Intense scanning activity detected for BlueKeep RDP flaw
Threat actors are actively scanning the web looking for Remote Desktop Protocol (RDP) services that are affected by the highly critical BlueKeep security flaw. The vulnerability, tracked as CVE-2019-0708, impacts RDP implementations on Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 and other older Windows operating systems.
While Microsoft patched the flaw earlier this month and urged companies to urgently install the security fix, many systems undoubtedly remain vulnerable to the flaw that could allow attackers to carry out a massive attack involving self-replicating malicious code. Various security firms have developed exploits for the flaw, but have refrained from publishing these for security reasons.
Even though no actually attacks have been detected yet, infosec pros worry that the recent scanning activity, which started on Saturday, could be the first stage in a campaign targeting BlueKeep.