https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/22843#M1328 <P>UPDATE:&nbsp;</P><P>Traffic from Tor exit nodes is indicating that threat actors have started their Internet recon to discover and tabulate <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708" target="_blank" rel="noopener">CVE-2019-0708</A> (Bluekeep) vulnerable hosts (lots of scnning stats in this blog post <A href="https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html#.XO1EPIhKiUk" target="_blank" rel="noopener">here</A>). On the positive side, we are seeing lots IDS signature development (<A href="https://snort.org/advisories/talos-rules-2019-05-20" target="_blank" rel="noopener">SNORT</A>, <A href="https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt" target="_blank" rel="noopener">Suricata</A>) and a Bluescanner (<A href="https://github.com/zerosum0x0/CVE-2019-0708" target="_blank" rel="noopener">GitHub</A>) that can be used to assess exposure.</P> Tue, 28 May 2019 14:25:38 GMT AppDefects 2019-05-28T14:25:38Z https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/22724#M1322 <P>Here's the latest on the Microsoft RDP vulnerability (CVE-2019-0708). McAfee published a great technical analysis on the software defect in the protocol - complete with sequence diagrams!&nbsp;<A href="https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/rdp-stands-for-really-do-patch-understanding-the-wormable-rdp-vulnerability-cve-2019-0708/" target="_blank">https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/rdp-stands-for-really-do-patch-understanding-the-wormable-rdp-vulnerability-cve-2019-0708/</A></P> Mon, 09 Oct 2023 09:12:44 GMT https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/22724#M1322 AppDefects 2023-10-09T09:12:44Z https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/22843#M1328 <P>UPDATE:&nbsp;</P><P>Traffic from Tor exit nodes is indicating that threat actors have started their Internet recon to discover and tabulate <A href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708" target="_blank" rel="noopener">CVE-2019-0708</A> (Bluekeep) vulnerable hosts (lots of scnning stats in this blog post <A href="https://blog.erratasec.com/2019/05/almost-one-million-vulnerable-to.html#.XO1EPIhKiUk" target="_blank" rel="noopener">here</A>). On the positive side, we are seeing lots IDS signature development (<A href="https://snort.org/advisories/talos-rules-2019-05-20" target="_blank" rel="noopener">SNORT</A>, <A href="https://github.com/nccgroup/Cyber-Defence/blob/master/Signatures/suricata/2019_05_rdp_cve_2019_0708.txt" target="_blank" rel="noopener">Suricata</A>) and a Bluescanner (<A href="https://github.com/zerosum0x0/CVE-2019-0708" target="_blank" rel="noopener">GitHub</A>) that can be used to assess exposure.</P> Tue, 28 May 2019 14:25:38 GMT https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/22843#M1328 AppDefects 2019-05-28T14:25:38Z https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/23269#M1360 <P>I think that RDP also means Ransomware Download Program.</P><P>&nbsp;</P><P>Paul</P> Wed, 05 Jun 2019 18:38:58 GMT https://community.isc2.org/t5/Tech-Talk/RDP-Really-Do-Patch-Today/m-p/23269#M1360 Radioteacher 2019-06-05T18:38:58Z