Ransomware – TFlower infects unpatched RDP services
Uncategorized September 26th, 2019The Canadian Centre for Cyber Security (CCCS) & US-CERT have released an advisory on a new ransomware called TFlower & the need to be up-to-date on all Microsoft security patches
https://cyber.gc.ca/en/alerts/tflower-ransomware-campaign
The Canadian Centre for Cyber Security (CCCS) has released an advisory on a new ransomware campaign. The malware, named TFlower, may infect users via exposed, unpatched Remote Desktop Protocol (RDP) services. This advisory encourages administrators to review CCCS’s TFlower Ransomware Campaign Advisory for recommended mitigations and refer to CISA’s resource page on ransomware for more information on protecting against ransomware.