RDP Archives - United Imaging

RD Web Access abuse: Fighting back

by unitedimaging on June 12, 2024

Investigation insights and recommendations from a recent welter of incident-response cases Contact us today for more information about SOPHOS cyber security solutions

It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024

by unitedimaging on April 3, 2024

The latter half of 2023 found numerous fronts on which attackers failed to press ahead. Are defenders failing to take advantage? Contact us today for more information about SOPHOS cyber […]

Remote Desktop Protocol: The Series

by unitedimaging on March 20, 2024

What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary […]

Remote Desktop Protocol: Exposed RDP (is dangerous)

by unitedimaging on March 20, 2024

Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data […]

Remote Desktop Protocol: How to Use Time Zone Bias

by unitedimaging on March 20, 2024

Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs Contact us today for more information about SOPHOS cyber security solutions

Remote Desktop Protocol: Queries for Investigation

by unitedimaging on March 20, 2024

How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits Contact us today for more information about SOPHOS cyber […]

Remote Desktop Protocol: Executing the 4624_4625 Login Query

by unitedimaging on March 20, 2024

Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts Contact us today for more information […]

Remote Desktop Protocol: Executing the External RDP Query

by unitedimaging on March 20, 2024

On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started) Contact us today for more information […]

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

by unitedimaging on August 23, 2023

A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace Contact us today for more information about SOPHOS […]

Network security best practices for the holiday season

by unitedimaging on December 19, 2022

Tips to better protect your network while you take some well-deserved time out. Contact us today for more information about SOPHOS cyber security solutions

MyKings botnet spreads headaches, cryptominers, and Forshare malware

by unitedimaging on December 18, 2019

There’s a pretty good chance everyone who reads this story will have had some degree of interaction with a botnet we call MyKings (and others call DarkCloud or Smominru), whether […]