RDP – Page 3 – WindowsTechs.com

How much does access to corporate infrastructure cost?

Posted on June 15, 2022 by Sergey Shcherbel, Yuliya Novikova

What cybercriminals charge for the data of large companies on the dark web – a review of underground forum offers by category. Continue reading How much does access to corporate infrastructure cost?→

Intruder dwell time jumps 36%

Posted on June 8, 2022 by Help Net Security

Sophos released the Active Adversary Playbook 2022, detailing attacker behaviors that Sophos’ Rapid Response team saw in the wild in 2021. The findings show a 36% increase in dwell time, with a median intruder dwell time of 15 days in 2021 versus 11 da… Continue reading Intruder dwell time jumps 36%→

How to get the list of computers a user can RDP into using BloodHound?

Posted on June 1, 2022 by John

Using bloodhound I would like to find the list of all computers a user I.e "domain\ajohn" can RDP into.
I looked at:
match p=(g:Group)-[:CanRDP]->(c:Computer) where g.objectid ENDS WITH ‘-513’ AND NOT c.operatingsystem CONTAI… Continue reading How to get the list of computers a user can RDP into using BloodHound?→

Verizon 2022 DBIR: External attacks and ransomware reign

Posted on May 25, 2022 by Zeljka Zorz

There has been an alarming rise (13%) in ransomware breaches – a jump greater than the past 5 years combined, Verizon Business has revealed in its 2022 Data Breach Investigations Report (2022 DBIR). Verizon Business 2022 DBIR: Key findings Verizo… Continue reading Verizon 2022 DBIR: External attacks and ransomware reign→

Bruteforce on RDP [duplicate]

Posted on March 29, 2022 by Shofi

I have an internet-facing RDP server and getting constant brute force attacks trying random usernames and passwords. It’s Windows 2016 with remote desktop services enabled. What can I do to stop this attack and secure it properly?
Edit: I … Continue reading Bruteforce on RDP [duplicate]→

Okta names contractor involved in Lapsus$ gang’s attack

Posted on March 24, 2022 by Zeljka Zorz

Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. What happened? “Like many SaaS providers, Okta uses several companies (‘sub-processors’) to exp… Continue reading Okta names contractor involved in Lapsus$ gang’s attack→

How to protect Windows Remote Desktop Client from untrusted server

Posted on March 18, 2022 by Tilman Schmidt

We have blocked all direct connections from client computers to the Internet in our firewalls and only allow Internet access via http and https through a Squid proxy.
Now one of my users requests permission to use accounting software provi… Continue reading How to protect Windows Remote Desktop Client from untrusted server→

Top threats for the financial sector

Posted on March 15, 2022 by Help Net Security

The potential financial, operational, and reputational impact of ransomware makes it the top threat facing financial services organizations, according to a report from F-Secure. Phishing, exposed remote desktop protocol (RDP) ports, and the exploitatio… Continue reading Top threats for the financial sector→

March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server

Posted on March 8, 2022 by Zeljka Zorz

Microsoft marks March 2022 Patch Tuesday with patches for 71 CVE-numbered vulnerabilities, including three previously unknown “critical” ones and three “important” ones that were already public (but not actively exploited by att… Continue reading March 2022 Patch Tuesday: Microsoft fixes RCEs in RDP client, Exchange Server→

SDP solutions are true ZTNA solutions: They trust no one

Posted on March 2, 2022 by Helga Labus

In this interview with Help Net Security, Alissa Knight, cybersecurity influencer and partner at Knight Ink, explains why organizations should switch to SDP as opposed to VPN, and how this approach can help boost their cybersecurity posture. As the pan… Continue reading SDP solutions are true ZTNA solutions: They trust no one→