top | item 45185869

(no title)

isatsam | 5 months ago

This is a surprising response - I was expecting something like "they clicked past an alert notifying that they were giving us this level of access". Just because Windows only has a generic password prompt whenever an app wants to do something dangerous, doesn't mean you can't inform the user via your app's own UI. Others like AnyDesk do exactly that.

discuss

spogbiper|5 months ago

this product is typically silently mass deployed to all systems within an organization, completely unknown to the individual users. afaik there is no user interface or way to interact with the software from the computer, its all managed in a central web console

cybergreg|5 months ago

You’re really missing the point here. Huntress is an MDR, a cybersecurity company. They protect the endpoint by monitoring it for malicious activity and responding in kind. It’s what they do, not unlike Crowdstrike, Microsoft, etc. Generally a threat actor will install a security agent like this to find a bypass in order to attack more victims. They know exactly what they’re doing.

VladVladikoff|5 months ago

>They know exactly what they’re doing.

Strongly disagree. If they installed this to do some analysis they would have done that in a VM if they “knew exactly what they were doing”.

Either you snared a script kiddy, or your software download and install process that followed that google ads click was highly questionable.