Microsoft's RDP Security Flaw: Old Passwords Never Die
Microsoft confirms it won't patch a critical Remote Desktop Protocol vulnerability that allows system access using revoked passwords. This intentional design choice affects all Windows versions since NT 4.0, leaving networks permanently exposed to potential backdoor access.
Russian APT29 Hackers Deploy Sophisticated RDP Attack Campaign Against Global Targets
Russian state-sponsored group APT29 launched a cyber espionage campaign using malicious RDP attacks against government agencies and researchers worldwide. The attackers leveraged legitimate red team tools and extensive infrastructure to stealthily compromise high-profile targets through spear-phishing and RDP manipulation.
D-Link Discontinues Support for VPN Routers with Critical Security Flaw
D-Link advises immediate retirement of multiple vulnerable VPN router models affected by an unfixable remote code execution flaw. The company confirms no security patches will be released for the discontinued devices, urging users to upgrade to newer supported models.
New Helldown Ransomware Campaign Exploits Critical Zyxel VPN Vulnerabilities
A sophisticated ransomware group called Helldown has compromised 31 organizations by exploiting Zyxel firewall vulnerabilities. The threat actors employ advanced tactics including undocumented exploits, aggressive data theft reaching 431GB, and both Windows and Linux variants targeting virtualized infrastructure.
New SafePay Ransomware Operation Emerges Using LockBit Builder to Target Organizations
A rising cybercrime group called SafePay has claimed 22 victims using LockBit-based ransomware and sophisticated attack methods. The operation, discovered by Huntress researchers, exploits RDP access and employs data theft tools while showing behavioral patterns similar to established ransomware groups.