but reversing these fixes is absolutely underway. Whether or not someone builds a worm with it, attackers will be using this for years. Don’t get complacent just because nobody wormed BlueKeep - these are worse. Patch, enable NLA or firewall but please, do it ASAP.
-
-
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
guess where a lot of malicious RDP traffic comes from?https://twitter.com/JayTHL/status/1163488611930660869 …
-
Yup I see the same via
@GreyNoiseIO data too it’s definitely one of the challenges of running a huge cloud. People abuse Azure free trials all the time, we have a reporting API at http://cert.microsoft.com but it’s a non-trivial problem. - Još 8 drugih odgovora
Novi razgovor -
-
-
Wait. People have RDP directly exposed to the internet? Are you serious?
-
RDP is literally a *remote* desktop protocol. It's designed to be exposed
- Još 1 odgovor
Novi razgovor -
-
-
What about RDP on other operating systems? It’s rarer but it means RDP != 100% Windows.
-
FreeRDP and other ?
- Još 4 druga odgovora
Novi razgovor -
-
-
Powershell to check and enable NLA in MS script center if people don't want to write it. Total cake. 500 hosts in about two hours. Far better than two months of cleanup.
Novi razgovor -
-
-
*sigh* I really do want to throw up an RDP honeypot just to mess with folks, but I just don’t have the time.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.