Detects potential use of an SSH utility to establish RDP over a reverse SSH Tunnel. This can be used by attackers to enable routing of network packets that would otherwise not reach their intended destination.
Read MoreDetects a remote file copy attempt to a hidden network share. This may indicate lateral movement or data staging activity.
Read More