TFlower Ransomware infects users via exposed unpatched RDP services

Initial infection vector for this malware appears to be through exposed, unpatched Remote Desktop services, but can also include email

Read more

New Vulnerabilities In Microsoft Remote Desktop Services [DejaBlue] [CVE-2019-1181&1182]

Microsoft have just released a set of fixes for it’s Remote Desktop Services that include two critical Remote Code Execution

Read more

Researcher discloses BlueKeep Exploit

A security researcher under the Twitter handle @zerosum0x0 has recently disclosed his Remote Desktop Protocol (RDP) exploit for the BlueKeep vulnerability to

Read more

GoldBrute Botnet Brute Forcing RDP Servers

A posting to the InfoSec Handlers Diary has provided information on a botnet named GoldBrute. It is currently attempting to

Read more

Windows Remote Desktop Services RCE Vulnerability [CVE-2019-0708]

Microsoft has released updates to fix a critical remote code execution (RCE) vulnerability that affects Remote Desktop Services in some

Read more

rdesktop process_bitmap_updates() Function Heap-Based Buffer Overflow Remote Code Execution Vulnerability [CVE-2018-8795]

CVE Number – CVE-2018-8795 A vulnerability in the process_bitmap_updates() function of rdesktop could allow an unauthenticated, remote attacker to execute arbitrary code

Read more

rdesktop process_plane() Function Heap-Based Buffer Overfow Remote Code Execution Vulnerability [CVE-2018-8797]

CVE Number – CVE-2018-8797 A vulnerability in the process_plane() function of rdesktop could allow an unauthenticated, remote attacker to execute arbitrary code

Read more

Cmb RDP Ransomware

First observed in 2018, Cmb is a new variant of the Dharma ransomware family. As with most Dharma variants, Cmb is delivered

Read more
%d bloggers like this: