Cymulate Discovers Hidden Malware Defense Evasion Technique Using Microsoft Terminal Services Client (MSTSC)
Potential malware for hackers to exploit enterprise networks via a security controls blind spot disclosed at a critical time when billions of employees are working from home
Cymulate, the only end-to-end SaaS-based Breach and Attack Simulation (BAS) platform, announced it has discovered a method for attackers to run malicious code via Microsoft's Remote Desktop Protocol (RDP) using a technique called DLL Side-Loading. The executed code would bypass security controls.
To run RDP, the MSTSC is used in Windows, allowing…