Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:18:21 +0000
What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary Special Report
Read more
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:16:34 +0000
Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data answers, loud and clear
Read more
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:15:12 +0000
How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits
Read more
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:13:08 +0000
Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs
Read more
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:11:40 +0000
Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts
Read more
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:09:06 +0000
On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started)
Read more
Credit to Author: gallagherseanm| Date: Thu, 25 Aug 2022 11:00:35 +0000
The SophosAI Artificial Intelligence team has developed a machine-learning based tool that generates YARA rules for detecting specific types of threats
Read more