Hackers Target RDP Servers To Gain Initial Access To Corporate Networks

May 20, 2022

Researchers have noticed an increase in vulnerabilities used in infiltrating organizations. According to cybersecurity firm Group-IB, the threat actors target remote desktop (RDP) servers that are exposed on the web for initial access into a network.

Group-IB explained that in 2021, ransomware gangs began to focus on several vulnerabilities in public-facing applications, and quickly moved to add exploits for newly uncovered security issues.

Vulnerabilities commonly used by ransomware attackers include CVE-2021-20016 (SonicWall SMA100 SSL VPN), CVE-2021-26084 (Atlassian Confluence), CVE-2021-26855 (Microsoft Exchange), CVE-2021-27101 (Accellion FTA), CVE-2021-27102 (Accellion FTA), CVE-2021-27103 (Accellion FTA), and CVE-2021-27104 (Accellion FTA).

Others include CVE-2021-30116 (Kaseya VSA), CVE-2021-34473 (Microsoft Exchange), CVE-2021-34523 (Microsoft Exchange), CVE-2021-31207 (Microsoft Exchange), and CVE-2021-35211 (SolarWinds).

A joint report by Cyber Security Works, Securin, Cyware and Ivanti showed that the number of bugs related to ransomware attacks rose to 310 in the first quarter of 2022.

Group-IB cites the leaks of the threat actors and claims that ransomware gangs have released information from 3,500 victims, most of whom are based in the U.S. (1,655).

Ransomware gangs with the most aggressive operations in 2021 were LockBit (670) and Conti (640), while Pysa came third with data from 186 victims published on their leak sites.

The sources for this piece include an article in BleepingComputer.

Top Stories

Related Articles

June 26, 2026 Ford Motor Co. turned to veteran engineers to tackle persistent vehicle quality problems after finding that artificial more...

June 26, 2026 Meta's chief technology officer says employee morale has fallen to one of the lowest levels in the more...

June 26, 2026 Memory chip maker Micron says it has signed 16 long-term strategic customer agreements that include price floors more...

June 26, 2026 IBM says it has developed the world's first functional sub-1 nanometre computer chip, marking what the company more...

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn