image credit: Arielinson / Wikimedia

Abusing Windows RDP servers to amplify DDoS attacks

Attackers are abusing Windows Remote Desktop Protocol (RDP) servers to amplify Distributed Denial of Service (DDoS) attacks.

The Microsoft Remote Desktop Protocol (RDP) is a built-in service in Microsoft Windows operating systems that provides authenticated remote virtual desktop infrastructure (VDI) access to Windows-based workstations and servers. The RDP service can be configured to run on TCP/3389 and/or UDP/3389.

Read More on Security Affairs