all InfoSec news
Question about RDP - Yes 1149,21,22 But No 4624
Jan. 31, 2024, 3:10 p.m. | /u/DeadBirdRugby
Computer Forensics www.reddit.com
I was wondering if I could pick your brain on something:
I've got a case where there is suspected RDP access between two devices. On the triage image for the destination device we see EventID 1149 as well as Event ID 21 and 22, but no 4624. I was wondering if anyone had any insight as to why we might see Event IDs for the Network Connection (1149) as well as the Logon (21 and 22), …
access brain case community computerforensics device devices dfir event good image question rdp rdp access triage yes
More from www.reddit.com / Computer Forensics
Best training for mobile forensics and car forensics
1 day, 17 hours ago |
www.reddit.com
Doing a DFIR Job survey for 2024
2 days, 16 hours ago |
www.reddit.com
Replace our existing Forensics Software
4 days, 13 hours ago |
www.reddit.com
Certifications/Course
4 days, 22 hours ago |
www.reddit.com
From IcedID to Dagon Locker Ransomware in 29 Days
4 days, 23 hours ago |
www.reddit.com
Existing IT experience - how to move into Forensics?
1 week, 2 days ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Network Security Administrator
@ Peraton | United States
IT Security Engineer 2
@ Oracle | BENGALURU, KARNATAKA, India
Sr Cybersecurity Forensics Specialist
@ Health Care Service Corporation | Chicago (200 E. Randolph Street)
Security Engineer
@ Apple | Hyderabad, Telangana, India
Cyber GRC & Awareness Lead
@ Origin Energy | Adelaide, SA, AU, 5000
Senior Security Analyst
@ Prenuvo | Vancouver, British Columbia, Canada