I Watched You Roll the Die - Unparalleled RDP Monitoring Reveal Attackers' Tradecraft

Dive into a 39-minute Black Hat conference talk exploring the Remote Desktop Protocol (RDP) as a critical attack vector. Learn about PyRDP, an open-source RDP interception tool with advanced capabilities for screen, keyboard, mouse, clipboard, and file collection. Discover insights from a three-year honeynet experiment involving RDP Windows servers exposed on the cloud, which accumulated over 150 million events, 100 hours of video footage, 570 files collected from threat actors, and more than 20,000 RDP captures. Gain valuable knowledge about attackers' tradecraft and techniques used in RDP-based attacks, including those employed in ransomware outbreaks.