Author Topic: Hackers Using RDP Are Increasingly Using Network Tunneling to Bypass Protections  (Read 1678 times)

0 Members and 1 Guest are viewing this topic.

Offline Antus67

  • Full Member
  • ***
  • Posts: 94
    • View Profile
By Ionut Arghire on January 25, 2019

Threat actors conducting Remote Desktop Protocol (RDP) attacks are increasingly using network tunneling and host-based port forwarding to bypass network protections, FireEye reports.

A Microsoft Windows component, RDP was designed to provide administrators, engineers and users with remote access to systems. However, threat actors have been using the technology for nefarious purposes, and the trend continues, especially since an RDP compromise is usually more difficult to detect than a backdoor.

“Threat actors continue to prefer RDP for the stability and functionality advantages over non-graphical backdoors, which can leave unwanted artifacts on a system. As a result, FireEye has observed threat actors using native Windows RDP utilities to connect laterally across systems in compromised environments,” the security firm notes.

Full Article Here: