all businesses. Businesses worldwide trust Microsoft's ecosystem, but often don't fully use its potential due to limited resources or expertise. We deliver the technology and integrations needed to unlock the full value of Microsoft's security solutions, empowering businesses of all sizes to operate securely and confidently in an evolving threat landscape," said Chris Bisnett, CTO at Huntress. Microsoft's Steve Dispensa, Corporate Vice President of Security, also commented on the collaboration: "With cyberattacks growing in both volume and complexity, businesses face mounting pressure to protect their environments with limited resources. Huntress' integrations with Microsoft 365 Business Premium and Microsoft Defender for Endpoint empower organizations to not only strengthen their security posture but also fully benefit from their Microsoft security investments. Together, we're equipping businesses worldwide to prioritize growth and innovation without compromising on security." Integration and benefits According to Huntress, the partnership seeks to make it easier for organisations of all sizes to turn on advanced security features. The integrations allow Microsoft customers to deploy Huntress' suite of tools through their Microsoft platforms, aiming to provide greater threat visibility, incident response capabilities, and cyber awareness for their employees. The collaboration between Huntress and Microsoft is also intended to help businesses optimise their security spending. By using existing Microsoft licenses in combination with Huntress' managed security suite, organisations are expected to reduce the need for multiple standalone solutions, potentially offering cost efficiencies. Background and recognition Huntress focuses its efforts on supporting organisations that typically lack enterprise-scale resources to counteract cyber threats. Their Security Operations Center provides around-the-clock monitoring and support for businesses, with an emphasis on remediation and a low rate of false positives. The company states its mission is to break down barriers to enterprise-level security and enable both outsourced IT contractors and internal IT staff to better prepare for and deal with cyber threats. Huntress has also been recognised with Microsoft Verified Small & Medium Business solution status through the Microsoft Intelligent Security Association, which reflects Microsoft's assessment of trusted security products for its partner ecosystem. The integration of Huntress solutions into Microsoft security environments will be available to all organisations using Microsoft 365 Business Premium, E3, and E5 licensing, as well as Microsoft Defender security products. The companies indicate that ongoing support and updates will be provided as the threat landscape evolves.
Geek Tyrant
07-07-2025
- Entertainment
- Geek Tyrant
Pom Klementieff Reportedly Leading New DCU Series, and She Might Be Playing Huntress — GeekTyrant
Pom Klementieff is making the leap from Marvel to DC, and this time she's not just passing through. The Guardians of the Galaxy actress is reportedly set to lead a new DCU live-action TV series, according to Nexus Point News. While details are still being locked down, it sounds like James Gunn is once again teaming up with one of his MCU alums for something big. This wouldn't be Klementieff's first brush with the DC world. She had a silent cameo in The Suicide Squad back in 2021, but if this new project pans out, it'll mark her full-fledged entry into Gunn's freshly rebooted DC Universe. So who's she playing? Word is, Klementieff has been tapped to portray Helena Bertinelli, aka Huntress, a fan-favorite vigilante who previously appeared in Birds of Prey , where she was played by Mary Elizabeth Winstead. The character first appeared in the 1989 Huntress comic by Joey Cavalieri and Joe Staton and has remained a gritty, complex staple of the Bat-family ever since. The report adds that this version of Huntress will be half-Korean and half-Italian, offering a fresh spin on the character's backstory. That makes the rumored involvement of South Korean filmmaker Jung Byung-gil ( The Villainess ) even more exciting. If this is true, he'll be serving as writer and director. Nothing's been officially confirmed yet because, as the report notes, 'there hasn't been a formal deal in place.' Fans have started speculating after Klementieff was seen visiting the set of Peacemaker Season 2. Could she show up there first before launching into her own series? It wouldn't be the first time Gunn introduced a new character that way. Whether or not the Huntress news is true, this much is clear, Gunn is building a new DC Universe, and it makes sense that he would want to work with Klementieff again.
Geek Tyrant
07-07-2025
- Entertainment
- Geek Tyrant
James Gunn Confirms DCU Projects in Development From Korea, Japan, and Brazil — GeekTyrant
James Gunn is making it very clear that the new DC Universe isn't just about rebooting iconic heroes, it's about broadening the scope of storytelling entirely. During a recent interview with HT City, the Superman director and DC Studios co-CEO revealed that new DCU projects are in the works from Korea, Japan, and Brazil. It sounds like Gunn and his team are actively building DC stories from other cultures, with international creatives leading the charge. It's something that could offer a fresh, global perspective to a cinematic universe that's long been very U.S.-centric. When asked about the possibility of bringing an Indian actor into the DCU, Gunn didn't just stop at casting. He said: 'I would love that. I would love to see an Indian actor, but I would also love to have Indian Filmmaking collaborators.' He continued, emphasizing a broader vision for DC's future: 'We at DC Studios we think there are heroes all over this world that we could focus on, and filmmakers from all of the world that could tell their stories within the DCU.' 'Who's our Indian superhero and who are Indian filmmakers that want to be a part of this universe. That's important to us. We've already got things started in Korea and Japan and Brazil, and so it would be great to collaborate some Indians.' Gunn didn't name-drop any specific titles, but this lines up with a rumored Huntress movie out of South Korea. That project, supposedly involving The Villainess director Jung Byung-gil , was first reported on about back in 2023. No updates since, but this new statement adds some fuel to the fire. As for the Japanese and Brazilian projects? No confirmed characters or creators just yet, but it's worth noting that DC does have a few lesser-known heroes from those regions. Gunn's approach with developing international DCU content with culturally rooted perspectives and presumably lesser-known casts, might seem like a gamble, but I'm actually curious to see what he's and his team are cooking up!
