APT39

Introducing RDP Inferences

Introducing RDP Inferences

| | Alert AA21-131A, Announcements, APT39, APT40, Corelight Labs, Crowbar, DarkSide ransomware, Duo, Emotet, encrypted traffic, encrypted traffic collection, JA3, Matrix ransomware, network detection response, Network Security, network security monitoring, network traffic analysis, network visibility, Palo Alto Networks, RDP, RDPBCGR, Richard Bejtlich, rsa, RSAConference, Vern Paxson, Zeek, Zscaler
By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network ...
Bright Ideas Blog
Analyzing Encrypted RDP Connections

Analyzing Encrypted RDP Connections

| | APT39, APT40, Corelight Labs, encryption, Microsoft, MITRE ATT&CK, MS-RDPBCGR, MS-RDPEUDP, MS-RDPEUDP2, open source, powershell, RDP, SharpRDP, SSH, TCP, TLS, Windows, Zeek
By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work ...
Bright Ideas Blog
Cyber Security Roundup for January 2019

Cyber Security Roundup for January 2019

| | adobe, Apple, APT39, Cyber Crime, cyber security roundup, Hackers, iot, KwikFit, management, Microsoft, PewDiePie, Yahoo
The first month of 2019 was a relatively slow month for cyber security in comparison with the steady stream of cyber attacks and breaches throughout 2018. On Saturday 26th January, car services ...
IT Security Expert Blog