RDP, RDWEB, Citrix Access to Multiple Educational Institutions for Sale
Published 24 May 2021
- CloudSEK discovered a post advertising RDP, RDWEB, Citrix access to multiple educational institutions
Share this Threat Intel:
CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a cyber crime forum, advertising RDP, RDWEB, Citrix access to multiple educational institutions. CloudSEK Threat Intelligence Research team is in the process of validating the post.
Sources confirmed the names of affected organizations.
Name of Affected Companies
|Grand State Valley University||https://www.gvsu.edu/|
|Wyższa Szkoła Biznesu – National Louis University||https://www.wsb-nlu.edu.pl/|
|Washington University in St. Louis||https://wustl.edu/|
- Gaining RDP access can potentially provide the threat actor a foothold into the entire network.
- Initial compromise can lead to data exfiltration.
- Use of strong passwords.
- Limited admin access rights to users. Check user privileges.
- Admin and other sensitive login pages should not be publicly accessible.
- Keep your software updated.