Show in Graph
Common Information
Type Value
Value 
Remote Desktop Protocol - T1021.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may use [Valid Accounts](https://attack.mitre.org/techniques/T1078) to log into a computer using the Remote Desktop Protocol (RDP). The adversary may then perform actions as the logged-on user. Remote desktop is a common feature in operating systems. It allows a user to log into an interactive session with a system desktop graphical user interface on a remote system. Microsoft refers to its implementation of the Remote Desktop Protocol (RDP) as Remote Desktop Services (RDS).(Citation: TechNet Remote Desktop Services) Adversaries may connect to a remote system over RDP/RDS to expand access if the service is enabled and allows access to accounts with known credentials. Adversaries will likely use Credential Access techniques to acquire credentials to use with RDP. Adversaries may also use RDP in conjunction with the [Accessibility Features](https://attack.mitre.org/techniques/T1546/008) or [Terminal Services DLL](https://attack.mitre.org/techniques/T1505/005) for Persistence.(Citation: Alperovitch Malware)
Details Published Attributes CTI Title
Details Website 2024-11-17 1 Inside a Fictitious Cyber Breach: Artemis’ IT Vulnerability Report
Details Website 2024-11-16 90 From Royal to BlackSuit: Understanding the Tactics and Impact of a Sophisticated Ransomware Strain | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-14 1 Darknet Marketplace Snapshot Series: MGM Grand Market 
Details Website 2024-11-13 0 Health, Human Services Announces Ransomware Attack Settlements | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-13 0 HHS Announces Additional Settlements Following Ransomware Attacks Including First Enforcement Under Risk Analysis Initiative | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Details Website 2024-11-13 2 The Role of Threat Intelligence in Preventing Ransomware
Details Website 2024-11-12 33 Peek into Monthly Vulnerabilities: October 2024
Details Website 2024-11-11 14 2024년 10월 APT 그룹 동향 보고서 - ASEC
Details Website 2024-11-11 15 APT Group Trends in October 2024 - ASEC
Details Website 2024-11-11 0 Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus
Details Website 2024-11-08 7 Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources
Details Website 2024-11-07 63 Weekly Intelligence Report - 08 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-07 0 Interlock Ransomware Targets US Healthcare, IT and Government Sectors
Details Website 2024-11-07 11 Analyzing Play and LockBit: The Top Ransomware Threats Facing Retailers
Details Website 2024-11-07 17 Unwrapping the emerging Interlock ransomware attack
Details Website 2024-11-07 17 Unwrapping the emerging Interlock ransomware attack
Details Website 2024-11-07 4 Essential Terms for Cybersecurity Conversations: Security and Key Tech Lingo A-Z
Details Website 2024-11-07 28 What is Ryuk Ransomware? The Complete Breakdown
Details Website 2024-11-07 4 PIONEER KITTEN: Targets & Methods [Adversary Profile]
Details Website 2024-11-07 28 Helldown Ransomware – A New Emerging Ransomware Threat
Details Website 2024-11-06 0 8 security tips for small businesses
Details Website 2024-11-05 0 Top Three Ways Organizations Were Unprepared for Cyberattacks in 2023
Details Website 2024-11-05 0 LockBit named nastiest malware of 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-11-04 3 THREAT ANALYSIS: PROMETEI BOTNET
Details Website 2024-11-04 57 Threat Intelligence Report October 29 - November 4 2024 | Red Piranha