Detecting Mimikatz with Busylight

In 2015 Raphael Mudge released an article [1] that detailed that versions of mimikatz released after 8th of October, 2015 had a new module that was utilising certain types of external USB devices to flash lights in different colours if mimikatz was executed. The technique presented in the article required certain kind of busylights that … Continue reading Detecting Mimikatz with Busylight

Detecting and Protecting when Remote Desktop Protocol (RDP) is open to the Internet

Category:  Detection/Reduction/Prevention Overview Remote Desktop Protocol (RDP) is how users of Microsoft Windows systems can get a remote desktop on systems remotely to manage one or more workstations and/or servers.¬† With the increase of organizations opting for remote work, so to has RDP usage over the internet increased.¬†However, RDP was not initially designed with the … Continue reading Detecting and Protecting when Remote Desktop Protocol (RDP) is open to the Internet