Threat Actors Target Exposed Remote Desktop Protocol To Deploy Ransomware
Threat actors were discovered targeting open Remote Desktop Protocol (RDP) ports with variants from a range of ransomware families including Redeemer, NYX, Vohu, Amelia, BlackHunt, and MedusaLocker.
Online scanners were used to discover devices while stolen credentials or vulnerabilities were used as the initial access vector.
In some instances, adversaries were discovered exploiting the Microsoft Windows RDP BlueKeep vulnerability (CVE-2019-0708) to gain entry.
Featured Resources
blog
10 Types of Network Attacks: Common Threats and How to Prevent Them
Network attacks have evolved far beyond simple brute-force intrusions or spam. Threat actors now employ complex, multi-vector tactics that can
Two Pager
Proactive, AI-Powered SIEM Rule Validation and Detection Engineering
Save time and resources by automating the most critical tasks in modern SecOps
blog
Top 10 Vulnerability Management Metrics for Effective Reporting
To stay ahead of attackers and demonstrate progress to stakeholders, organizations must measure how effectively they manage and reduce cyber