Microsoft Has Already Patched a Vulnerability in Windows RDP Twice

This week, CyberArk researchers shared technical information about a named pipe RDP (Remote Desktop Protocol) vulnerability in Windows, for which Microsoft had to release two patches. The RCE vulnerability CVE-2022-21893 was fixed on January 2022 Patch Tuesday, but the attack vector was not fixed. In April 2022, Microsoft already fixed the new bug CVE-2022-24533. Let… Continue reading Microsoft Has Already Patched a Vulnerability in Windows RDP Twice

New Pay2Key ransomware encrypts corporate networks in just an hour

A number of companies and large corporations in Israel have been targeted by cyberattacks using a new ransomware called Pay2Key. The first attacks were recorded by specialists from Check Point at the end of October this year, and now their number has increased. According to experts, criminals usually carry out attacks after midnight, when companies… Continue reading New Pay2Key ransomware encrypts corporate networks in just an hour

Sarwent malware opens RDP ports on infected machines

SentinelOne experts noticed that the new version of the Sarwent malware opens the RDP ports on infected computers. Researchers believe that this is due to the fact that maware operators can sell access to infected hosts to other criminal groups. Sarwent is a not-so-famous backdoor trojan, active since 2018. Previous versions of malware had a… Continue reading Sarwent malware opens RDP ports on infected machines

Due to pandemic, RDP and VPN usage grew by 41% and 33%

Amid of the COVID-19 pandemic, the use of remote access technologies such as RDP and VPN has grown significantly, as many companies have transferred their employees to remote work, and this usually involves a remote connection to internal networks.   According to statistics from the Shodan search engine, by last Sunday, March 29, 2020, the… Continue reading Due to pandemic, RDP and VPN usage grew by 41% and 33%

Ransomware attacks most often occur at night and on weekends

According to a report published by the American company FireEye, 76% of all ransomware attacks in the corporate sector occur in the off-hours: 49% of them are recorded at night on weekdays, and another 27% at weekends. This data is based on dozens of ransomware incident investigations from 2017 to 2019. “In 76% of incidents… Continue reading Ransomware attacks most often occur at night and on weekends