HackDig : Dig high-quality web security articles for hacker

Reverse port forwarding SOCKS proxy via HTTP proxy (part 1)

In the context of a Red Team assessment, in this post I’ll look at some options for using SOCKS to gain external access to an internal network. I’ll cover the obvious methods and why I’m overlooking them, a crude method using standard tools (this post) and a more refined approach using modified tools (in part 2). I recently spent quite a lo
Publish At:2019-09-19 17:35 | Read:58 | Comments:0 | Tags:Blog RDP red team Windows

Rapid7 warns of Remote Desktop Protocol (RDP) exposure for millions of endpoints

According to a new research conducted by experts at Rapid7, there are 4.1 million Windows endpoints exposed online via Remote Desktop Protocol (RDP). The researchers discovered that there are 11 million open 3389/TCP endpoints, and that 4.1 million of them are RDP. “We analyzed the responses, tallying any that appeared to be from RDP speaking endpoints
Publish At:2017-08-14 18:00 | Read:3187 | Comments:0 | Tags:Breaking News Hacking Reports Security EsteemAudit Intellige

NSA EsteemAudit exploit could trigger a new WannaCry-like attack

Security experts from enSilo firm released a free patch for Windows systems vulnerable to the NSA-linked ESTEEMAUDIT Exploit. The WannaCry emergency could not be ended because the NSA dump leaked by the Shadow Brokers team included many other dangerous exploits. Last months the Shadow Brokers group released another batch of data containing exploit codes stil
Publish At:2017-05-25 14:40 | Read:2553 | Comments:0 | Tags:Breaking News Hacking EnglishmanDentist EsteemAudit Explodin

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil. Harvesting victims via weakly protected RDP (remote desktop protocol) connections, criminals are manually installing the ransomware and encrypting any files which can be found on the system. Interesti
Publish At:2017-04-24 17:40 | Read:4819 | Comments:0 | Tags:Blog Research Brazil Ransomware RDP TeamXRat Trojan

RDPPatcher, the Attack that Sells Access to your Computer at a Low Price

In recent months, there’s been a significant uptick in PandaLabs reports of malware that is installed using a Remote Desktop Protocol (RDP). Every day, we witness thousands of infection attempts using ransomware, hijacking systems for bitcoin mining, etc., which all have one thing in common: access via RDP after gaining entry with credentials obtained using
Publish At:2017-02-16 09:25 | Read:2612 | Comments:0 | Tags:PandaLabs Malware news rdp

Mirai Widens Distribution with New Trojan that Scans More Ports

Analysis by Julie Cabuhat Late last year, in several high-profile and potent DDoS attacks, Linux-targeting Mirai (identified by Trend Micro as ELF_MIRAI family) revealed just how broken the Internet of Things ecosystem is. The malware is now making headlines again, thanks to a new Windows Trojan that drastically increases its distribution capabilities. We pr
Publish At:2017-02-13 22:40 | Read:2943 | Comments:0 | Tags:Internet of Things Malware Mirai RDP Telnet

CRYSIS Ransomware is back and crooks are using RDP attacks once again

CRYSIS Ransomware attacks leveraging brute force via Remote Desktop Protocol (RDP) are still ongoing, mostly targeting US firms in the healthcare. Do you remember the CRYSIS ransomware? It is a ransomware that appeared in the threat landscape last year, now researchers at Trend Micro discovered the CRYSIS ransomware is being distributed via Remote Desktop Pr
Publish At:2017-02-10 14:15 | Read:4118 | Comments:0 | Tags:Breaking News Cyber Crime Malware CrySis ransomware Cybercri

It Isn’t Ransomware, But It Will Take Over Your Server Anyway

In this week’s Tales From Ransomware, we take a look at a ransomware that isn’t really ransomware. Nor even malware. But it can hijack your server anyway. A few days ago we saw a typical Remote Desktop Protocol (RDP) attack, which lead us to believe that it was a similar attack to the one we told you about a few months ago which cybercriminals are usin
Publish At:2017-01-20 12:10 | Read:2872 | Comments:0 | Tags:Pandalabs PandaLabs rdp tales from ransomware

Downgrading RDP connections and how to avoid it

This post describes how Remote Desktop Protocol (RDP) connections can be vulnerable to a downgrade attack if Terminal Servers are configured insecurely. We’re not aware of this issue being discussed before – googling only found pages about installing an earlier version of the RDP client, not about downgrading the protocol in the way described her
Publish At:2016-11-20 02:20 | Read:5868 | Comments:0 | Tags:Blog cryptography MiTM RDP redteam Windows

Vulnerability Management: Just Turn It Off! Part III

Our previous posts in the ‘Just Turn It Off!’ series (Part I and Part II) explained many commonly overlooked features than can unintentionally weaken your network’s security.We discussed the risks of an unsecured VNC, rlogin, HTTP TRACE and various other features, that fortunately, have a fairly simple fix.In our third and final post of thi
Publish At:2014-08-19 17:20 | Read:3843 | Comments:0 | Tags:Featured Articles Vulnerability Management RDP SBM share SNM


Share high-quality web security related articles with you:)


Tag Cloud