The FBI’s Internet Crime Complaint Center (IC3) has released an alert on cyber threat actors maliciously using legitimate remote administration tools, such as Remote Desktop Protocol (RDP). RDP as an attack vector has been on the rise since mid-late 2016 with the rise of dark markets selling RDP Access. Malicious cyber actors have developed methods of identifying and exploiting vulnerable RDP sessions over the Internet to compromise identities, steal login credentials, and ransom other sensitive information. The FBI and the Department of Homeland Security recommend businesses and private citizens review and understand what remote accesses their networks allow and take steps to reduce the likelihood of compromise, which may include disabling RDP if it is not needed. DHS’s NCCIC encourages users and administrators to review its tips on Securing Network Infrastructure Devices and Choosing and Protecting Passwords. FBI IC3.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!