<ul><li>Adversaries exploit Remote Desktop Protocol (RDP) configuration files to gain remote access to Ukrainian public sector computers.</li><li>CERT-UA warns about an ongoing phishing email campaign targeting government agencies and defense sector organizations.</li><li>The attacks are linked to the UAC-0215 hacking group and may expand beyond Ukraine.</li><li>Mitigation measures include blocking .rdp files at the email gateway and configuring firewalls to limit RDP connections to internet resources.</li></ul>

“Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian Public Sector Computers

Discover more