Tue, Mar 26 2019, 12:11 am

eScan intros TSPM technology to combat RDP cyber attacks

By Digital Edge Bureau, 05.10.2017, 23:10
 
Cyber_Security_1

eScan offers endpoint security solution carrying TSPM technology to fight against RDP attacks

With each passing day, the cyber attacks turn complex and enterprises find it challenging to combat against the assaults. Now, a slew of reports suggest that RDP (remote desktop protocol) servers come under ransomware attacks which can jeopardize the very operations of firms and organizations.
To facilitate centralized management of computers, organizations implement RDP and access these systems either through LAN or Internet. In order to protect RDP enabled systems from outsiders, VPN might be implemented but in majority of cases, administrators configure the firewall to open up RDP for the systems they would want to manage remotely. The pen-testing platforms such as Kali offer RDP Bruteforce and Exploit tools which are being specifically used for targeting systems with Internet facing RDP systems. Bruteforce attack would generate large numbers of Failed Login Notifications and are logged. Furthermore, the users are not even aware of the on-going Brute Force attack, since it is not imperative that the attack would take place when the user would be logged in and working on the system.
Now, eScan’s Terminal Services Protection Module (TSPM) not just detects these brute force attempts but also heuristically identifies suspicious IP Addresses  and blocks any access attempts from them and in order to safeguard the systems from future attacks, the IP addresses and Hosts from future attacks are banned from initiating any further connections to the system.
This has been known that attackers would try to uninstall security applications from compromised systems in order to cover up their tracks and stop the administrators from getting alerted about the breach.  eScan TSPM detects and stops these attempts too, moreover the administrators are also alerted about the preventive measures initiated by TSPM.
In the present landscape where attackers are trying to exploit every known weakness be it unpatched systems or inability of the users to maintain password hygiene, eScan’s TSPM would protect organizations from such attacks.

0 comments

Add your comment

Nickname:
E-mail:
Website:
Comment:


9 + = sixteen

Other articlesgo to homepage

Operation Sharpshooter targets critical infrastructure: McAfee

Operation Sharpshooter targets critical infrastructure: McAfee(0)

In a new development, McAfee Advanced Threat Research team and McAfee Labs Malware Operations Group have discovered a new global campaign targeting nuclear, defense, energy, and financial companies, based on McAfee Global Threat Intelligence. This campaign, Operation Sharpshooter, leverages an in-memory implant to download and retrieve a second-stage implant—which we call Rising Sun—for further exploitation.

Security-as-code would define SW development: Trend Micro

Security-as-code would define SW development: Trend Micro(0)

At the recently held CLOUDSEC India 2018, hosted by Trend Micro, it has been highlighted that security-as-code and security automation would define the future of cybersecurity. These two trends are in line with application development in the cloud computing era. By moving security into the early stages of the development lifecycle – or implementing DevSecOps,

Kaspersky Lab ties up with Huawei for securing cloud

Kaspersky Lab ties up with Huawei for securing cloud(0)

Russia’s Kaspersky Lab and China’s Huawei have agreed to work together in the field of cloud security at the recently held  HUAWEI CONNECT 2018 in Shanghai, China. The cooperation will seamlessly integrate Kaspersky Lab’s security solutions with Huawei’s cloud computing solution, delivering a more comprehensive approach to security and building a more secure ecosystem while

Quick Heal offers extra months validity during festivities

Quick Heal offers extra months validity during festivities(0)

Gingering up the cheer to the upcoming festive season, Quick Heal Technologies has announced the launch of the Quick Heal Total Security Festive Pack. The festive pack gives Quick Heal customers four extra months of validity at no additional cost if activated on festive days. The days during which the offer can be availed— on

Security analytics firm Skybox ties up with RAH Infotech

Security analytics firm Skybox ties up with RAH Infotech(0)

In a significant development, Skybox Security, world’s leading provider of security intelligence & analytics software, has struck a national distribution tie-up with Gurgaon-headquartered RAH Infotech, which has emerged as one of India’s fastest growing value added distributors (VADs) specializing in the fields of networking and security products. The formal distribution partnership has been solemnized between

read more
banner









Contacts and information

New Delhi (India)

Social networks

Most popular categories