THREATOPS
THREAT OPSThreat News › Nearly 2,000 Malicious IPs Probe Microsoft Remote Desktop After Single-Day Surge

Nearly 2,000 Malicious IPs Probe Microsoft Remote Desktop After Single-Day Surge

infogreynoise_blogPublished 2025-08-25

On August 21, GreyNoise observed a sharp surge in scanning against Microsoft Remote Desktop (RDP) services. The wave’s aim was clear: test for timing flaws that reveal valid usernames, laying the groundwork for credential-based intrusions.

Original source: https://www.greynoise.io/blog/surge-malicious-ips-probe-microsoft-remote-desktop