Cyber security news for all


    Pay Attention To Attacks That Use RDP Protocols

    The Remote Desktop Protocol (RDP) is a proprietary network protocol from Microsoft. RDP enables a person to control a computer’s resources and data over the Internet. This protocol enables complete control over the desktop of a remote machine by transmitting inputs such as mouse movements and keystrokes and by returning a graphical user interface.

    In order for a remote desktop connection to be established, the local and remote computers must authenticate themselves with a user name and password. Cyber actors can infiltrate the connection between the machines and inject malware or ransomware into the remote system. Attacks using the RDP protocol do not require user input, making intrusions difficult to detect.

    Deactivation Of RDP Access On Computers

    In a public warning: Remote administration tools, such as the RDP, have been on the upswing for 3 years, especially since RDP access data has been offered in the Darknet. Cyber criminals have developed methods to identify and use vulnerable RDP sessions over the Internet. This lets access to identities, steals credentials and removes other sensitive information. The Department of Homeland Security recommends companies and individuals to check what remote access their networks allow and what is possible with it. Then measures must be taken to reduce the likelihood of compromise. This also includes the deactivation of RDP access on computers if they are not required.

    RDP security

    Recommendations For Protection

    The use of RDP poses risks because it enables a system to be completely remote controlled. Therefore, RDP usage should be closely regulated, monitored and controlled. Experts recommend implementing the following best practices for protection against RDP-based attacks:

    Check your network for systems that use RDP for remote communication. Disable the service when you don’t need it or install available patches. Verify that all cloud-based instances of virtual machines with a public IP have no open RDP ports, unless there is a valid business reason.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox