Russian spies use remote desktop protocol files in unusual mass phishing drive Microsoft says a mass phishing campaign by Russia's foreign intelligence services (SVR) is now in its second week, and the spies are using a novel info-gathering technique. First spotted on October 22, Microsoft said in a report published Tuesday that the spearphishing attempts are "ongoing" and targeting governments, NGOs, …
That was just one of my countermeasures. Universities exist in a state of constant war between the academics and the IT departments, which we academics always win because (a) we're smarter than they are because (b) the university doesn't pay support staff well enough to get the smart ones.
Would be interested to know how to control the sessions settings of the RDP client. All the settings I've looked at so far have been to restrict access to servers under my control, not access to 3rd party servers.
The only thing I can think of would be to deny users access to mstsc.exe for members of an AD group.
User Configuration\Administrative Templates\System
"dont run specified Windows applications" = enabled
and add: mstsc.exe
But that wouldn't stop them running a web based client etc. Port blocking can be trivial to work around if you change the server from 3389 to 443 for example.
Well, dunno if “they” did, but some Shit Head did.
It was a ransomware attack, evidently, which is interesting because it implies that the library had some stockpile of useful information (beyond the books themselves). The S.H. Gang may have been after passwords, or who knows. The library says they never got it.
What peeves me is they interrupted access to the shared “N.Y. Times” pass, which affects my ability to participate in the Wordle!
There Are Real World Consequences !!1!1 gosh dang it!
(Oh well I think I preferred the sudoku puzzles anyway, which are unrestricted.)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
