These days, Windows Remote Desktop Protocol (RDP) servers are being exploited by DDoS-for-hire services to expand Distributed Denial of Service (DDoS) attacks. However, we all know that Microsoft is one of the latest major tech firms to check that all its resources are being ill-treated as part of a DDoS attack.
Cybersecurity researchers have recently reported that Windows Remote Desktop Protocol (RDP) servers are being misused to expand their attacks. According to the report, the Microsoft RDP service has a built-in Windows service that is specifically proceeding on TCP/3389 and UDP/3389.
All these services allow authenticated remote virtual desktop infrastructure (VDI) so that it can access Windows servers and workstations.
Security Impact
The security consequence of RDP reflection/amplification attacks is probably quite high for all those companies whose Windows RDP servers are damaged as reflectors/amplifiers.
Not only this, but it also includes partial or full obstruction of…