Jump to content
Sign in to follow this  
itman

Are You Still Not Convinced RDP Is A Major Vulnerability?

Recommended Posts

Posted (edited)

Kaspersky just released their 2018 Malware Incident Report today. Most notable is the following:

Quote

Adversary attack vectors

The remote management interface of the RDP service was used in the initial attack vector in one out of three incidents. In the majority of cases, an adversary successfully obtained a valid user’s credentials as a result of a brute-force attack on the RDP service. Such an attack usually lasted just a few hours because weak or dictionary passwords were used. In addition, in most cases the same credentials were used for authentication in different systems, so an attacker was able to reuse the usernames and passwords to access additional hosts.

In one third of attacks through remote management interfaces, the valid credentials were known to the intruder in advance (no brute-force attempts were detected). They were probably obtained using social engineering methods or were found on unsecured resources with public access (for example, if an employee used the same password to register on third party resources).

https://securelist.com/incident-response-analytics-report-2018/92732/

Also:

Quote

Yesterday McAfee Labs released a report on the cyber-threat landscape during the first quarter of 2019. Researchers recorded a worrying 118% growth in new ransomware samples, along with innovative changes in the codes and tactics used to execute it.

While spear-phishing remained popular, the ransomware currently going through a resurgence increasingly targets exposed remote access points like Remote Desktop Protocol (RDP).

RDP credentials can be cracked through a brute-force attack or bought in the cyber-criminal underground and then used to gain admin privileges, granting full rights to distribute and execute malware on corporate networks. 

https://www.infosecurity-magazine.com/news/the-great-big-ransomware-revival/

Edited by itman

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...