I'm usually on the other side of these things but here I think most of the actual (some might be artificial...) outrage and concern come from a misunderstanding of the product and services Huntress are selling and how their EDR product is packaged and sold.
As presented I see no ethical concerns with the incident and their response. Someone hacks you and then installs your rootkit, I say you can leverage that to hack back and look all you want while it's running (as long as you can be confident it's really the attacker obv). I appreciate that Huntress shared their insights with the community and hope that they and others won't be discouraged from the unfortunate flaming.
As presented I see no ethical concerns with the incident and their response. Someone hacks you and then installs your rootkit, I say you can leverage that to hack back and look all you want while it's running (as long as you can be confident it's really the attacker obv). I appreciate that Huntress shared their insights with the community and hope that they and others won't be discouraged from the unfortunate flaming.
reply