dcsimg

RDP, the ransomware problem that won’t go away

The year 2020 will certainly be remembered as one of the most difficult and tragic years humankind has faced in modern times. The global pandemic changed the way we live and work in ways unimaginable, perhaps forever. It also altered the cybersecurity landscape dramatically. The FBI reported a 300 percent increase in cybercrime in the first quarter of that year, and the rate and cost of … [Read more...]

RDP abused for DDoS attacks

We have talked about RDP many times before. It has been a popular target for brute force attacks for a long time, but attackers have now found a new way to abuse it. Remote access has become more important during the pandemic, with as many people as possible try to work from home. Which makes it all the more important to configure RDP services in a secure way. Quick recap of RDP RDP is … [Read more...]

Cybercriminals want your cloud services accounts, CISA warns

On January 13 the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about several recent successful cyberattacks on various organizations’ cloud services. What methods did the attackers use? In the initial phase, the victims were targeted by phishing emails trying to capture the credentials of a cloud service account. Once the attackers had stolen a set of valid … [Read more...]

VideoBytes: Brute force attacks increase due to more open RDP ports

Hello Folks! In this Videobyte, we’re talking about why brute force attacks are increasing and why that is a problem for everyone. The number of RDP ports exposed to the Internet grew from about three million in January 2020 to over four and a half million in March.  The reason for this increase is likely the shift to working from home by many organizations during the … [Read more...]

Brute force attacks increase due to more open RDP ports

While leaving your back door open while you are working from home may be something you do without giving it a second thought, having unnecessary ports open on your computer is a security risk that is sometimes underestimated. That’s because an open port can be subject to brute force attacks. What are brute force attacks? A brute force attack is where an attacker tries every way he can … [Read more...]

A week in security (March 30 – April 5)

Last week on Malwarebytes Labs, we offered readers tips for safe online shopping now that cybercriminals are ramping up Internet-based attacks, showed the impact that GDPR has around the world, and helped users understand how social media platforms mine their personal data. We also hosted our bi-weekly podcast, Lock and Code, with guest Adam Kujawa, who discussed the state of data privacy … [Read more...]

Explained: the strengths and weaknesses of the Zero Trust model

In a US court of law, the accused are deemed to be innocent until proven guilty. In a Zero Trust security model, the opposite is true. Everything and everyone must be considered suspect—questioned, investigated, and cross-checked—until we can be absolutely sure it is safe to be allowed. Zero Trust is a concept created by John Kindervag in 2010 during his time as Vice President and Principal … [Read more...]

Threat spotlight: Phobos ransomware lives up to its name

Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals’ belts years ago. From massive WannaCry outbreaks in 2017 to industry-focused attacks by Ryuk in 2019, ransomware’s got its hooks in global businesses and shows no signs of stopping. That includes a malware family known as Phobos ransomware, named after the Greek god of fear. Phobos is … [Read more...]

Threat spotlight: The curious case of Ryuk ransomware

Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now a name that appears in several rosters of the nastiest ransomware to ever grace the wild web. For an incredibly young strain—only 15 months old—Ryuk ransomware gaining such notoriety is quite a feat to achieve. Unless the threat actors behind its campaigns call it quits, too—Remember … [Read more...]

Microsoft pushes patch to prevent ‘WannaCry’ level vulnerability

This month marks the two-year anniversary since the infamous WannaCry attack. As an anniversary present to the world, Microsoft has pushed out patches to secure a newly-identified Remote Desktop Protocol (RDP) vulnerability found in certain Windows operating systems. The potential damage of the newly-discovered RDP vulnerability matches the same dangers we experienced with the WannaCry … [Read more...]