An ever increasing attack vector in the healthcare industry are attacks against open or unsecured RDP connections that allow a bad actor to gain a foothold into the network and use this to propagate malware or export the client via ransomware. In this blog, you’ll find some simple-to-follow workflows that you can use to identify …
A common tactic for bad actors to get a foothold into the network is to leverage IP spoofing to either: Regardless of the intention, IP spoofing can be a hard problem to track down if you don’t have proper monitoring in place. Today I will go over how this tactic can easily be detected and …
Detecting IP spoofing with Plixer Scrutinizer and Endpoint Analytics Read More »
In a new series of blogs, we will go over some recent data breaches and how metadata analysis could have helped with the detection and mitigation of certain events.
Corporate data theft is nothing new. In fact, according to a study conducted by McAfee, “[a] majority of IT professionals have experienced at least one data breach during their careers—61% at their current company and 48% at a previous company.” This is an alarming reality, but it’s one that we can understand better to prevent future data breaches.
When it comes to understanding data exfiltration, you need to be able to see the whole picture. But most of us have been viewing it from our old 20th-century monitors that just can’t do this. Well, it’s time for an upgrade. With today’s advancements in NetFlow and metadata exports from a variety of vendors, there …
Detecting Data Exfiltration with NetFlow and Packet Capture Read More »