TIR-19-056-001 RDP MiTM

A Windows Remote Desktop Protocol (RDP) Man-in-The-Middle (MiTM) attack occurs when an attacker has positioned themselves to be on the same subnet as the victim; and proceeds intercepting/tampering with the victims RDP session traffic. Windows RDP servers offer some security mechanisms against MiTM attacks on clients, such as Enhanced TLS and Credential Security Support Provider (CredSSP) protocol, but adversaries can easily bypass these features.

TIR-19-056-001 RDP MiTM.pdf

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance