The dawn of our fifth year deepens our understanding of the enemies at the gate, and some tensions inside it; plus, an anniversary gift from us to you Contact us […]
Continue Reading-
The Bite from Inside: The Sophos Active Adversary Report
A sea change in available data fuels fresh insights from the first half of 2024 Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
December Patch Tuesday arrives bearing 71 gifts
Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
RD Web Access abuse: Fighting back
Investigation insights and recommendations from a recent welter of incident-response cases Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024
The latter half of 2023 found numerous fronts on which attackers failed to press ahead. Are defenders failing to take advantage? Contact us today for more information about SOPHOS cyber […]
Continue Reading -
Remote Desktop Protocol: The Series
What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary […]
Continue Reading -
Remote Desktop Protocol: Exposed RDP (is dangerous)
Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data […]
Continue Reading -
Remote Desktop Protocol: How to Use Time Zone Bias
Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Remote Desktop Protocol: Queries for Investigation
How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits Contact us today for more information about SOPHOS cyber […]
Continue Reading -
Remote Desktop Protocol: Executing the 4624_4625 Login Query
Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts Contact us today for more information […]
Continue Reading -
Remote Desktop Protocol: Executing the External RDP Query
On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started) Contact us today for more information […]
Continue Reading -
Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders
A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace Contact us today for more information about SOPHOS […]
Continue Reading -
Network security best practices for the holiday season
Tips to better protect your network while you take some well-deserved time out. Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
MyKings botnet spreads headaches, cryptominers, and Forshare malware
There’s a pretty good chance everyone who reads this story will have had some degree of interaction with a botnet we call MyKings (and others call DarkCloud or Smominru), whether […]
Continue Reading
You must be logged in to post a comment.