-
July Windows Server updates break Remote Desktop connections
Microsoft has confirmed that July's security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote Desktop Gateway.
- July 26, 2024
- 01:22 PM
1
-
New RDStealer malware steals from drives shared over Remote Desktop
A cyberespionage and hacking campaign tracked as 'RedClouds' uses the custom 'RDStealer' malware to automatically steal data from drives shared through Remote Desktop connections.
- June 20, 2023
- 09:00 AM
0
-
Sponsored Content
Free shadow SaaS inventory + security insightsDiscover all SaaS accounts ever created by anyone in your org, in minutes, along with insights on security risks and spend. Save time, money and effort by curbing SaaS sprawl and automating tasks like offboarding and user access reviews. Free trial.
-
RDP honeypot targeted 3.5 million times in brute-force attacks
Remote desktop connections are so powerful a magnet for hackers that an exposed connection can average more than 37,000 times every day from various IP addresses.
- June 13, 2023
- 03:38 AM
- 2
-
Sponsored Content
Lessons Learned from the Windows Remote Desktop Honeypot Report
Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their Windows Remote Desktop honeypot system. Here is what they learned.
- January 25, 2023
- 10:06 AM
- 0
-
All Windows versions can now block admin brute-force attacks
Microsoft announced today that IT admins can now configure any Windows system still receiving security updates to automatically block brute force attacks targeting the built-in Administrator account via a group policy.
- October 11, 2022
- 05:18 PM
- 10
-
Windows 10 KB5017380 preview update released with new FIDO2 features
Microsoft has released the optional KB5017380 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 with new FIDO2 and Windows Hello features.
- September 20, 2022
- 05:50 PM
- 4
-
Automotive supplier breached by 3 ransomware gangs in 2 weeks
An automotive supplier had its systems breached and files encrypted by three different ransomware gangs over a two-week span in May, two of the attacks happening within just two hours.
- August 10, 2022
- 05:07 PM
- 0
-
Windows 11 now blocks RDP brute-force attacks by default
Recent Windows 11 builds now come with the Account Lockout Policy policy enabled by default which will automatically lock user accounts (including Administrator accounts) after 10 failed sign-in attempts for 10 minutes.
- July 21, 2022
- 07:35 AM
- 2
-
June Windows preview updates fix VPN, RDP, RRAS, and Wi-Fi issues
The optional Windows update previews released by Microsoft this week come with more than the regular performance improvements and bug fixes.
- June 24, 2022
- 06:11 AM
- 0
-
Recent Windows Server updates break VPN, RDP, RRAS connections
This month's Windows Server updates are causing a wide range of issues for administrators, including VPN and RDP connectivity problems on servers with Routing and Remote Access Service (RRAS) enabled.
- June 20, 2022
- 02:20 PM
- 13
-
Emergency Windows Server update fixes Remote Desktop issues
Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues.
- January 04, 2022
- 06:51 PM
- 7
-
Fake Amnesty International Pegasus scanner used to infect Windows
Threat actors are trying to capitalize on the recent revelations on Pegasus spyware from Amnesty International to drop a less-known remote access tool called Sarwent.
- September 30, 2021
- 03:32 PM
- 0
-
Hackers scan for vulnerable devices minutes after bug disclosure
Every hour, a threat actor starts a new scan on the public web for vulnerable systems, moving at a quicker pace than global enterprises when trying to identify serious vulnerabilities on their networks.
- May 19, 2021
- 08:57 AM
- 0
-
Logins for 1.3 million Windows RDP servers collected from hacker market
The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials.
- April 21, 2021
- 11:15 AM
- 3
-
Windows Remote Desktop servers now used to amplify DDoS attacks
Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks.
- January 21, 2021
- 02:18 PM
- 0
-
U.K. warns of surge in ransomware threats against education sector
The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware incidents targeting educational institutions, urging them to follow the recently updated recommendations for mitigating malware attacks.
- September 18, 2020
- 12:03 AM
- 0
-
Iranian hackers attack exposed RDP servers to deploy Dharma ransomware
Low-skilled hackers likely from Iran have joined the ransomware business targeting companies in Russia, India, China, and Japan. They are going after easy hits, using publicly available tools in their activity.
- August 24, 2020
- 05:12 AM
- 1
-
eToro accounts peddled by the thousands on cybercrime forums
A threat actor is peddling 62,000 active eToro accounts on a known cybercrime forum. They are also likely collaborating with REvil ransomware on the corporate intrusion front.
- July 10, 2020
- 01:02 PM
- 0
-
Over 100k daily brute-force attacks on RDP in pandemic lockdown
The number of daily brute-force attacks against Windows remote desktop service has almost doubled during the pandemic lockdown, telemetry data shows.
- June 29, 2020
- 05:30 AM
- 0
-
RDP brute-force attacks are skyrocketing due to remote working
Internet-exposed and poorly configured RDP servers from all over the globe are the target of an increasing number of brute-forcing attacks that have started since the beginning of March.
- April 29, 2020
- 01:00 PM
- 0
