Trouble
Noob Whisperer
Looks like a brand new Worm called Morto is using RDP (Remote Desktop Protocol) and port 3389 (default listening port) as an attack vector to infect some machines and subsequently using some type of brute force password guessing mechanism to further compromise these computers.
A good reason why I often recommend changing the default listening port as well as using strong passwords and based on the information in the related article, that is a one two punch that will probably keep you safe or at least safer from this one.
It's unclear from the article as to exactly how many windows machines might actually be targeted since there is only a reference to a 2k3 r2 server (new install, fully patched) but I thought I would mention it here with a link to the article just to be on the safe side.
Regards
Randy
A good reason why I often recommend changing the default listening port as well as using strong passwords and based on the information in the related article, that is a one two punch that will probably keep you safe or at least safer from this one.
It's unclear from the article as to exactly how many windows machines might actually be targeted since there is only a reference to a 2k3 r2 server (new install, fully patched) but I thought I would mention it here with a link to the article just to be on the safe side.
Regards
Randy
