9 matches found
Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks
APT group Earth Koshchei, suspected to be sponsored by the SVR, executed a large-scale rogue RDP campaign using spear-phishing emails, red team tools, and sophisticated anonymization techniques to target high-profile sectors...
A week in security (April 10 - 16)
Last week on Malwarebytes Labs: How the cops buy a "God view" of your location data, with Bennett Cyphers: Lock and Code S04E09 Apple releases emergency updates for two known-to-be-exploited vulnerabilities Don't plug your phone into a free charging station, warns FBI KFC, Pizza Hut owner employe...
Port scan attacks: Protecting your business from RDP attacks and Mirai botnets
Compromised IP addresses and domains--otherwise legitimate sites that are exploited by hackers without the owner's knowledge--are frequently utilized to conduct port scanning attacks. Port scanning involves systematically scanning a computer network for open ports, which can then be exploited by...
A week in security (July 25 - July 31)
Last week on Malwarebytes Labs: Update Google Chrome now! New version includes 11 important security patches Lightning Framework, modular Linux malware Malware spent months hoovering up credit card details from 300 US restaurants Lock down your Neopets account: Data breach being investigated Demo...
A week in security (March 7 – March 13)
Last week on Malwarebytes Labs: The struggle to reduce bug-fixing time is real Update now! Mozilla patches two actively exploited vulnerabilities Google takes on Docs notification spammers When fake dating profiles try the military approach Azure AutoWarp brings automation headaches RagnarLocker...
PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs
This week, Rapid7 Managed Detection and Response’s MDR intrepid investigators identified an increase in RDP attacks targeting RDP servers without multi-factor authentication enabled. Given that a fair number of folks are still working remotely, it’s no wonder that attackers continue to seek out a...
Insecure RDP
There are active attack campaigns as of October 2020 targeting RDP servers without multi-factor authentication enabled. Recent assessments: zeroSteiner at October 09, 2020 6:36pm UTC reported: Over the past couple of years 2018-2020 attacks against RDP have become more and more common. Recent...
Millions of Brute-Force Attacks Hit Remote Desktop Accounts
A rash of brute-forcing attempts aimed at users of Microsoft’s proprietary Remote Desktop Protocol RDP has come to light, striking millions per week. The attacks are a likely offshoot of cybercriminals looking to take advantage of the unprecedented numbers of employees working from home amid the...
A week in security (October 1 – 7)
Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all. On Labs, we raised the question of whether it is a good idea to bring your own security or not,...