Russian spies using remote desktop protocol files to phish
Briefly

Microsoft's report reveals that a phishing campaign conducted by Russia's SVR targeting diverse sectors has utilized novel RDP configuration files, enabling significant information exposure.
The strategy employed by Midnight Blizzard marks a shift from their traditionally targeted approaches, now aiming at thousands across multiple organizations, escalating the threat landscape.
These newly utilized RDP config files by Midnight Blizzard could automate an RDP connection to their systems, potentially allowing for severe compromises of sensitive user data.
What differentiates this mass phishing approach is its design allowing access to logged-in users' devices, including their hard drives and printers, enhancing the threat's severity.
Read at Theregister
[
|
]