Friday, January 15, 12:21
Home security "Network access" 7,000 organizations sold in hacking forums

"Network access" of 7,000 organizations is sold in hacking forums

Hackers have broken into 7.500 organizations and sold "network access" to many Russian hacking forums.

A CyberNews.com investigation reveals that the compromised networks are located in the USA, the Canada and Australia and include educational and recreational organizations.

Remote Desktop Protocol (RDP) access is sold through auction on hacking forums, with the initial bid for the entire package starting at 25 BTC (approximately $ 330.000) and the "Buy now" option being sold at a price of 75 BTC (approximately $ 1.000.000).

hacking forums

The access package would be a great purchase for a young and aspiring gang ransomware, as the attack on 7.500 organizations would help the team become famous in a short time.

RDP has a number of security holes, including of vulnerability BlueKeep (CVE-2019-0708), which make it extremely easy for exploiters to exploit. The IoT search engine Shodan.io reveals that there are millions of devices worldwide with open RDP ports.

As you can see above, millions Appliances are still open at public. This does not mean that all of these machines are necessarily vulnerable to cyber attacks: some may be false positives, while others may be patched or otherwise protected from common vulnerabilities related to RDP.

However, given how actively this attacker is being exploited by its criminals cyberspace in general and ransomware gangs in particular, one can safely assume that an insignificant percentage of open devices is vulnerable.

"Between the sharp rise in RDP attacks, the astonishing growth of the ransomware industry and the overall growth of crimes In recent years, organizations now have no excuse to endanger their networks due to ancient vulnerabilities, which are the direct result of non-compliance. information of their systems ", says Edvardas Mikalauskas of CyberNews.

Organizations need to repair the vulnerability and make sure they do not leave machines with RDP ports open where the vulnerability has not been fixed.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.

LIVE NEWS

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...

Facebook: Sues Chrome extensions developers for data theft

Facebook has filed a lawsuit against two Portuguese nationals for developing Chrome extensions that collected data from Facebook users.

Cisco does not fix 74 bugs in RV routers that have reached their EOL

Cisco said yesterday that it will not release firmware updates to fix 74 vulnerabilities that have been reported in ...

Hacker commits new crimes while waiting for his release!

A Kosovo hacker was pardoned after his conviction. The hacker provided personally identifiable information over 1.000 ...

Nintendo rules out Game & Watch video hacking

Two copyright claims against a YouTuber have been filed by Nintendo, for a video showing hacking of Super Mario ...

The number of reported CVEs increased by 6%!

According to a new analysis released on the level and volume of vulnerabilities in 2020, the total number of CVEs ...

Google: Removed 164 apps that featured out-of-context ads

Google removed 164 Android applications from the official Play Store, after security researchers discovered that the specific apps were bombarding them ...

Britain: Loss of 150.000 police records from a database

Some 150.000 police records have been deleted from its database as a result of a technical problem, according to the British government.

Hy-Vee: Data breach settlement proposed

The Iowa-based Hy-Vee grocery chain appears to be in the process of settling a data breach.