Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations

Over the past year, Microsoft Threat Intelligence observed the proliferation of RedVDS, a virtual dedicated server VDS provider used by multiple financially motivated threat actors to commit business email compromise BEC, mass phishing, account takeover, and financial fraud. Microsoft’s...

EUVD-2019-9791

Malware in sbrugna...

EUVD-2019-9792

Malware in sbrugna...

EUVD-2023-40733

Malicious code in bioql PyPI...

CVE-2019-1108

An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'...

CVE-2024-38258 Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

...

PT-2023-2316 · Microsoft · Windows Rdp Client +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Protocol RDP Client affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing a remote attacker to gain unauthorized access to protected information. It enables attackers...

CVE-2021-41371

Windows Remote Desktop Protocol RDP Information Disclosure Vulnerability...

Information disclosure

Windows Remote Desktop Protocol RDP Information Disclosure Vulnerability...

Information disclosure

Windows Remote Desktop Protocol RDP Information Disclosure Vulnerability...

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

Phish-Proof Multi-Factor Authentication with Akamai MFA

Today, Akamai announced Akamai MFA, a phish-proof multi-factor authentication MFA service for the workforce that delivers all of the security benefits of FIDO2 with the frictionless end-user experience of a mobile push on a smartphone. Why has Akamai introduced this new service? When an employee...

Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks

Cybercriminals can exploit Microsoft Remote Desktop Protocol RDP as a powerful tool to amplify distributed denial-of-service DDoS attacks, new research has found. Attackers can abuse RDP to launch UDP reflection/amplification attacks with an amplification ratio of 85.9:1, principal engineer Rolan...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2019-1108 Exploitation CVE-2019-1108 Remote Desktop P...

Information disclosure

An information disclosure vulnerability exists when the Windows Remote Desktop Protocol RDP fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'...

Remote Desktop Protocol Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows Remote Desktop Protocol RDP fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an...

Information disclosure

An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1225...

Information disclosure

An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Server Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1224...

CVE-2019-1224

The CVE-2019-1224 entry describes an information disclosure in the Windows RDP server where memory contents could be exposed to an attacker. The vulnerability requires remote authentication-free access: an attacker must connect to an affected system and run a specially crafted application to expl...

Remote Desktop Protocol Server Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to...