By Radiflow CTO, Yehonatan Kfir
Microsoft recently released a set of fixes for Remote Desktop Services (RDP) that include two critical Remote Code Execution (RCE) vulnerabilities that allow hackers spread malware to infect both your PC and others without your knowledge or interaction.
Microsoft also confirmed that the flaws CVE-2019-1181 and CVE-2019- 1182 are “wormable” similar to the BlueKeep remote desktop protocol vulnerability discovered in May which many worry could lead to another global cyberattack like 2017’s WannaCry ransomware outbreak.
Mitigation of those vulnerabilities requires patching Windows systems and using network devices for authenticating RDP sessions. Radiflow recommends that our clients enable the Authentication Proxy (APA) in Radiflow‘s Secure Remote Access gateway and to block RDP connections.
Clients should contact Radiflow to receive updates to iSID in order to detect those vulnerabilities and any malicious activity related to them.
[inject id=’code-47fd23f73a9caecab1e206306adae7f9′]
Harmonizing risk and consequence strategies across IT and OT environments for greater cyber resilience
Strengthening OT Resilience: Protecting Critical Systems in a Rapidly Evolving Threat Environment
Quarterly ICS Security Report 2024 Q3