Windows Remote Desktop Protocol: Remote to Rogue
Apr 14, 2025•34 min
Episode description
Host Luke McNamara is joined by GTIG Senior Security Researcher Rohit Nambiar to discuss Rohit's recent blog on some interesting usage of RDP by UNC5837. Rohit covers the discovery of the campaign, and the novel functionalities they were using to likely support cyber espionage goals. He delves into these findings and the usage of RemoteApps and victim file mapping via RDP, and closes with some of the mysteries that remain about this activity.
https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol
For the best experience, listen in Metacast app for iOS or Android
Open in Metacast