What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary […]
Continue Reading-
Remote Desktop Protocol: Exposed RDP (is dangerous)
Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data […]
Continue Reading -
Remote Desktop Protocol: How to Use Time Zone Bias
Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Remote Desktop Protocol: Queries for Investigation
How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits Contact us today for more information about SOPHOS cyber […]
Continue Reading -
Remote Desktop Protocol: Executing the 4624_4625 Login Query
Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts Contact us today for more information […]
Continue Reading -
Remote Desktop Protocol: Executing the External RDP Query
On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started) Contact us today for more information […]
Continue Reading -
An open-source ML toolkit for automatically generating YARA rules
The SophosAI Artificial Intelligence team has developed a machine-learning based tool that generates YARA rules for detecting specific types of threats Contact us today for more information about SOPHOS cyber […]
Continue Reading
You must be logged in to post a comment.