What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary […]
Continue Reading-
Remote Desktop Protocol: Exposed RDP (is dangerous)
Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data […]
Continue Reading -
Remote Desktop Protocol: How to Use Time Zone Bias
Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Remote Desktop Protocol: Queries for Investigation
How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits Contact us today for more information about SOPHOS cyber […]
Continue Reading -
Remote Desktop Protocol: Executing the 4624_4625 Login Query
Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts Contact us today for more information […]
Continue Reading -
Remote Desktop Protocol: Executing the External RDP Query
On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started) Contact us today for more information […]
Continue Reading -
The 2024 Sophos Threat Report: Cybercrime on Main Street
Ransomware remains the biggest existential cyber threat to small businesses, but others are growing. Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
It’ll be back: Attackers still abusing Terminator tool and variants
First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions […]
Continue Reading -
ConnectWise ScreenConnect attacks deliver malware
Multiple attacks exploit vulnerabilities in an IT remote access tool to deliver a variety of different payloads into business environments Contact us today for more information about SOPHOS cyber security […]
Continue Reading -
Safer Internet Day is as important as ever
Use this timely reminder to protect yourself on the internet Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Cryptocurrency scams metastasize into new forms
“DeFi mining” scams adopted by pig-butchering rings create more problems for those trying to defend against them. Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
“Inhospitality” malspam campaign targets hotel industry
Social engineering drives password-stealing malware attack against the front desk Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Press and pressure: Ransomware gangs and the media
Sophos X-Ops explores the symbiotic – but often uneasy – relationship between ransomware gangs and the media, and how threat actors are increasingly seeking to wrest control of the narrative […]
Continue Reading -
Cybercriminals can’t agree on GPTs
Despite concern over illicit applications of ChatGPT and similar models, Sophos X-Ops’ exploration of cybercrime forums suggests many threat actors are still skeptical – and wrestling with the same issues […]
Continue Reading -
Memory scanning leaves attackers nowhere to hide
Sophos X-Ops takes an in-depth look at memory scanning and why it matters Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Ransomware actor exploits unsupported ColdFusion servers—but comes away empty-handed
Multiple LockBit knock-off attacks in September targeting obsolete software foiled, exposing tactics and tools. Contact us today for more information about SOPHOS cyber security solutions
Continue Reading
You must be logged in to post a comment.