Latest news with #RemoteDesktopProtocol
Yahoo
10-06-2025
- Business
- Yahoo
Shelves getting bare at Whole Foods? Distributor hit with cyberattack. What to know in Florida
If you're finding shelves a little bare at Whole Foods, there's a reason for that. A major food distributor that supplies items to Amazon-owned Whole Foods and other grocers was hit by a cyberattack. North American wholesale distributor United Natural Foods issued a statement June 9 saying unauthorized activity in its systems forced it to take some of them offline. Here's what you should know. North American wholesale distributor United Natural Foods said June 9 unauthorized activity in its systems forced it to take some of the systems offline. United Natural Foods is the largest health and specialty food distributor in the United States and Canada and the main supplier for high-end supermarket chain Whole Foods, according to The cyberattack was discovered on June 5. "The investigation to assess the impact and scope of the incident remains ongoing and is in its early stages," the company told the Securities and Exchange Commission. United Natural Foods said in a filing with the Securities and Exchange Commission the incident "has temporarily impacted the company's ability to fulfill and distribute customer orders." "As we work through this issue, our customers, suppliers, and associates are our highest priority. We are working closely with them to minimize disruption as much as possible," a statement said. United Natural Foods said it "has implemented workarounds for certain operations in order to continue servicing its customers where possible. The company is continuing to work to restore its systems to safely bring them back online." " 'Temporary disruptions' are expected at the more than 30,000 locations it serves in all 50 U.S. states and all 10 provinces of Canada." A Whole Foods spokesperson said the supermarket chain is working to restock its shelves as quickly as possible and said it apologies for any inconveniences to customers. Cyberattacks targeting the food and agriculture sector have surged over the past five years, with research showing a more than 600% spike in attacks in 2020 alone, according to The FBI published a warning to the private sector about cyberattacks, saying "the food and agriculture sector is among the critical infrastructure sectors increasingly targeted by cyberattacks. "Ransomware attacks targeting the food and agriculture sector disrupt operations, cause financial loss, and negatively impact the food supply chain. "Ransomware may impact businesses across the sector, from small farms to large producers, processors and manufacturers, and markets and restaurants," the FBI said. "Cyber criminal threat actors exploit network vulnerabilities to exfiltrate data and encrypt systems in a sector that isincreasingly reliant on smart technologies, industrial control systems, and internet-based automation systems. "The most common means of infection are email phishing campaigns, Remote Desktop Protocol (RDP) vulnerabilities, and software vulnerabilities," the FBI said. According to data company scrapehero, there are 525 Whole Foods stores in the U.S., with 35 in Florida. Top states with Whole Foods locations: California: 95 Florida: 35 Texas: 35 New York: 34 Massachusetts: 32 Florida-based grocery store chain Publix is the largest employee-owned company in the U.S. and dominates the Sunshine State in the number of locations. According to its website, Publix has 1,407 grocery stores in eight states. There are 878 stores in Florida. Florida: 878 stores Georgia: 220 stores Alabama: 94 stores South Carolina: 70 stores Tennessee: 59 stores North Carolina: 58 stores Virginia: 24 stores Kentucky: 4 stores Contributing: Anthony Robledo, USA Today This article originally appeared on Florida Times-Union: United Natural Foods cyberattack threatens Whole Foods groceries
Forbes
01-05-2025
- Forbes
Windows Warning — Microsoft Confirms Old Passwords Still Work To Login
Microsoft has confirmed using an old Windows password can still log you in. File under what the actual heck, especially on World Password Day. Microsoft has confirmed that, in certain circumstances, using an old Windows password, one that you have changed, that has been revoked, will still enable a successful login. Yes, you read that right, and it gets worse: Microsoft says this is a feature, not a password security vulnerability, and has no plans to change the behavior. As you might imagine, in the run-up to World Password Day on May 1, there have been a myriad of password warning stories to grab your attention. Everything from a Microsoft password spraying attack, malware publishing more than 1.7 billion stolen passwords to criminal forums, and details of sinister password thief known as The ToyMaker emerging. What I never expected to see, however, was Microsoft confirm that an old and revoked password could still be used to access your Windows account, and such behavior wasn't a security vulnerability but a feature. Yet here we are. Who needs an automatic password hacking machine when you've got this insanity? As first reported by Dan Goodin for Ars Technica, the problem sits with the Remote Desktop Protocol used to enable a remote user to log in and use their Windows machine as if they were physically sat in front of it. The same protocol that is much beloved by criminal hackers, it has to be said, which makes the whole feature not a bug password problem even more mind-boggling. Daniel Wade, an independent security researcher, contacted Microsoft's security response center when discovering that, after changing a password, the old one could still give access to the Windows machine. Wade found that such old credentials worked from new machines, Microsoft's security protections didn't raise any red flags when using them, and, wait for it, there's no way for an end-user to detect, let alone fix, the issue. What it has done is update some documentation so as to state that credentials are verified against a local cached copy before being authenticated over the network. 'If the user changes their password in the cloud,' the documentation now states, 'the cached verifier is not updated, which means that they can still access their local machine using their old password.' I have reached out to Microsoft for a statement, but in the meantime, the response to Wade was that the issue was 'a design decision to ensure that at least one user account always has the ability to log in no matter how long a system has been offline.' Microsoft told Wade that this wasn't a Windows security vulnerability, according to Goodin, and Microsoft security engineers had no plans to change it.
Associated Press
15-04-2025
- Business
- Associated Press
Atsign Revolutionizes Remote Access with "Invisible RDP" Powered by NoPorts Technology
SAN JOSE, Calif., April 15, 2025 (GLOBE NEWSWIRE) -- Atsign, a leader in pre-emptive security solutions and infrastructure, announced its groundbreaking approach to remote access with 'Invisible RDP,' powered by its innovative NoPorts technology. With cyber threats targeting vulnerable Remote Desktop Protocol (RDP) services escalating, Atsign offers a paradigm shift in security by rendering RDP servers and other critical infrastructure completely undetectable to external threats. Traditional remote access methods rely on open inbound ports, creating a visible pathway for malicious actors to discover and target systems. This fundamental design flaw has been the root cause of countless ransomware attacks and data breaches exploiting RDP vulnerabilities. Atsign's NoPorts technology eliminates this inherent risk by closing all inbound ports. Instead of waiting for a connection attempt to initiate security protocols, NoPorts establishes secure, peer-to-peer connections only after successful, out-of-band authentication. This means that RDP servers protected by NoPorts are simply invisible to unauthorized scans and probes – 'they can't attack what they can't find.' Key Benefits of Atsign's Invisible RDP 'The persistent threat landscape demands a fundamental change in how we approach remote access security,' said Barbara Tallent, CEO of Atsign. 'NoPorts represents that change. By making critical infrastructure components like RDP servers invisible, we are effectively taking them off the map for cybercriminals. This isn't just about better security; it's about fundamentally eliminating entire classes of attacks.' Atsign's NoPorts technology is not limited to RDP. It provides a secure and invisible connectivity layer for a wide range of applications and services, offering an enhanced approach to data privacy and security in an increasingly interconnected world. About NoPorts NoPorts eliminates network & security vulnerabilities by securing connections between people, entities, and things making them invisible to would-be attackers by eliminating attack network surfaces. Built on Atsign's atPlatform, NoPorts provides a zero trust architecture, end-to-end encryption, and no reliance on cumbersome security layers, enabling seamless and secure communication across virtually any environment. Organizations gain scalability, operational efficiency, and stronger security—all while reducing costs and complexity. For more information, visit About Atsign At Atsign, we believe that people, entities, and things—including AI—should connect securely and directly, while always being invisible to bad actors. By eliminating the need for open ports and centralized servers, the atPlatform empowers developers and organizations to build applications with 'invisible' security built in, placing data and device control back into the hands of their owners. Atsign is the creator of the atPlatform, the most robust infrastructure available for 'invisible networking' and secure, private, peer-to-peer connectivity. Learn more at For More Information Contact Scott Hetherington Atsign [email protected] 844-827-0985
Associated Press
20-02-2025
- Business
- Associated Press
TruGrid Introduces RDP Inspector: A Free Tool to Detect Open Ports
Schaumburg, IL - February 20, 2025 - TruGrid, a leader in secure remote access and zero-trust solutions, has launched RDP Inspector, a free, web-based tool designed to help businesses and cybersecurity professionals detect vulnerable open ports on the internet. With cyberattacks increasingly targeting Remote Desktop Protocol (RDP) and other internet vulnerabilities, RDP Inspector offers organizations a way to show open and vulnerable ports on their firewalls. Rising Cybersecurity Threats Through Open Ports Open ports are a significant security risk, often exploited by attackers to infiltrate networks, steal sensitive data, and deploy malware. Exposed RDP services are targeted by ransomware operators, with attacks such as Dharma and Venus ransomware actively exploiting poorly configured RDP servers. An experiment by GoSecure found that an exposed RDP honeypot was attacked over 3.5 million times within three months. These numbers underscore the urgent need for businesses to secure their network perimeters by detecting and mitigating open port vulnerabilities. TruGrid's RDP inspector aims to bridge this security gap by offering instant visibility into open ports. Through internet scans, the tool identifies exposed ports and provides actionable insights essential for mitigating cyber risks. 'RDP Inspector empowers organizations to take the first step in assessing and mitigating network vulnerabilities. Our goal is to provide businesses with an easy-to-use, effective tool to enhance their cybersecurity, regardless of their technical expertise.', said Peter Ayedun, CEO of TruGrid. Key features of RDP Inspector include: Browser-Based Scanning: Users can access the tool from any web browser, eliminating the need for additional software. Vulnerability Detection: Scans for open ports and services that could expose systems to unauthorized access or attacks. Actionable Reports: Generates detailed security reports to help organizations identify, prioritize, and resolve vulnerabilities. In-country Usage: Built-in safeguards, such as geo-blocking, prevent misuse and ensure responsible tool usage for in-country scans. RDP Inspector presents the results in either the tool's interface or via email reports. This allows users to receive both instant and comprehensive feedback on their network's security posture so they can prioritize and address risks more efficiently. A Comprehensive Security Strategy RDP Inspector complements TruGrid SecureRDP, the company's flagship solution for secure remote desktop access. While RDP Inspector identifies open and vulnerable ports, SecureRDP enhances security by allowing RDP access without any firewall exposure. It does this with no need for VPNs or inbound firewall exposure. TruGrid SecureRDP makes networks invisible to attackers over the internet. The solution incorporates multi-factor authentication (MFA) by default and is built on a zero-trust architecture, ensuring that access is verified in the cloud before access is granted to protected resources. TruGrid utilizes a high-performance global fiber-optic network to minimize latency, delivering a smooth remote desktop experience for users Strengthening Cybersecurity Together, RDP Inspector and SecureRDP provide businesses with a proactive, end-to-end approach to network security. These tools help organizations address vulnerabilities, improve their cybersecurity posture, and maintain secure operations without compromising efficiency and user experience. TruGrid's solutions are designed to support the growing demand for secure remote and hybrid work environments, offering accessible security options for businesses of all sizes. RDP Inspector is available now at About TruGrid TruGrid is a cybersecurity company dedicated to simplifying secure remote work. Its innovative solutions modernize access to Windows computers and RDS Farms by eliminating the need for VPNs, inbound firewall exposures, gateways, and SSL certificates. With cloud-based authentication and built-in multi-factor authentication (MFA), TruGrid ensures only pre-authenticated users can access corporate networks. This approach helps organizations strengthen their cybersecurity posture while meeting compliance requirements. TruGrid's secure remote access platform is trusted by businesses worldwide to enhance productivity, reduce IT complexity, and safeguard critical assets against cyber threats. Media Contact Company Name: TruGrid Contact Person: Brandon Martens
Globe and Mail
20-02-2025
- Business
- Globe and Mail
TruGrid Introduces RDP Inspector: A Free Tool to Detect Open Ports
Schaumburg, IL - February 20, 2025 - TruGrid, a leader in secure remote access and zero-trust solutions, has launched RDP Inspector, a free, web-based tool designed to help businesses and cybersecurity professionals detect vulnerable open ports on the internet. With cyberattacks increasingly targeting Remote Desktop Protocol (RDP) and other internet vulnerabilities, RDP Inspector offers organizations a way to show open and vulnerable ports on their firewalls. Rising Cybersecurity Threats Through Open Ports Open ports are a significant security risk, often exploited by attackers to infiltrate networks, steal sensitive data, and deploy malware. Exposed RDP services are targeted by ransomware operators, with attacks such as Dharma and Venus ransomware actively exploiting poorly configured RDP servers. An experiment by GoSecure found that an exposed RDP honeypot was attacked over 3.5 million times within three months. These numbers underscore the urgent need for businesses to secure their network perimeters by detecting and mitigating open port vulnerabilities. TruGrid's RDP inspector aims to bridge this security gap by offering instant visibility into open ports. Through internet scans, the tool identifies exposed ports and provides actionable insights essential for mitigating cyber risks. 'RDP Inspector empowers organizations to take the first step in assessing and mitigating network vulnerabilities. Our goal is to provide businesses with an easy-to-use, effective tool to enhance their cybersecurity, regardless of their technical expertise.', said Peter Ayedun, CEO of TruGrid. Key features of RDP Inspector include: Browser-Based Scanning: Users can access the tool from any web browser, eliminating the need for additional software. Vulnerability Detection: Scans for open ports and services that could expose systems to unauthorized access or attacks. Actionable Reports: Generates detailed security reports to help organizations identify, prioritize, and resolve vulnerabilities. In-country Usage: Built-in safeguards, such as geo-blocking, prevent misuse and ensure responsible tool usage for in-country scans. RDP Inspector presents the results in either the tool's interface or via email reports. This allows users to receive both instant and comprehensive feedback on their network's security posture so they can prioritize and address risks more efficiently. A Comprehensive Security Strategy RDP Inspector complements TruGrid SecureRDP, the company's flagship solution for secure remote desktop access. While RDP Inspector identifies open and vulnerable ports, SecureRDP enhances security by allowing RDP access without any firewall exposure. It does this with no need for VPNs or inbound firewall exposure. TruGrid SecureRDP makes networks invisible to attackers over the internet. The solution incorporates multi-factor authentication (MFA) by default and is built on a zero-trust architecture, ensuring that access is verified in the cloud before access is granted to protected resources. TruGrid utilizes a high-performance global fiber-optic network to minimize latency, delivering a smooth remote desktop experience for users Strengthening Cybersecurity Together, RDP Inspector and SecureRDP provide businesses with a proactive, end-to-end approach to network security. These tools help organizations address vulnerabilities, improve their cybersecurity posture, and maintain secure operations without compromising efficiency and user experience. TruGrid's solutions are designed to support the growing demand for secure remote and hybrid work environments, offering accessible security options for businesses of all sizes. RDP Inspector is available now at For more information on TruGrid's full suite of cybersecurity solutions, visit About TruGrid TruGrid is a cybersecurity company dedicated to simplifying secure remote work. Its innovative solutions modernize access to Windows computers and RDS Farms by eliminating the need for VPNs, inbound firewall exposures, gateways, and SSL certificates. With cloud-based authentication and built-in multi-factor authentication (MFA), TruGrid ensures only pre-authenticated users can access corporate networks. This approach helps organizations strengthen their cybersecurity posture while meeting compliance requirements. TruGrid's secure remote access platform is trusted by businesses worldwide to enhance productivity, reduce IT complexity, and safeguard critical assets against cyber threats. Socials: LinkedIn, Facebook Media Contact Company Name: TruGrid Contact Person: Brandon Martens Email: Send Email Phone: (224)-828-5653 Country: United States Website:
