RDP – Page 4 – Computer Security Articles

Threat spotlight: Phobos ransomware lives up to its name

January 10, 2020 admin brute force, coveware, crysis, crysis ransomware, dharma, Dharma Ransomware, disorganised crime, mfa, Multi-Factor Authorization, Phobos, phobos nextgen, phobos notdharma, phobos ransomware, raas, ransomware, Ransomware as a Service, RDP, Remote Desktop Protocol, server message block, SMB, Sodinokibi, threat spotlight, virtual private networks, VPN

Credit to Author: Jovi Umawing| Date: Fri, 10 Jan 2020 18:04:44 +0000

Phobos, which many believe was named after the Greek god of fear, isn’t as widespread as it was before nor is it more novel than your average ransomware. Yet, it remains a threat to consumers and businesses alike. We dive into Phobos ransomware and show users how to face their fears and protect against it.

Categories:

Threat spotlight

Tags: brute force coveware crysis crysis ransomware dharma Dharma ransomware disorganised crime mfa Multi-Factor Authorization Phobos Phobos NextGen Phobos NotDharma Phobos ransomware raas ransomware Ransomware as a Service rdp remote desktop protocol Server Message Block SMB Sodinokibi virtual private networks vpn

Security Sophos

MyKings botnet spreads headaches, cryptominers, and Forshare malware

December 18, 2019 admin cryptominers, darkcloud, forshare, ipc, monero, ms-sql, mykings, MySQL, RDP, smominru, SophosLabs Uncut, SSH, telnet, wmi

Credit to Author: Gabor Szappanos| Date: Wed, 18 Dec 2019 14:16:38 +0000

All this trouble just for some Monero<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Bs6eVtcm9SE” height=”1″ width=”1″ alt=””/>

MalwareBytes Security

Threat spotlight: The curious case of Ryuk ransomware

December 12, 2019 admin AES, average ransom amount, bitpaymer, BitPaymer ransomware, cryptotech, death note, emotet, far eastern international bank, feib, gabriela nicolao, gandcrab, Hermes, hermes 2.1, luciano martins, pseudo-ransomware, ransom.ryuk, RDP, Remote Desktop Protocol, RSA, russian threat actors, ryuk, Ryuk Ransomware, shinigami’s revenge: the long tail of the ryuk ransomware, threat spotlight, tribune publishing, trickbot, wake-on-lan, wizard spider, wol

Credit to Author: Jovi Umawing| Date: Thu, 12 Dec 2019 22:33:53 +0000

From comic book death god to ransomware baddie, Ryuk ransomware remains a mainstay when organizations find themselves in a crippling malware pinch. We look at Ryuk’s origins, attack methods, and how to protect against this ever-present threat.

Categories:

Threat spotlight

Tags: AES average ransom amount BitPaymer BitPaymer ransomware CryptoTech Death Note emotet Far Eastern International Bank FEIB Gabriela Nicolao gandcrab Hermes Hermes 2.1 Luciano Martins pseudo-ransomware Ransom.Ryuk rdp remote desktop protocol RSA Russian threat actors ryuk Ryuk ransomware Shinigami’s revenge: the long tail of the Ryuk ransomware tribune publishing trickbot Wake-on-LAN Wizard Spider WoL

Security Sophos

How the most damaging ransomware evades IT security

November 14, 2019 admin brute force, cryptoworm, EternalBlue, Privilege Escalation, raas, ransomware, RDP, SMB, SophosLabs Uncut

Credit to Author: Mark Loman| Date: Thu, 14 Nov 2019 13:50:28 +0000

This article is a condensed version of our report How Ransomware Behaves: What defenders should know about the top families<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-0DnxPzSZek” height=”1″ width=”1″ alt=””/>

Security Sophos

SophosLabs surveys the threat landscape for 2020 trends

November 5, 2019 admin 2020, Android malware, automated active attacks, Cloud Security, living-off-the-land, ransomware, RDP, report, sophos threat report, SophosLabs Uncut, threat

Credit to Author: Andrew Brandt| Date: Tue, 05 Nov 2019 13:50:31 +0000

SophosLabs this morning published its annual assessment on the state of internet and information security, and our outlook on what security threats are likely to affect the world in the coming year: the SophosLabs 2020 Threat Report, available for download now. This year, our report broadens the scope of our analysis to cover topics beyond […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/tFcwsfiM20g” height=”1″ width=”1″ alt=””/>

Security Sophos

August, 2019 Patch Tuesday Targets Remote Desktop and Active Directory

August 30, 2019 admin ChakraCore, DHCP, Edge, Hyper-V, Internet Explorer, Patch Tuesday, RDP, SophosLabs Uncut, windows

Credit to Author: SophosLabs Offensive Security| Date: Fri, 30 Aug 2019 16:28:14 +0000

Among the 94 vulnerabilities fixed this month by Microsoft, 29 are rated as Critical. Most importantly, the Remote Desktop Protocol (RDP) and its associated service (RDS) collect a total of 6 CVEs, which seems to show a renewed interest in the RDP protocol by vulnerability researchers; two of those classified as wormable (CVE-2019-1181 and CVE-2019-1182) […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/1hDq4cmGQ80″ height=”1″ width=”1″ alt=””/>

MalwareBytes Security

Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability

May 23, 2019 admin cybercrime, exploit, Exploits, patching, RDP, Remote Desktop Protocol, Vulnerability, WannaCry, Windows 7, Windows 8, windows server 2003, windows server 2008, Windows XP, worm

Credit to Author: Malwarebytes Labs| Date: Wed, 15 May 2019 16:57:16 +0000

This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Categories:

Tags: exploit patching rdp remote desktop protocol vulnerability WannaCry windows 7 windows 8 windows server 2003 windows server 2008 windows xp worm

QuickHeal Security

CVE-2019-0708 – A Critical “Wormable” Remote Code Execution Vulnerability in Windows RDP

May 16, 2019 admin advisory, ransomware, RDP, Vulnerability, Windows update

Credit to Author: Sushmita Kalashikar| Date: Fri, 17 May 2019 06:06:20 +0000

This is an important security advisory related to a recently patched Critical remote code execution vulnerability in Microsoft Windows Remote Desktop Service (RDP). The vulnerability is identified as “CVE-2019-0708 – Remote Desktop Services Remote Code Execution Vulnerability”. MSRC blog mentions This vulnerability is pre-authentication and requires no user interaction. In other…