Ad End 1 February 2024
Ad Ends 13 January 2025
Ad End 26 February 2025
ad End 25 April 2025
Ad Ends 20 January 2025
Ad expire at 5 August 2024
banner Expire 25 April 2025
What's new
banner Expire 15 January 2025
banner Expire 20 October 2024
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

Security Biz Launches RDP Breach Notification Site

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
7,544
Reaction score
916
Points
212
Awards
2
  • trusted user
  • Rich User
A threat prevention firm is claiming to have access to 1.3 million breached RDP servers and their credentials, which were put up for sale on a popular dark web site.

New York-headquartered Advanced Intelligence is offering a new free service enabling concerned organizations to check if their RDP servers were part of the trove.

Ultimate Anonymity Services (UAS) has been running for around five years on the dark web, specializing in providing access to RDP servers. It’s known to be one of the largest and most reliable such marketplace around.

The market for these offerings has exploded over the course of the pandemic, as remote workers use the Microsoft solution to access their corporate Windows desktop from home.

Attacks targeting RDP increased by 768% between Q1 and Q4 last year, according to ESET’s Q4 2020 Threat Report.

“The [UAS] marketplace is tied to a number of high-profile breaches and ransomware cases across the globe. A number of ransomware groups are known to purchase initial access on UAS,” explained Advanced Intelligence.

“This treasure trove of adversary-space data provides a lens into the cybercrime ecosystem, and confirms that low hanging fruit, such as poor passwords, and internet-exposed RDPs remain one of the leading causes of breaches.”

The threat prevention company’s new RDPwned site invites concerned organizations to submit a request via email, which will be manually verified by the team.

“We will be happy to search for you and your organization based on any reverse DNS, IP addresses, domains, or unique network attributes via the subsequent response email message to the provided contact email address,” it noted.

In the meantime, Advanced Intelligence recommended organizations to enable network-level authentication (NLA), and use two-factor authentication if possible, plus strong and complex passwords.

It also advised RDP-owners to ensure their environment is free from well-known administrative accounts with well-known passwords, and to ensure RDP servers only accept connections from trusted sources.

Organizations can also check Shadowserver’s free service to see if their RDP assets are exposed to the internet.
 
Ad End 1 February 2024
Top