Over 100k daily brute-force attacks on RDP in pandemic lockdown

Posted by & filed under Security News.

The number of daily brute-force attacks against Windows remote desktop service has almost doubled during the pandemic lockdown, telemetry data shows. With the increase of remote workers during the COVID-19 period, many users no longer relied on the infrastructure monitored by the company to access sensitive information on the network. Thousands of daily attacks Personal… Read more »

Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable

Posted by & filed under Security Alerts.

Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft’s Remote Desktop Protocol, Microsoft though  had patched the vulnerability (CVE-2019-0887) as part of its July 2019 Patch Tuesday update, it turns out researchers were able to bypass the patch just by replacing the… Read more »

Two Unpatched Critical RCE Flaws Disclosed in rConfig

Posted by & filed under Security Alerts.

If you’re using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you. A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow unauthenticated… Read more »

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Posted by & filed under Security Alerts.

Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining. In May this year, Microsoft released a patch for a highly-critical remote code execution flaw, dubbed BlueKeep, in its Windows… Read more »

Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions

Posted by & filed under Security Alerts.

A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol (RDP).  Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop (RD) sessions. Discovered by Joe Tammariello of Carnegie Mellon University Software Engineering Institute (SEI), the flaw exists when Microsoft Windows… Read more »