RDP – Page 17 – WindowsTechs.com

BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable

Posted on May 29, 2019 by Zeljka Zorz

Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable unauthenticated remote code execution flaw in Remote Desktop Services (RDP). The vulnera… Continue reading BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable→

Serious Security: Don’t let your SQL server attack you with ransomware

Posted on May 25, 2019 by Paul Ducklin

Tales from the honeypot: this time a MySQL-based attack. Old tricks still work, because we’re still making old mistakes – here’s what to do. Continue reading Serious Security: Don’t let your SQL server attack you with ransomware→

If you haven’t yet patched the BlueKeep RDP vulnerability, do so now

Posted on May 23, 2019 by Zeljka Zorz

There is still no public, working exploit code for CVE-2019-0708, a flaw that could allow an unauthenticated remote attacker to execute remote code on a vulnerable target running Remote Desktop Protocol (RDP). But, as many infosec experts have noted, w… Continue reading If you haven’t yet patched the BlueKeep RDP vulnerability, do so now→

UPDATE NOW! Critical, remote, ‘wormable’ Windows vulnerability

Posted on May 15, 2019 by Mark Stockley

Microsoft has fixed an RDP vulnerability that can be exploited remotely, without authentication and used to run arbitrary code. Continue reading UPDATE NOW! Critical, remote, ‘wormable’ Windows vulnerability→

Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities

Posted on May 15, 2019 by Zeljka Zorz

For May 2019 Patch Tuesday, Microsoft has released fixes for 79 vulnerabilities, 22 of which are deemed critical. Among the fixes is that for CVE-2019-0708, a “wormable” RDP flaw that is expected to be weaponised by attackers very soon. Abo… Continue reading Microsoft plugs wormable RDP flaw, new speculative execution side channel vulnerabilities→

Best practice RDP access on Windows

Posted on May 15, 2019 by Denis Murphy

Should vanilla RDP be enabled on Windows client? What is considered to be the best practice?

Default RDP to TLS 1.2
Remote Desktop Gateway (Requires Windows Server)
Tunnel RDP over SSH
Disable RDP don’t use it

Continue reading Best practice RDP access on Windows→

Is it possible for specific event logs to have been deleted?

Posted on April 25, 2019 by S.C.

I’m analyzing several hacked machines on our network. On the original hacked machine, I’ve found event logs indicating a series of successful RDP connections to other machines, but when I go to those machines and check the RD… Continue reading Is it possible for specific event logs to have been deleted?→

Steps to Harden Ancient Gaming Server

Posted on April 10, 2019 by JaReg

I am somewhat administering an old Windows Server 2008 server that is used to host a older Video Game.

It’s in such a state that it has tons of custom code on it that run the server and hasn’t really been maintained.

We rec… Continue reading Steps to Harden Ancient Gaming Server→

Finding the reason behind an RDP Certificate Change (man in the middle attack?)

Posted on March 31, 2019 by Lonnie Best

I’ve installed some new networking equipment: firewall, switches, vlans, etc. I won’t mention the brand name here, because I don’t want to cause them harm by my suspicions.

Right after doing this, I was able to RDP to a serv… Continue reading Finding the reason behind an RDP Certificate Change (man in the middle attack?)→

Windows Remote Desktop access modes and security/functionality? [on hold]

Posted on February 23, 2019 by Hilo21

What are the security implications of running a Windows RDS farm vs. just using RDP for remote administration?

Continue reading Windows Remote Desktop access modes and security/functionality? [on hold]→