Bruteforce and external remote access drives a significant portion of incidents, ...

2025-04-02 15:07:31 UTC

Bruteforce and external remote access drives a significant portion of incidents, which also ties to compromised credentials (78% of cases is remote access with valid creds, infostealers go brrrr).

CitrixBleed was 5% of all security incidents - may explain why I made an MSPaint.exe logo for it

The long story short is you need really robust authentication - if you get it wrong, you are toast in 2025 - and really, really robust external services patching. Don't ever present RDP to the internet.

Author Public Key

npub1lcc6wn885u6k395x5j5tmdm94r6dh9zajxm8gyk82pv2s2j3el7sc6lcye

Show more details

Published at

2025-04-02 15:07:31 UTC

Kind type

1 Short Text Note

Event JSON

{ "id": "7a41be2c44240305ead8bc798911901c0ffacbcfc007c2f4c46ac4212ae4d218", "pubkey": "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd", "created_at": 1743606451, "kind": 1, "tags": [ [ "p", "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd" ], [ "proxy", "https://cyberplace.social/@GossiTheDog/114268992400913322", "web" ], [ "imeta", "url https://cyberplace.social/system/media_attachments/files/114/268/985/251/405/106/original/b56a028a2912c150.png", "m image/png" ], [ "e", "9ffce573ff1aea06f430453acccff8764f755684a7020ad8e98dae8be0e82669", "", "reply", "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd" ], [ "e", "05c361ad5eaf3ee8d559616edf9f4990caf1ee334ba47f99ea62a894c0fa95e5", "", "root", "fe31a74ce7a735689686a4a8bdb765a8f4db945d91b67412c75058a82a51cffd" ], [ "proxy", "https://cyberplace.social/users/GossiTheDog/statuses/114268992400913322", "activitypub" ], [ "L", "pink.momostr" ], [ "l", "pink.momostr.activitypub:https://cyberplace.social/users/GossiTheDog/statuses/114268992400913322", "pink.momostr" ], [ "-" ] ], "content": "Bruteforce and external remote access drives a significant portion of incidents, which also ties to compromised credentials (78% of cases is remote access with valid creds, infostealers go brrrr). \n\nCitrixBleed was 5% of all security incidents - may explain why I made an MSPaint.exe logo for it\n\nThe long story short is you need really robust authentication - if you get it wrong, you are toast in 2025 - and really, really robust external services patching. Don't ever present RDP to the internet.\nhttps://cyberplace.social/system/media_attachments/files/114/268/985/251/405/106/original/b56a028a2912c150.png\n", "sig": "85667fb7bc3e637e6a0b711a8523642d63917c2bf068c5b39f83d5bec2b9ef210fe54877a0803743e83b4835a4746ab64ee2b3627601db4aa88ec9e1a1f3c89f" }

Kevin Beaumont on Nostr: Bruteforce and external remote access drives a significant portion of incidents, ...