IC3 Issues Alert on RDP Exploitation
In Summary : Original release date: September 28, 2018 The Internet Crime Complaint Center (IC3), in collaboration with DHS and the Federa...
https://updatesinfosec.blogspot.com/2018/10/ic3-issues-alert-on-rdp-exploitation_1.html
In Summary :
Original release date: September 28, 2018
The Internet Crime Complaint Center (IC3), in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol (RDP). Threat actors identify and exploit vulnerable RDP sessions to facilitate credential theft and ransomware infection.NCCIC encourages users and administrators to review the IC3 Alert (https://www.ic3.gov/media/2018/180927.aspx) and the NCCIC Tips on Securing Network Infrastructure Devices (https://www.us-cert.gov/ncas/tips/ST18-001) and Choosing and Protecting Passwords (https://www.us-cert.gov/ncas/tips/ST04-002). If you believe you are a victim of cybercrime, file a complaint with IC3 at www.ic3.gov (https://www.ic3.gov/default.aspx).
This product is provided subject to this Notification (http://www.us-cert.gov/privacy/notification) and this Privacy & Use (http://www.us-cert.gov/privacy/) policy. [...]
kindly refer the following link as follow up :
https://www.us-cert.gov/ncas/current-activity/2018/09/28/IC3-Issues-Alert-RDP-Exploitation
Original release date: September 28, 2018
The Internet Crime Complaint Center (IC3), in collaboration with DHS and the Federal Bureau of Investigation, has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol (RDP). Threat actors identify and exploit vulnerable RDP sessions to facilitate credential theft and ransomware infection.NCCIC encourages users and administrators to review the IC3 Alert (https://www.ic3.gov/media/2018/180927.aspx) and the NCCIC Tips on Securing Network Infrastructure Devices (https://www.us-cert.gov/ncas/tips/ST18-001) and Choosing and Protecting Passwords (https://www.us-cert.gov/ncas/tips/ST04-002). If you believe you are a victim of cybercrime, file a complaint with IC3 at www.ic3.gov (https://www.ic3.gov/default.aspx).
This product is provided subject to this Notification (http://www.us-cert.gov/privacy/notification) and this Privacy & Use (http://www.us-cert.gov/privacy/) policy. [...]
kindly refer the following link as follow up :
https://www.us-cert.gov/ncas/current-activity/2018/09/28/IC3-Issues-Alert-RDP-Exploitation
