Steve Elliott Presents at CRESTCon & IISP Congress 2015

19 Mar 2015

Following Steve Elliott's excellent blog released back in October 2014, he was selected to present at the CRESTCon & IISP Congress 2015 to discuss 'RDP Replay: The story behind the tool' on 18th March 2015.  If you managed to see the presentation and want to read the blog, click here.

For those that missed it, Steve's presentation explained the discovery of a mature APT (Advanced Persistent Threat); this led to the detection of other compromised computers in the enterprise, the discovery and processing of the C2 (Command and Control), through to eventual remediation. The presentation looked at RDP as a protocol, it's variants, how to process it, what was involved in dealing with the encryption, and what was in the encrypted data.  Steve also discussed some of the tools and techniques used by the threat actor, how they work, and the processing of their comms.

If you would like to discuss the tool in more detail please contact us and ask for one of our Response team.

CHECK IT Health Check Service
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider
ASSURE Cyber Supplier - CAA