RDP
CACTUS Qlik Ransomware: Vulnerabilities Exploited
A cyberattack campaign dubbed the CACTUS Qlik Ransomware has become prominent in ransomware attacks on BI systems. Researchers have warned of threat actors exploiting three Qlik security vulnerabilities to target different organizations ...
2021 Marred by Aggressive APTs; RDP Attacks up 897%
While much of the world tried to regain some semblance of normalcy in 2021 after the onset of the COVID-19 pandemic the year before, cyberattackers were hard at work ushering in the ...
World’s first 100G Zeek sensor
By Sarah Banks, Senior Director of Product Management, Corelight As we finished rolling out Corelight’s v21 software release, which saw the delivery of the world’s first 100G, 1U Zeek sensor, I was ...
Introducing RDP Inferences
By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network ...
Introducing the C2 Collection and RDP inferences
By Vince Stoffer, Senior Director, Product Management, Corelight We’re excited to announce that the Command and Control (C2) Collection is now available with today’s launch of version 21 of the Corelight software ...
C2 detections, RDP insights and NDR at 100G
By John Gamble, Director of Product Marketing, Corelight Today I am excited to announce Corelight’s v21 release, which delivers dozens of powerful C2 detections, extends analyst visibility around RDP connections, and helps ...
How the Cybersecurity Industry Changed in 2020
As a result of the global pandemic, rapid digital transformation has shifted the cybersecurity landscape into uncharted territory. The massive influx of data to the cloud as a result of the shift ...
RDP Attacks on the Rise During COVID-19 Pandemic
Enterprises forced to pivot to remote work environments in the wake of the COVID-19 pandemic may have exposed themselves to the potential for remote desktop protocol (RDP) attacks. When global lockdowns were ...
Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo
In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, ...
RDP Used by Iranian Actors in International Dharma Ransomware Attacks
Iranian actors leveraged the Remote Desktop Protocol (RDP) as part of an international campaign to target companies with Dharma ransomware. Group-IB uncovered the campaign while conducting an incident response engagement for a ...