Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.

A routine RDP brute-force alert led to unusual credential hunting and a geo-distributed VPN-linked infrastructure. Huntress Labs explains how one compromised login unraveled a suspected ...

Matt Dunn, associate managing director in Kroll’s Cyber Risk practice, discusses options for securing RDP, which differ significantly in terms of effectiveness. Kroll’s Paul Drapeau, Jeff Macko and ...

Kaspersky Lab has added generic protection for an attack form they say is on the rise: brute force RDP attacks. RDP stands for Remote Desktop Protocol and is the protocol for Windows Remote Desktop ...

An Internet-wide scan carried out by security researchers from Rapid7 has discovered over 11 million devices with 3389/TCP ports left open online, of which over 4.1 million are specifically speaking ...

UPDATE (June 29th, 2020): My colleague Ondrej Kubovič has written an update on RDP attacks identified through ESET's telemetry through the past half-year, as well as providing additional guidance on ...

From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using ...

If the client computer keeps disconnecting when connected to a remote desktop PC, especially via the VPN, this post will help you resolve the issue. If your client ...

If you’ve read this far, I hope it’s clear by now that the easiest way to get your systems hacked using RDP is to pick crappy credentials. Unfortunately, far too many organizations that end up for ...