{"id":284121,"date":"2026-06-30T12:54:00","date_gmt":"2026-06-30T16:54:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/30\/huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe\/"},"modified":"2026-06-30T13:50:11","modified_gmt":"2026-06-30T17:50:11","slug":"huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/30\/huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe\/","title":{"rendered":"Huntress CEO says threat hunter used &#8216;poor judgment&#8217; in alerting ransomware crim about law enforcement probe"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.com\/security\/2026\/06\/30\/huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe\/5264532\">Huntress CEO says threat hunter used &#8216;poor judgment&#8217; in alerting ransomware crim about law enforcement probe<\/a><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/security\/2026\/06\/30\/huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe\/5264532\">https:\/\/www.theregister.com\/security\/2026\/06\/30\/huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe\/5264532<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-30 12:54:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.theregister.com\">www.theregister.com<\/a><\/p>\n<p class=\"kicker \" style=\"\">Security<\/p>\n<p class=\"subtitle \" style=\"\">Ex-employee claims this &#8216;meets the definition of an insider threat&#8217;<\/p>\n<p>Huntress CEO Kyle Hanslovan said he is aware of \u201cquestionable, long-term threat actor communications\u201d between a threat hunter who is still employed with the security firm and a cybercriminal, and called this \u201cpoor judgment.\u201d<\/p>\n<p>\u201cIn one particular exchange, our current teammate disclosed to a threat actor that law enforcement had reached out to them about the threat actor,\u201d Hanslovan said in a blog post, addressing a former employee\u2019s accusations that the current Huntress analyst is an insider threat to the company.\u00a0\u201cWhile this disclosure was not illegal, it reflected poor judgment,\u201d he wrote.<\/p>\n<p>The incident came to light last week when former Huntress security operations analyst Ben Folland, who left the company in February, alleged that \u201canother Huntress employee passed communications from US law enforcement to a cybercriminal, Devman, who is actively and publicly targeting my family and me.\u201d<\/p>\n<p>Devman is a ransomware operator, believed to be located in Russia, who uses modified DragonForce code built on top of the leaked Conti source code.<\/p>\n<p>Folland alleged that this insider, still employed by Huntress, was \u201ccaught by the FBI,\u201d and that their involvement with Devman \u201cwould cause significant reputational damage to Huntress and, in my view, continues to put clients at risk.\u201d<\/p>\n<p>\u201cIf you are an employee at a cybersecurity company, you should not be helping cybercriminals,\u201d Folland said. \u201cYou should not be informing them of active investigations. You should not be engaging in cybercriminal activity yourself.\u201d<\/p>\n<p>At the time, Hanslovan said he \u201cfirmly disagree[d]\u201d with Folland\u2019s accusations \u2013 but declined to provide additional details about what happened between the employee and the criminal.<\/p>\n<p>In the Tuesday blog post, Hanslovan elaborated further and said that he believed that the&#8230;<\/p>\n<p><a href=\"https:\/\/www.theregister.com\/security\/2026\/06\/30\/huntress-ceo-says-threat-hunter-used-poor-judgment-in-alerting-ransomware-crim-about-law-enforcement-probe\/5264532\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Huntress CEO says threat hunter used &#8216;poor judgment&#8217; in alerting ransomware crim about law enforcement&#8230;<\/p>\n","protected":false},"author":1,"featured_media":284122,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/image.theregister.com\/5264558.jpg?imageId=5264558&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,34],"class_list":["post-284121","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/284121"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=284121"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/284121\/revisions"}],"predecessor-version":[{"id":284123,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/284121\/revisions\/284123"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/284122"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=284121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=284121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=284121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}