Acknowledgments: Special thanks to Dani Lopez, Tanner Filip, Anton Ovrutsky, Lindsey O’Donnell-Welch, and John Hammond for their contributions to this investigation and write-up. This article was also written with AI assistance.
TL;DR: Huntress has observed the use of Nightmare-Eclipse tooling, including BlueHammer, RedSun, and UnDefend, during a real-world intrusion investigation. In the clearest...