Qilin Ransomware Maps Networks via RDP Authentication History
Why it matters: Indian organizations must enhance RDP security, implement multi-factor authentication, and monitor for suspicious RDP activity to mitigate this advanced ransomware threat.
Qilin ransomware, a prominent cyber threat, has evolved its tactics since its 2022 emergence. The group now enumerates Remote Desktop Protocol (RDP) authentication history on compromised servers. This new technique allows Qilin to quickly and stealthily map target networks.
Source: Cybersecurity News