Microsoft Denies Reports of Exploits For Critical Windows RDP Hole

Microsoft said that it has not seen any evidence that hackers have figured out a way to take advantage of a critical vulnerability in the Windows Remote Desktop Protocol (RDP) that the company disclosed and patched on Tuesday. The statement comes in the wake of unconfirmed reports of working exploits for the RDP hole circulating online on Thursday. 

Android Malware Stealing Online Banking Credentials

Malware that targets Android phones has been on a steady rise for the last couple of years, and much of it has come in the form of compromised apps or outright malicious apps disguised as games or utilities. But now researchers have come across a new Android threat that is designed specifically to steal users’ online banking credentials and create persistent, silent access to the compromised handset.

As a follow-up to its usual Patch Tuesday release this week, officials at Microsoft are warning users that an exploit against the recently disclosed Remote Desktop Protocol (RDP) vulnerability for Windows is likely to come in the next 30 days.According to a supplementary entry on its Security Research & Defense blog, Microsoft claims the “attractiveness” of the RDP vulnerability may make it especially appealing to hackers.

A new Ubuntu Linux distribution is being marketed as “Anonymous-OS” and comes pre-loaded with tools for hacking and protecting anonymity online. However, it is unclear whether the new operating system was created by the anarchic hacking group, or even has its endorsement.

Those multi-gesture passcode locks on Android phones that give users (and their spouses) fits apparently present quite a challenge for the FBI as well. Frustrated by a swipe passcode on the seized phone of an alleged gang leader, FBI officials have requested a search warrant that would force Google to “provide law enforcement with any and all means of gaining access, including login and password information, password reset, and/or manufacturer default code (“PUK”), in order to obtain the complete contents of the memory of cellular telephone”. 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.