New in 2020.7: New RDP attack alerts & new notifications system

  • July 2, 2020
  • 2 min read
New in 2020.7 - New RDP attack alerts and new notifications system

Closing the entry door for RDP-based attacks (ransomware)

Remote Desktop Protocol (RDP) is currently, by a wide margin, the most common attack vector used by threat actors to gain access to Windows computers and install ransomware and other malware. 

RDP was designed to enable remote access for technicians to resolve software issues. However, if not properly secured through VPNs or other means, RDP functions as an open invitation to attackers – especially on business servers that are online 24/7.

Emsisoft protection software now monitors the status of the RDP service in real-time. If it detects multiple failed login attempts, it will trigger an alert on the Cloud Console for administrators. They can then decide whether to disable the RDP service on the affected device.

In addition, the single-device dashboard also shows the status of the RDP service on each device.

Note: The RDP feature works with Windows 10 and Windows Server 2012 and up.

New notifications sidebar

We’ve added a new notification feature to Emsisoft Cloud Console, which improves daily workflow and efficiency for security admins. It highlights all events that require an urgent response, such as newly found threats, partially disabled security components or missing software updates.

New fully customizable workspaces and devices lists

One of the features frequently requested by our customers was the ability to select custom columns with device properties on the Cloud Console workspace dashboard. You can now choose from more than 25 available metadata columns. This allows you to optimize your daily workflow without missing any important security-relevant information.

All 2020.7 improvements in a nutshell

Emsisoft Anti-Malware

MyEmsisoft/Cloud Console

How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great and well-protected day!

Emsi

Emsi

Emsisoft founder and managing director. In 1998 when I was 16, a so called 'friend' sent me a file via ICQ that unexpectedly opened my CD-ROM drive, which gave me a big scare. It marked the start of my journey to fight trojans and other malware. My story

What to read next

Reader Comments