Before you go! Share this content on any social media platform

Facepalm: One airport erased a major vulnerability when McAfee Advanced Threat Research announced that hackers were selling credentials to its systems on the dark web. Airport officials confirmed the validity of the credentials after the notification and have since resolved the violation.

The airport (McAfee has retained its name for obvious reasons) said the credentials were used to log in to its Remote Desktop Protocol (RDP). With RDP, employees can access specific systems from outside the LAN.

The login information was offered in an RDP webshop hosted on the Dark Web. According to McAfee, these businesses are a common and growing problem that companies generally ignore. It points out that part of the problem is that companies are slow to prevail Two-factor authentication – a measure that could prevent this type of injury.

The airport is not sure how the credentials will come out, but McAfee analysts believe that a brute force technique was probably used to "guess" the login information. They say this is a very common method that hackers use to obtain this kind of data when they are just looking for a quick buck on the dark web. They will try brute force on hundreds or even thousands of systems, hoping to turn it upside down and then sell it profitably. This particular set of credentials was offered for only $ 10. It is unknown how many people bought the information.

"Attackers simply scan the Internet for systems that accept RDP connections and launch a brute force attack with popular tools like Hydra, NLBrute or RDP Forcer to gain access."

McAfee adds that in addition to the airport, other organizations are being offered in the RDP shop, including government computers.

"We also came across several systems of government [US and others] is sold worldwide, "said the researchers.[It also had] Dozens of connections to healthcare facilities, from hospitals and nursing homes to medical device suppliers. "

The lesson here is "Back up your RDP systems." This should be a breeze, but with even government systems compromised, many high-level IT staff need to improve their gameplay.

Before you go! Share this content on any social media platform

Source link
SOURCES: TECHCRUNCH.COM GSMARENA.COM MACRUMORS.COM FIRSTPOST.COM ANDROIDCENTRAL.COM PHANDROID.COM TECHSPOT.COM
BLEEPINGCOMPUTER.COM NEOWIN.NET KOTAKU.COM CNET.COM
DROID-LIFE.COM ENGADGET.COM ANDROIDPOLICE.COM
ARSTECHNICA.COM HACKADAY.COM UBERGIZMO.COM
XDA-DEVELOPERS.COM TECHCABAL.COM THEVERGE.COM
GIZMODO.COM SMASHINGMAGAZINE COPYBLOGGER EARTHER.COM
IO9.GIZMODO.COM CLICKHOLE.COM POPULARMECHANICS.COM
ITNEWSAFRICA.COM TECHGISTAFRICA.COM ZDNET.COM

LEAVE A REPLY

Please enter your comment!
Please enter your name here