RD Web Access abuse: Fighting back
Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 18:59:54 +0000
Investigation insights and recommendations from a recent welter of incident-response cases
Read moreCredit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 18:59:54 +0000
Investigation insights and recommendations from a recent welter of incident-response cases
Read moreCredit to Author: Angela Gunn| Date: Wed, 03 Apr 2024 10:01:37 +0000
The latter half of 2023 found numerous fronts on which attackers failed to press ahead. Are defenders failing to take advantage?
Read moreCredit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:18:21 +0000
What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary Special Report
Read moreCredit to Author: Andrew Brandt| Date: Wed, 19 Apr 2023 10:00:43 +0000
Driver based attacks against security products are on the rise
Read moreCredit to Author: Sally Adam| Date: Tue, 04 Apr 2023 09:45:12 +0000
Slowed by multiple headwinds, defenders are falling behind while adversaries continue to accelerate. Organizations need to speed up the defender flywheel to enable them to pull ahead.
Read moreCredit to Author: gallagherseanm| Date: Thu, 18 Aug 2022 11:00:50 +0000
As organizations move to cloud services and multifactor authentication, cookies tied to identity and authentication give attackers a new path to compromise.
Read moreCredit to Author: Tilly Travers| Date: Tue, 07 Jun 2022 11:02:43 +0000
Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021
Read moreCredit to Author: Tilly Travers| Date: Thu, 17 Mar 2022 09:13:50 +0000
A collection of Sophos threat research articles and security operations reports related to new or prevalent ransomware groups from 2018 to the present. The content will be updated as new research is published
Read more