This is an exploit to gain access to a corporate network through an employee’s unmanaged personal computer via a Citrix XenDesktop VDI. Intro I’m frustrated by the sales pitch for XenDesktop and am concerned for those who have bought into the misleading claim that it is “safe from hackers and protecting the corporate network from […]
Blog
Traditional IOCs Suck
Traditional IOCs are lame. Don’t waste your time on traditional Indicators Of Compromise (IOCs) – IPs, domains, URLs, hashes, filenames, etc.. Seriously, buy a vendor product and/or feed that gives you this capability. The payback of traditional IOCs catching commodity malware is low. The payback when it comes to detecting advanced and/or targeted threats with traditional […]