data theft

jake

Detecting RDP attacks with NetFlow and metadata

An ever increasing attack vector in the healthcare industry are attacks against open or unsecured RDP connections that allow a bad actor to gain a foothold into the network and use this to propagate malware or export the client via ransomware. In this blog, you’ll find some simple-to-follow workflows that you can use to identify …

Detecting RDP attacks with NetFlow and metadata Read More »

jake

Detecting IP spoofing with Plixer Scrutinizer and Endpoint Analytics

A common tactic for bad actors to get a foothold into the network is to leverage IP spoofing to either: Regardless of the intention, IP spoofing can be a hard problem to track down if you don’t have proper monitoring in place. Today I will go over how this tactic can easily be detected and …

Detecting IP spoofing with Plixer Scrutinizer and Endpoint Analytics Read More »

Detecting Data Exfiltration with NetFlow and Packet Capture

When it comes to understanding data exfiltration, you need to be able to see the whole picture. But most of us have been viewing it from our old 20th-century monitors that just can’t do this. Well, it’s time for an upgrade. With today’s advancements in NetFlow and metadata exports from a variety of vendors, there …

Detecting Data Exfiltration with NetFlow and Packet Capture Read More »