Detecting and Protecting when Remote Desktop Protocol (RDP) is open to the Internet

Category: Detection/Reduction/Prevention Overview Remote Desktop Protocol (RDP) is how users of Microsoft Windows systems can get a remote desktop on systems remotely to manage one or more workstations and/or servers. With the increase of organizations opting for remote work, so to has RDP usage over the internet increased. However, RDP was not initially designed with the … Continue reading Detecting and Protecting when Remote Desktop Protocol (RDP) is open to the Internet →

Detecting and Hunting for the Malicious NetFilter Driver

Category: Detection and Threat Hunting Overview During the week of June 21st, 2021, information security researchers from G Data discovered that a driver for Microsoft Windows named “netfilter.sys” had a backdoor added by a 3rd party that Microsoft then signed as a part of the Microsoft OEM program. The malicious file is installed on a … Continue reading Detecting and Hunting for the Malicious NetFilter Driver →