Get a Pentest and security assessment of your IT network.

News

Using Firepower to defend against encrypted RDP attacks like BlueKeep

Microsoft recently released fixes for a critical remote code execution vulnerability in Remote Desktop Protocol Services (RDP) A remote unauthenticated attacker can exploit CVE-2019-0708 by sending crafted data to this internal channel. The vulnerability caught the attention of researchers and the media due to the fact that it was “wormable,” meaning an attack exploiting this vulnerability could easily spread from one machine to another. The following is a guide to set up RDP decryption on Cisco Firepower. This guide specifically applies to Windows Server 2008 instances (newer versions of Windows Server are not vulnerable to BlueKeep)”]

Source: https://blog.talosintelligence.com/2019/05/firepower-encrypted-rdp-detection.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Take note, next week update Adobe Reader and Acrobat to fix critical flaws

News

Linux bug leaves 1.4 billion Android users vulnerable to hijacking attacks