RDP

Securing Remote Services from Ransomware Attacks

Securing Remote Services from Ransomware Attacks

Written by: Vikram Navali, Senior Technical Product Manager – Threat actors often target remote services to gain unauthorized access to internal systems and launch ransomware attacks. Once inside the victim’s network, their goal is to exploit remote services, move laterally and gain access to remote systems primarily targeting Domain Controllers, file shares, and similarly high-value servers. According to the DFIR 2021 Year In Review report (dated March 7, 2022), 27% of lateral movement techniques resulted in interactive connections usage such as AnyDesk, RDP, VNC, etc.

RDP imagery

Using Deception to Counter RDP Attacks

Written by: Mike Parkin, Product Marketing Engineer – A recent blog post by Ionut Arghire over at SecurityWeek highlighted both Remote Desktop Protocol (RDP) attacks, and attackers using obfuscation and encryption techniques to mask communication while they’re leveraging RDP. It’s an interesting read and it goes into some depth on the specific tools and techniques involved.

Scroll to Top