RDP is one of the most prominent entry points into networks. Ransomware actors have taken down many large networks after initially entering via RDP. Credentials for RDP access are often traded by “initial access brokers”.
This article has been indexed from SANS Internet Storm Center, InfoCON: green