Despite massive attacks on Citrix and Pulse Secure VPN to hack corporate networks in the first half of 2020, however, the RDP remote desktop Protocol remains the undiminished leader.

 

 

 

Attacks on the corporate sector – became statistically record high until August 2020.

 

The three most exploited attack areas in 2020:

 

– to compromised RDP endpoints;

– email phishing and

– use of corporate VPN devices.

Thus, attacks on RDP today are switched from access to home computers and systems to corporate, which is quite natural: having received compromised access points to home computers, with the accumulation of information-the number has grown in quality-to corporate (including by extracting information about corporate RDP access points from home computers that have the corresponding data).

Of course, no one canceled mass scanning of ports on the Internet for open RDP ports with the organization of brutforce on these open ports. With frankly weak credentials information about compromised points is immediately available for sale…

 

The second major step for 2019-2020 is to use a variety of serious vulnerabilities in VPN devices from leading modern companies, including Pulse Secure, Palo Alto Networks, Fortinet, Citrix, Secureworks, and F5 – and other similar network devices to penetrate corporate networks.

 

It was in 2020 that the unpleasant truth about penetration into corporate networks through hacked VPN devices and deployment of their systems for additional useful load for hackers – for mining, managing the botnet network and any other necessities of their work was revealed…

 

Cybersecurity experts constantly remind us about timely installation of updates and attention to emerging news about exploits, multi-level protection of information systems – companies that save on information security specialists no longer have any excuses for hacking and, moreover, compromising the data of customers – other companies and individuals.

In the case of deception of a company employee with a qualitatively disguised bait for phishing, this is still understandable, and it is quite another matter to deliberately ignore or postpone for an indefinite time the presence of vulnerabilities in the systems and equipment of the corporate IT sector.

Leave a Reply

Your email address will not be published. Required fields are marked *

GPD Host Contacts
GPD Host Social
Pay with Confidence

Copyright © 2015 - 2020 GPD Host All right reserved.