Remote Desktop Protocol (RDP) are a fast-increasing attack vector to enterprise networks, due to the fact that corona made employees move their workstations from their offices to their home, which decreased the security normally implemented. Windows uses Remote Desktop Protocol (RPD) for remote connection to a server, as when employees …
How Syspeace Protects You From Ransomware Attacks Via RDP Read More…
Technology means endless opportunities, but also endless headaches. Scripting, machine learning, AIs and easier access to more advanced systems does not mean your every-day becomes easier – it also means that the every-day of the malicious hacker becomes easier. It is said that internet users have to keep track of …
Brute Force Attacks are on the rise – do I need a SIRP? Read More…
Syspeace’s way of detecting Windows logon failures is based on using the audit events produced by Windows. This is reliable and non-invasive, but in some cases, there are oddities. When a login succeeds or fails during Remote Desktop/Terminal Services authentication, the event is logged, but there is no reference to …
A comprehensive approach to detecting RDP login failures Read More…
Update to Syspeace 2.7.0! We highly recommend it. Why? It introduces improved support for detecting RDP login failures where the IP addresses are missing in the event log entries. For details, see the separate post A comprehensive approach to detecting RDP login failures. It includes a setting to mitigate repetitive …
