RD Web Access abuse: Fighting back
Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 18:59:54 +0000
Investigation insights and recommendations from a recent welter of incident-response cases
Read moreRDP
It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024
Credit to Author: Angela Gunn| Date: Wed, 03 Apr 2024 10:01:37 +0000
The latter half of 2023 found numerous fronts on which attackers failed to press ahead. Are defenders failing to take advantage?
Read moreRemote Desktop Protocol: The Series
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:18:21 +0000
What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary Special Report
Read moreRemote Desktop Protocol: Exposed RDP (is dangerous)
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:16:34 +0000
Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data answers, loud and clear
Read moreRemote Desktop Protocol: Queries for Investigation
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:15:12 +0000
How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits
Read moreRemote Desktop Protocol: How to Use Time Zone Bias
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:13:08 +0000
Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs
Read moreRemote Desktop Protocol: Executing the 4624_4625 Login Query
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:11:40 +0000
Keeping an eye on who’s trying to get onto your network – whether or not they’re successful – can pay off on multiple fronts
Read moreRemote Desktop Protocol: Executing the External RDP Query
Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:09:06 +0000
On the hunt for successful RDP connections that have entered your network from outside? A step-by-step guide (and a query to get you started)
Read moreEuropol lifts the lid on cybercrime tactics
Categories: News Categories: Ransomware Tags: Europol Tags: Phishing Tags: RDP Tags: VPN Tags: Exchange Tags: LOTL Tags: BEC Tags: ransomware Tags: IAB Tags: crypter Tags: Flubot A Europol report discusses developments in cyberattacks, new methodologies, and threats as observed by Europol’s operational analysts. |
The post Europol lifts the lid on cybercrime tactics appeared first on Malwarebytes Labs.
Read moreTime keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders
Credit to Author: Angela Gunn| Date: Wed, 23 Aug 2023 10:01:02 +0000
A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace
Read more