https://redhound.us/blog.html Field-tested cybersecurity insights for SMBs from Red Hound InfoSec — offensive security, identity, compliance, and the CVE response playbooks no one else publishes. en-us Copyright (c) Red Hound InfoSec sales@redhound.us (Red Hound InfoSec) sales@redhound.us (Red Hound InfoSec) Cybersecurity Information Security 1440 https://redhound.us/assets/logo-original.png https://redhound.us/ https://redhound.us/blog/bluehammer-redsun-undefend-windows-defender-smb-hardening.html https://redhound.us/blog/bluehammer-redsun-undefend-windows-defender-smb-hardening.html Wed, 13 May 2026 00:00:00 GMT Red Hound InfoSec Windows Defender How Bluehammer + RedSun disable Windows Defender, and the SMB hardening steps that block them. https://redhound.us/blog/adaptavist-thegentlemen-atlassian-marketplace-smb-playbook.html https://redhound.us/blog/adaptavist-thegentlemen-atlassian-marketplace-smb-playbook.html Tue, 12 May 2026 00:00:00 GMT Red Hound InfoSec Supply Chain The Adaptavist compromise, what it means for Atlassian Marketplace users, and a concrete SMB response playbook. https://redhound.us/blog/vercel-context-ai-oauth-supply-chain-smb-playbook.html https://redhound.us/blog/vercel-context-ai-oauth-supply-chain-smb-playbook.html Mon, 11 May 2026 00:00:00 GMT Red Hound InfoSec AI Security How the Vercel/Context AI OAuth breach happened and what SMBs need to verify in their own GitHub/SaaS OAuth grants. https://redhound.us/blog/pan-os-cve-2026-0300-captive-portal-pre-patch-playbook.html https://redhound.us/blog/pan-os-cve-2026-0300-captive-portal-pre-patch-playbook.html Sun, 10 May 2026 00:00:00 GMT Red Hound InfoSec CVE Response What to do about PAN-OS CVE-2026-0300 captive portal vulnerability before the patch lands. https://redhound.us/blog/canvas-instructure-shinyhunters-saas-vendor-concentration-risk.html https://redhound.us/blog/canvas-instructure-shinyhunters-saas-vendor-concentration-risk.html Sat, 09 May 2026 00:00:00 GMT Red Hound InfoSec Supply Chain The Canvas/Instructure breach is a case study in SaaS vendor concentration risk for education and beyond. https://redhound.us/blog/entra-agent-id-administrator-service-principal-takeover.html https://redhound.us/blog/entra-agent-id-administrator-service-principal-takeover.html Fri, 08 May 2026 00:00:00 GMT Red Hound InfoSec Identity New Entra Agent ID attack path: how administrator service principals are taken over and how to detect it. https://redhound.us/blog/copy-fail-cve-2026-31431-linux-kernel-lpe-container-escape.html https://redhound.us/blog/copy-fail-cve-2026-31431-linux-kernel-lpe-container-escape.html Thu, 07 May 2026 00:00:00 GMT Red Hound InfoSec CVE Response CVE-2026-31431 Copy-Fail: Linux kernel local privilege escalation and container escape — what to do today. https://redhound.us/blog/cpanel-cve-2026-41940-crlf-auth-bypass-msp-hosting-mass-exploit.html https://redhound.us/blog/cpanel-cve-2026-41940-crlf-auth-bypass-msp-hosting-mass-exploit.html Wed, 06 May 2026 00:00:00 GMT Red Hound InfoSec CVE Response cPanel CVE-2026-41940 CRLF auth bypass is being mass exploited in MSP hosting environments — emergency response. https://redhound.us/blog/litellm-cve-2026-42208-ai-gateway-pre-auth-sqli.html https://redhound.us/blog/litellm-cve-2026-42208-ai-gateway-pre-auth-sqli.html Tue, 05 May 2026 00:00:00 GMT Red Hound InfoSec AI Security Pre-auth SQL injection in LiteLLM exposes AI gateways — what defenders need to patch and detect. https://redhound.us/blog/cve-2026-32202-apt28-ntlm-zero-click-may-12-deadline.html https://redhound.us/blog/cve-2026-32202-apt28-ntlm-zero-click-may-12-deadline.html Mon, 04 May 2026 00:00:00 GMT Red Hound InfoSec CVE Response APT28 weaponized NTLM zero-click attacks — patch and harden ahead of the May 12 deadline. https://redhound.us/blog/github-cve-2026-3854-git-push-rce.html https://redhound.us/blog/github-cve-2026-3854-git-push-rce.html Sat, 02 May 2026 00:00:00 GMT Red Hound InfoSec CVE Response GitHub CVE-2026-3854 enables RCE via crafted git push. Detection, mitigation, and SMB impact. https://redhound.us/blog/comment-and-control-ai-coding-agent-prompt-injection.html https://redhound.us/blog/comment-and-control-ai-coding-agent-prompt-injection.html Tue, 28 Apr 2026 00:00:00 GMT Red Hound InfoSec AI Security Comment-and-Control: an emerging prompt injection technique that turns AI coding agents into attacker infrastructure. https://redhound.us/blog/simplehelp-dragonforce-msp-supply-chain.html https://redhound.us/blog/simplehelp-dragonforce-msp-supply-chain.html Mon, 27 Apr 2026 00:00:00 GMT Red Hound InfoSec Supply Chain SimpleHelp + DragonForce ransomware is hitting MSPs and cascading downstream. How SMB customers should respond. https://redhound.us/blog/deepfake-executive-impersonation-smb-playbook.html https://redhound.us/blog/deepfake-executive-impersonation-smb-playbook.html Wed, 22 Apr 2026 00:00:00 GMT Red Hound InfoSec Social Engineering Deepfake CEO/CFO impersonation is wire-fraud-grade now. The SMB defense playbook. https://redhound.us/blog/apache-activemq-cve-2026-34197-rce.html https://redhound.us/blog/apache-activemq-cve-2026-34197-rce.html Tue, 21 Apr 2026 00:00:00 GMT Red Hound InfoSec CVE Response Apache ActiveMQ CVE-2026-34197 RCE — what to patch, hunt, and block. https://redhound.us/blog/axios-npm-supply-chain-attack-lessons.html https://redhound.us/blog/axios-npm-supply-chain-attack-lessons.html Mon, 20 Apr 2026 00:00:00 GMT Red Hound InfoSec Supply Chain The axios npm compromise and what SMB engineering teams must do about node-modules supply chain risk. https://redhound.us/blog/mcp-server-security-ai-agents.html https://redhound.us/blog/mcp-server-security-ai-agents.html Sun, 19 Apr 2026 00:00:00 GMT Red Hound InfoSec AI Security Securing Model Context Protocol (MCP) servers — the next-gen attack surface for AI agent deployments. https://redhound.us/blog/windows-defender-zero-day-bluehammer-redsun.html https://redhound.us/blog/windows-defender-zero-day-bluehammer-redsun.html Sat, 18 Apr 2026 00:00:00 GMT Red Hound InfoSec Endpoint The Bluehammer + RedSun Windows Defender zero-day chain explained. https://redhound.us/blog/ai-packet-analyzer-open-source-pcap-analysis.html https://redhound.us/blog/ai-packet-analyzer-open-source-pcap-analysis.html Thu, 16 Apr 2026 00:00:00 GMT Red Hound InfoSec Tools Our open-source AI Packet Analyzer for network connectivity and security analysis. https://redhound.us/blog/ai-dfir-claude-code-sift-workstation.html https://redhound.us/blog/ai-dfir-claude-code-sift-workstation.html Fri, 03 Apr 2026 00:00:00 GMT Red Hound InfoSec DFIR Speeding up DFIR investigations with Claude Code agents and the SIFT Workstation. https://redhound.us/blog/dc-hardening-checklist.html https://redhound.us/blog/dc-hardening-checklist.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec Active Directory Battle-tested DC hardening checklist from 20 years inside Fortune 500 enterprises. https://redhound.us/blog/attack-test-domain-controllers.html https://redhound.us/blog/attack-test-domain-controllers.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec Active Directory How to attack-test your own domain controllers before an adversary does. https://redhound.us/blog/ad-cs-attack-surface.html https://redhound.us/blog/ad-cs-attack-surface.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec Active Directory Active Directory Certificate Services: the attack surface most enterprises ignore. https://redhound.us/blog/entra-id-hardening-settings.html https://redhound.us/blog/entra-id-hardening-settings.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec Identity The Entra ID hardening settings that actually move the needle. https://redhound.us/blog/entra-id-threat-hunting.html https://redhound.us/blog/entra-id-threat-hunting.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec Identity Threat hunting queries and detections for Entra ID environments. https://redhound.us/blog/hybrid-identity-security.html https://redhound.us/blog/hybrid-identity-security.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec Identity Securing hybrid AD + Entra ID environments end-to-end. https://redhound.us/blog/splunk-log-volume-optimization.html https://redhound.us/blog/splunk-log-volume-optimization.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec SIEM Cutting Splunk ingest spend without losing detection coverage. https://redhound.us/blog/splunk-detection-library.html https://redhound.us/blog/splunk-detection-library.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec SIEM The Splunk detections you should have running today. https://redhound.us/blog/ai-agent-compliance-testing.html https://redhound.us/blog/ai-agent-compliance-testing.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec AI Security How to test AI agents against compliance frameworks like SOC2, HIPAA, and PCI. https://redhound.us/blog/ai-agents-soc-automation.html https://redhound.us/blog/ai-agents-soc-automation.html Thu, 02 Apr 2026 00:00:00 GMT Red Hound InfoSec SOC Practical AI agent patterns for SOC automation in 2026. https://redhound.us/blog/ransomware-response-first-48-hours.html https://redhound.us/blog/ransomware-response-first-48-hours.html Mon, 30 Mar 2026 00:00:00 GMT Red Hound InfoSec Incident Response What to do in the first 48 hours of a ransomware incident — minute-by-minute. https://redhound.us/blog/mfa-bypass-attacks-defense.html https://redhound.us/blog/mfa-bypass-attacks-defense.html Mon, 23 Mar 2026 00:00:00 GMT Red Hound InfoSec Identity The MFA bypass techniques attackers are using now, and the controls that actually stop them. https://redhound.us/blog/active-directory-misconfigurations.html https://redhound.us/blog/active-directory-misconfigurations.html Fri, 20 Mar 2026 00:00:00 GMT Red Hound InfoSec Active Directory The same five Active Directory misconfigurations show up in nearly every assessment we run. https://redhound.us/blog/fortune-500-vendor-security-requirements.html https://redhound.us/blog/fortune-500-vendor-security-requirements.html Fri, 20 Mar 2026 00:00:00 GMT Red Hound InfoSec Enterprise Readiness What Fortune 500 procurement actually wants to see in your vendor security review. https://redhound.us/blog/siem-alert-optimization.html https://redhound.us/blog/siem-alert-optimization.html Fri, 20 Mar 2026 00:00:00 GMT Red Hound InfoSec SIEM How to tune SIEM alerts to eliminate noise and surface real threats. https://redhound.us/blog/penetration-test-report-quality.html https://redhound.us/blog/penetration-test-report-quality.html Fri, 20 Mar 2026 00:00:00 GMT Red Hound InfoSec Offensive Security What separates a great pentest report from a useless one. https://redhound.us/blog/azure-ad-conditional-access-mistakes.html https://redhound.us/blog/azure-ad-conditional-access-mistakes.html Fri, 20 Mar 2026 00:00:00 GMT Red Hound InfoSec Identity The Azure AD / Entra ID Conditional Access mistakes that put your tenant at risk.