APT40
China-Backed Threat Group Rapidly Exploits New Flaws: Agencies
APT40, a threat group backed by China's government, quickly adapts POC exploits of popular software like Microsoft Exchange and Log4j to attack corporate and government networks in the U.S., Australia, and elsewhere, ...
Nations come together to condemn China: APT31 and APT40
On Monday (19JUL2021) President Biden announced that the US and its allies were joining together to condemn and expose that China was behind a set of unprecedented attacks exploiting vulnerabilities in Microsoft ...
Introducing RDP Inferences
By Anthony Kasza, Technical Director, Corelight Corelight recently released a new package, focused on RDP inferences, as part of our Encrypted Traffic Collection. This package runs on Corelight Sensors and provides network ...
Analyzing Encrypted RDP Connections
By Anthony Kasza, Corelight Security Researcher Microsoft’s Remote Desktop Protocol (RDP) is used to remotely administer systems within Windows environments. RDP is everywhere Windows is and is useful for conducting remote work ...
Cyber Security Roundup for February 2020
A roundup of UK focused cyber and information security news stories, blog posts, reports and threat intelligence from the previous calendar month, January 2020.After years of dither and delay the UK government ...