Automated attacks on Remote Desktop Protocol accounts are aimed at taking over corporate desktops and infiltrating networks. A rash of brute-forcing attempts aimed at users of Microsoft’s proprietary Remote Desktop Protocol (RDP) has come to light, striking millions per week. The attacks are a likely offshoot of cybercriminals looking to take advantage of the unprecedented numbers of employees working from home amid the COVID-19 pandemic, researchers noted. RDP is used to connect to an image of an employee’s desktop as though the person were at their desk. It’s often used by both telecommuters as well as by tech support personnel troubleshooting an issue. A successful attack would give cybercriminals remote access to the target computer with the same permissions and access to data and folders that a legitimate user would have.
Source: Threatpost