←back to thread

An attacker’s blunder gave us a look into their operations

(www.huntress.com)
154 points mellosouls | 1 comments | 09 Sep 25 15:42 UTC | HN request time: 0s | source
Show context
isatsam ◴[09 Sep 25 16:17 UTC] No.45184197[source]
I don't work in cybersecurity and, after looking at the site's homepage, couldn't exactly figure out from all the buzzwords what exactly is this product. The most concerning takeaway from this article for me is that the maintainers of Huntress (whatever it is) can keep a log of, as well as personally access, the users' browser history, history of launched executables, device's hostname, and presumably a lot of other information. How is this product not a total security nightmare?
replies(12): >>45184282 #>>45184376 #>>45184533 #>>45184902 #>>45185067 #>>45185111 #>>45185367 #>>45185677 #>>45185868 #>>45185950 #>>45186020 #>>45190165 #
1. mc32 ◴[09 Sep 25 17:52 UTC] No.45185677[source]
Those things are what MTR/MDR solutions do. They track where you go and what processes are running and spawn other processes, etc. it allows tenants to see how an exploit progresses or stops, etc. these systems can also do web filtering for the tenant as well as keep logs as to what sessions get established and so on. That’s how these products work.