Exposed VNC instances threatens critical infrastructure as attacks spike

Published by
CSO

By Michael Hill New research from threat intelligence and cybersecurity company Cyble has identified a peak in attacks targeting virtual network computing (VNC) – a graphical desktop-sharing system that uses the Remote Frame Buffer (RFB) protocol to control another machine remotely – in critical infrastructure sectors. By analyzing the data from its Global Sensor Intelligence (CGSI), Cyble researchers noticed a spike in attacks on port 5900 (the default port for VNC) between July 9 and August 9, 2022. Most attacks originated from the Netherlands, Russia, and Ukraine, according to the firm, and…

Read More