You will also be interested
[EN VIDÉO] Kézako: how is data encrypted on the Internet? Cryptography is the oldest form of encryption. There are traces of its use until 2,000 BC. This technique still used today, especially on the Web, reveals its mysteries on video thanks to the Kézako program from Unisciel and the University of Lille 1.
To inject ransomware remotely on a Windows PC, two main methods are used. The use ofidentifiers already compromised that are available on the vast data base in free access or paying on Internetor the so-called brute force attack which will generate Passwords until you find the right sesame. But, in practically all cases, the weak link which makes it possible to use one of these two methods on a remote computer, remains the RDP access protocol.
To block or rather mitigate the range of brute force attacks via RDP, Microsoft has just reacted and provides a security update for Windows 11. The idea is simply to completely lock user accounts for ten minutes in the event of repeated access via access to remote officethat is to say when the attackers use the famous RDP protocol.
@windowsinsider Win11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors. This technique is very commonly used in Human Operated Ransomware and other attacks – this control will make brute forcing much harder which is awesome! pic.twitter.com/ZluT1cQQh0
— David Weston (DWIZZZLE) (@dwizzzleMSFT) July 20, 2022
David Weston, vice president of security at Microsoft, announced the activation of the default lock function on his Twitter account. © Twitter
Increase attack time to discourage
The accounts affected by this automatic locking are not only the most sensitive, that is to say those of administrators, but also limited user accounts. After the ten minutes of blocking, if ten other attempts are made, the account is again locked for ten minutes. With this process, brute force attacks are targeted. These hindrances with the temporary blocking of accounts do not at all prevent an attack in Brute force, but it comes to limit them, because they require to persist much longer on an account. At this time, the update is available only to recipients of the Insider program. It should also be distributed for Windows 10. If this update adds this default lock, you should know that in reality it is already possible to activate the function via Windows 10 and 11 registry.
A desire to escape for the summer?
To celebrate the holidays as it should be, discover the Mag Futura at the preferential price of €15 instead of €19, i.e. a reduction of 20% !
On the program of this issue: a dive into the heart of 4 scientific themes that will mark 2022, from the Earth to the Moon:
- What mysteries does the Moon still hide from us?
- Will we soon be able to cure everything thanks to genes?
- How to feed the world without destroying it?
- Can artificial intelligence become truly intelligent?
What is Mag Futura?
- Our first paper journal of more than 200 pages to make science accessible to as many people as possible
- 4 major scientific questions for 2022, from the Earth to the Moon
- Home delivery*
*Delivery is made in France (excluding metropolitan France), Switzerland, Belgium.
Interested in what you just read?