Sophos – Page 21 – PossibleThreat Articles

Security Sophos

Remote Desktop Protocol: The Series

March 20, 2024 0 Comments active adversary, featured, Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:18:21 +0000

What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary Special Report

Security Sophos

Remote Desktop Protocol: Exposed RDP (is dangerous)

March 20, 2024 0 Comments Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:16:34 +0000

Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data answers, loud and clear

Security Sophos

Remote Desktop Protocol: Queries for Investigation

March 20, 2024 0 Comments Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:15:12 +0000

How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits

Security Sophos

Remote Desktop Protocol: How to Use Time Zone Bias

March 20, 2024 0 Comments Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:13:08 +0000

Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs

Security Sophos

Remote Desktop Protocol: Executing the 4624_4625 Login Query

March 20, 2024 0 Comments Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:11:40 +0000

Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts

Security Sophos

Remote Desktop Protocol: Executing the External RDP Query

March 20, 2024 0 Comments Incident Response, incident response tools, mdr, query, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:09:06 +0000

On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started)

Security Sophos

Sophos named a Leader in Frost & Sullivan’s 2024 Frost Radar™ for Global Managed Detection and Response

March 19, 2024 0 Comments featured, frost & sullivan, mdr, products & services, radar, security operations

Credit to Author: rajansanhotra| Date: Tue, 19 Mar 2024 10:22:04 +0000

Sophos has been named a Leader by Frost & Sullivan for Managed Detection and Response

Security Sophos

Benchmarking the Security Capabilities of Large Language Models

March 18, 2024 0 Comments ai research, featured, large language models

Credit to Author: gallagherseanm| Date: Mon, 18 Mar 2024 10:00:43 +0000

Comparative Sophos X-Ops testing not only indicates which models fare best in cybersecurity, but where cybersecurity fares best in AI

Security Sophos

Sophos named a Leader in the 2024 IDC MarketScape for Worldwide Modern Endpoint Security for Small Businesses

March 13, 2024 0 Comments EDR, Endpoint, featured, idc, mdr, products & services, security operations, Sophos Intercept X, XDR

Credit to Author: rajansanhotra| Date: Wed, 13 Mar 2024 10:40:56 +0000

This IDC MarketScape evaluates how their endpoint security vendors meet the needs of organizations with fewer than 100 employees.

Security Sophos

59 CVEs primed for Microsoft’s March Patch Tuesday

March 12, 2024 0 Comments CVE, Microsoft, Patch Tuesday, threat research

Credit to Author: Angela Gunn| Date: Tue, 12 Mar 2024 19:57:48 +0000

Just two critical-severity issues addressed, though Azure and OMI admins won’t want to delay patching this month