08 Nov 2019

Microsoft Warns of More Harmful Windows BlueKeep Attacks, Patch Now

Research by Microsoft shows that the new campaign in which attackers exploit RDP instances vulnerable to the BlueKeep vulnerability in order to install cryptojacking malware, is likely tied to a cryptojacking campaign observed in September of this year. BlueKeep is a critical remote code execution flaw affecting RDP services on

Read More
04 Nov 2019

The First BlueKeep Mass Hacking Is Finally Here—but Don’t Panic

Threat actors are actively exploiting the critical BlueKeep flaw that impacts Remote Desktop Protocol (RDP) implementations on unpatched older Windows operating systems. Microsoft and other companies have warned that the flaw, tracked as CVE-2019-0708, is very dangerous because it could be used by attackers to carry out a massive attack

Read More
23 Oct 2019

Outdated OSs Still Present in Many Industrial Organizations: Report

Systems running outdated Windows versions are present on 62% of industrial networks, although that number is 71% if Windows 7 is taken into account, a new report by CyberX shows. Microsoft will stop supporting Windows 7 in January of next year. Suspicious activity was detected on 22% of networks. Examples

Read More
09 Oct 2019

Microsoft Issues 9 Critical Security Patches

As part of this month’s patch Tuesday bulletin, Microsoft has released fixes for 59 security flaws, including 9 critical vulnerabilities. So far the tech giant hasn’t found evidence that any of the patched issues are being exploited in the wild. However, Microsoft warns that one remote code execution (RCE) flaw

Read More
26 Sep 2019

Organizations Warned of Dual Threat Posed by RDP and Disruptive Ransomware

Two separate reports shed light on the rise of ransomware attacks targeting organizations via Remote Desktop Protocol (RDP) instances. A paper[pdf] by the Institute for Critical Infrastructure Technology (ICIT) states that RDP/ransomware campaigns are increasingly disrupting business operations and pose “an existential threat to critical infrastructure operators.” ICIT notes that

Read More
17 Sep 2019

Most Cyber Attacks Focus on Just Three TCP Ports

Almost two in three (65%) cyber campaigns targeting small to mid-sized businesses (SMBs) attack one of three popular TCP ports, namely port 22 (SSH, 35%), port 80 (HTTP, 15%) and port 443 (HTTPS, 15%), a new report by Alert Logic found. The fourth most targeted port is 3389, which is

Read More
07 Jun 2019

New GoldBrute Botnet is Trying to Hack 1.5 Million RDP Servers

A researcher with Morphus Labs has uncovered a botnet that is scanning the Internet for Windows machines that have a poorly secured Remote Desktop Protocol (RDP) connection enabled. The botnet, dubbed GoldBrute, tries to obtain access to vulnerable machines by launching brute-forcing and credential stuffing attacks. GoldBrute has already identified

Read More
28 May 2019

Siemens Medical Products Affected by Wormable Windows Flaw

A Siemens investigation found that the recently discovered critical Windows security flaw known as BlueKeep impacts various medical devices produced by Siemens Healthineers, a Siemens division. The vulnerability, tracked as CVE-2019-0708, impacts RDP implementations on Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 and other older Windows operating

Read More
06 Feb 2019

RDP Servers Can Hack Client Devices: Researchers

Check Point researchers have found a whopping 25 security flaws affecting popular remote desktop protocol (RDP) software, 16 of which were labeled as “major”. RDP makes it possible to remotely operate devices on a network. RDP accounts are increasingly popular targets for cybercriminals, as obtaining access to one can give

Read More