- WHO WE ARE
- WHAT WE DO
- SERVICES
- PRODUCTS
- CASE STUDIES
- NEWS & RESOURCES
- White Papers
- Press Releases
- 55% of Companies were Victims of Phishing Attacks
- Data in Use
- FINRA Compliance Guide for Social Networks, Web 2.0 and Unified Communications
- Fashionable but vulnerable: mobile devices in the workplace
- IPv6 Ready!
- Independent Research Cites Network Box as a Strong Performer in its Emerging MSSP Q1 2013 Report
- Internet Accessible Maintenance Services and Microsoft RDP Vulnerability
- Kaspersky Changes Microsoft Office Documents Coverage
- Make a Serious Step towards Security
- Mysql Authentication Bypass Vulnerability
- Network Box Wins Capital Magazine Outstanding Enterprise 2012 Award
- Network Box announces attains first milestone in "IPv6 Ready"
- Network Box wins the 'Security Products and Solutions for Finance and Banking' category,
- Redscan are a Finalist in the Computing Security Awards for 2012
- Redscan's Quarterly Newsletter is Out
- Tackling Modern Malware
- Time to Unplug Java?
- Webroot Revolutionizes Endpoint Security with the Fastest, Lightest, Easiest-to-Manage Protection
- Webroot Secure Anywhere Leads the Pack
- Newsletters
- My IP Address
- CONTACT US
Quick Links:
Internet Accessible Maintenance Services and Microsoft RDP Vulnerability
Microsoft released their security bulletin MS12-020 which they label as Critical, and document two vulnerabilities in the RDP implementation in all modern version of Windows. One of these is a network level pre-authentication vulnerability and could be exploited to gain system level access to compromise a server. Microsoft's blog report on the vulnerability anticipates exploit within the next 30 days. The only mitigating factor is that RDP is disabled by default, and administrators will have had to explicitly enable it and make it accessible to the Internet. We recommend all customers and users of Microsoft products to be aware of and respond to this problem. Best practices would be to:
- To read the Microsoft bulletin and blog.
- Apply the Microsoft Patches immediately.
- Firewall and close down port tcp/3389 to the Internet.
- Use a VPN, or at least a defined small set of static source IPs, for remote access to your network resources.
BackgroundMicrosoft's RDP (Remote Desktop Protocol) allows administrators to remotely access their windows servers and desktops for maintenance and support purposes. It is incredibly convenient and opening it up for access from the Internet allows user anywhere to connect back to their office and data centre systems as if they were there.
Sunderland AFC
"It is like having a team of experts working for you, they know more about security than we ever could."
Graham Stenning, Systems Administrator, Sunderland AFC
55% of Companies were Victims of Phishing Attacks
10th Apr 13
Most organizations are experiencing the pain of rising web-borne attacks. Everything from phishing to malware uses vulnerabilities in web browsers to penetrate your defenses. Yet 44% of companies between 100 and 5,000 employees surveyed did not have web security installed. Even if a company does not want to improve productivity, at least they should be focusing on preventing malware from attacking their users.
View all comment and analysis articles
Receive more news from Redscan
Subscribe to RSS Feed