Anthony Kasza, Author at Security Boulevard
Introducing RDP Inferences

Introducing RDP Inferences

By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network traffic analysis (NTA) inferences on live RDP traffic.  Which inbound RDP connections were initiated by attack tools? Did ... Read More
Analyzing Encrypted RDP Connections

Analyzing Encrypted RDP Connections

By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work. Just like every other remote administration tool, RDP can be used for legitimate or malicious control of a ... Read More