RDP Archives - Securezoo

FBI: Cuba ransomware compromised 49 critical infrastructure entities

Cybersecurity Attacks, Malware / Frank Crast / December 4, 2021 / CobaltStrike, Cuba, Cyberattack, FBI, PowerSHell, PsExec, Ransomware, RDP

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert for ransomware attacks that have compromised 49 entities in five critical infrastructure sectors, such as financial, government, healthcare, manufacturing, and information technology.

FBI: Cuba ransomware compromised 49 critical infrastructure entities Read More »

Sarwent malware has new command functions, targets RDP

Malware / Frank Crast / May 27, 2020 / BlueKeep, RDP, Sarwent

Security researchers have discovered a new version of Sarwent malware that has new command functionality, such as executing PowerShell commands and preference for using RDP.

Sarwent malware has new command functions, targets RDP Read More »

Microsoft January 2020 Security Updates (includes fix for Windows CryptoAPI vulnerability)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / January 15, 2020 / .NET, ASP.NET, CryptoAPI, Internet Explorer, Microsoft, OneDrive, RDP

Microsoft issued the January 2020 Security Updates that include 49 unique vulnerability fixes, 8 of those rated critical and 29 rated important. One of the patches addresses a CryptoAPI Spoofing vulnerability CVE-2020-0601. DHS CISA also issued an emergency directive with recommendations to patch this Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client.

Microsoft January 2020 Security Updates (includes fix for Windows CryptoAPI vulnerability) Read More »

GoldBrute botnet targets 1.5M exposed RDP servers

Configuration Management, Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / Frank Crast / June 7, 2019 / BlueKeep, Brute Force, CVE-2019-0708, GoldBrute, malware, Morphus Labs, RDP

A new botnet dubbed “GoldBrute” targets 1.5 million publicly exposed RDP servers on the internet via brute force attack.

GoldBrute botnet targets 1.5M exposed RDP servers Read More »

BlueKeep scanning activity picks up

Vulnerabilities & Exploits / Frank Crast / May 27, 2019 / BlueKeep, CVE-2019-0708, RDP, Windows

Security experts have been warning about bad actors soon developing exploits for a BlueKeep vulnerability that was patched by Microsoft earlier this month. Exploits in the wild are likely closer than ever after one security company spotted a huge uptick in scanning for BlueKeep over the weekend.

BlueKeep scanning activity picks up Read More »

SamSam ransomware threat

Cybersecurity Attacks, Malware / Frank Crast / December 4, 2018 / DHS, FBI, Ransomware, RDP, SamSam, Vulnerabilities, Windows

The Department of Homeland Security and the Federal Bureau of Investigation issued a security alert warning bad actors are using SamSam ransomware to target industries across the United States and worldwide.

SamSam ransomware threat Read More »

Microsoft fixes CredSSP vulnerability

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / March 23, 2018 / CredSSP, Microsoft, RDP, Vulnerabilities

Microsoft issued new security guidance on the Credential Security Support Provider protocol (CredSSP) vulnerability (CVE-2018-0886) that could allow remote code execution. As part of the updates, Microsoft plans to soon prevent un-patched RDP clients (that uses CredSSP) from authenticating to Windows.

Microsoft fixes CredSSP vulnerability Read More »