A massive wave of scanning activity targeting Microsoft Remote Desktop (RDP) protocol, totaling more than 30,000 unique IP addresses, has been identified probing authentication portals in what looks like a coordinated campaign, according to GreyNoise.
Cybercriminals looking for exposed RDP services is nothing new. In fact, it’s a key attack vector used to gain access to networks, often serving as an entry point for ransomware, data theft, and espionage campaigns.
Security intelligence firm Gre
