Microsoft Threat Intelligence – has observed Russian threat actor Midnight Blizzard conducts large scale spear phishing campaign using RDP files

Microsoft Threat Intelligence – Invoke a RDP Client Infection the received emails contained a Remote Desktop Protocol (RDP) configuration file signed with a LetsEncrypt certificate. RDP configuration (.RDP) files summarize automatic settings and resource mappings that are established when a successful connection to an RDP server occurs these configurations extend features and resources of the local system to a remote server controlled by the actor

This entry was posted on Freitag, November 1st, 2024 at 17:37 and is filed under Administration, Security Solution. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.