{"id":27234,"date":"2019-05-27T16:49:06","date_gmt":"2019-05-27T16:49:06","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/30185\/Intense-Scanning-Activity-Detected-For-BlueKeep-RDP-Flaw.html"},"modified":"2019-05-27T16:49:06","modified_gmt":"2019-05-27T16:49:06","slug":"intense-scanning-activity-detected-for-bluekeep-rdp-flaw","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/","title":{"rendered":"Intense Scanning Activity Detected For BlueKeep RDP Flaw"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/zdnet1.cbsistatic.com\/hub\/i\/r\/2019\/05\/26\/9564ca82-0b51-4e2a-b07c-3e3982217903\/thumbnail\/770x578\/813c7562f52c8d7429a934330ef9bdb4\/bluekeep-scans.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>Threat actors have started scanning the internet for Windows systems that are vulnerable to the BlueKeep (CVE-2019-0708) vulnerability.<\/p>\n<p>This vulnerability impacts the Remote Desktop Protocol (RDP) service included in older versions of the Windows OS, such as XP, 7, Server 2003, and Server 2008.<\/p>\n<p>Microsoft released fixes for this vulnerability on May 14, as part of the May 2019 Patch Tuesday updates train, and warned users and companies to patch vulnerable systems as soon as possible, classifying the issue as very dangerous, and warning that CVE-2019-0708 could be weaponized to create wormable (self-replicating) exploits.<\/p>\n<p>Many have likened BlueKeep to the EternalBlue exploit that&#8217;s been used in 2017 during the WannaCry, NotPetya, and Bad Rabbit ransomware outbreaks.<\/p>\n<h3>No proof-of-concept demo code (yet)<\/h3>\n<p>For this reason, and because of <a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2019\/05\/14\/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft&#8217;s doom-and-gloom warning<\/a>, for the past two weeks, the infosec community has been keeping an eye out for signs of attacks or the publication of any proof-of-concept demo code that could simplify the creation of RDP exploits &#8212; and inherently start subsequent attacks.<\/p>\n<p>Until now, no one researcher or security firm has published any such demo exploit code &#8212; for obvious reasons, since it could help threat actors start massive attacks.<\/p>\n<p>Nonetheless, several entities have confirmed that they&#8217;ve successfully developed exploits for BlueKeep, which they intend to keep private. The list includes <a href=\"https:\/\/twitter.com\/cBekrar\/status\/1128712967845961728\" target=\"_blank\" rel=\"noopener noreferrer\">Zerodium<\/a>, <a href=\"https:\/\/twitter.com\/ChristiaanBeek\/status\/1129617415707533312\" target=\"_blank\" rel=\"noopener noreferrer\">McAfee<\/a>, <a href=\"https:\/\/twitter.com\/oct0xor\/status\/1130534732863803400\" target=\"_blank\" rel=\"noopener noreferrer\">Kaspersky<\/a>, <a href=\"https:\/\/twitter.com\/eyalitkin\/status\/1130890202229157888\" target=\"_blank\" rel=\"noopener noreferrer\">Check Poin<\/a>t, <a href=\"https:\/\/twitter.com\/MalwareTechBlog\/status\/1131784918810353665\" target=\"_blank\" rel=\"noopener noreferrer\">MalwareTech<\/a>, and <a href=\"https:\/\/twitter.com\/ValthekOn\/status\/1129583856636633088\" target=\"_blank\" rel=\"noopener noreferrer\">Valthek<\/a>.<\/p>\n<section class=\"sharethrough-top\" data-component=\"medusaContentRecommendation\" data-medusa-content-recommendation-options=\"{&quot;promo&quot;:&quot;promo_ZD_recommendation_sharethrough_top_in_article_desktop&quot;,&quot;spot&quot;:&quot;dfp-in-article&quot;}\">\n<\/section>\n<p>The NCC Group <a href=\"https:\/\/github.com\/nccgroup\/Cyber-Defence\/blob\/master\/Signatures\/suricata\/2019_05_rdp_cve_2019_0708.txt\" target=\"_blank\" rel=\"noopener noreferrer\">developed detection rules<\/a> for network security equipment so that companies could detect any exploitation attempts, and 0patch <a href=\"https:\/\/0patch.com\/patches.html\" target=\"_blank\" rel=\"noopener noreferrer\">developed a micropatch<\/a> that can temporarily protect systems until they receive the official update.<\/p>\n<p>Further, RiskSense security researcher Sean Dillon <a href=\"https:\/\/github.com\/zerosum0x0\/CVE-2019-0708\" target=\"_blank\" rel=\"noopener noreferrer\">also created a tool<\/a> that companies can use and test to see if their PC fleets have been correctly patched against the BlueKeep flaw.<\/p>\n<h3>BlueKeep scans started over the weekend<\/h3>\n<p>But while the infosec community was holding its collective breath thinking attacks may never start, things changed over the weekend.<\/p>\n<p>On Saturday, threat intelligence firm GreyNoise started detecting scans for Windows systems vulnerable to BlueKeep.<\/p>\n<p>Speaking to <em>ZDNet<\/em>, GreyNoise founder Andrew Morris said they believe the attacker was using the Metasploit module detected by RiskSense to scan the internet for BlueKeep vulnerable host.<\/p>\n<p>&#8220;This activity has been observed from exclusively Tor exit nodes and is likely being executed by a single actor,&#8221; he <a href=\"https:\/\/twitter.com\/GreyNoiseIO\/status\/1132101252006010880\" target=\"_blank\" rel=\"noopener noreferrer\">said in a tweet<\/a> on Saturday.<\/p>\n<p>For now, these are only scans, and not actual exploitation attempts.<\/p>\n<p>However, it appears that at least one threat actor is investing quite the time and effort into compiling a list of vulnerable devices, most likely in preparation for the actual attacks.<\/p>\n<p>With at least six entities revealing they&#8217;ve come up with private BlueKeep exploits, and with at least two very detailed write-ups on the BlueKeep vulnerability details available online [<a href=\"https:\/\/securingtomorrow.mcafee.com\/other-blogs\/mcafee-labs\/rdp-stands-for-really-do-patch-understanding-the-wormable-rdp-vulnerability-cve-2019-0708\/\" target=\"_blank\" rel=\"noopener noreferrer\">1<\/a>, <a href=\"https:\/\/wazehell.io\/2019\/05\/22\/cve-2019-0708-technical-analysis-rdp-rce\/\" target=\"_blank\" rel=\"noopener noreferrer\">2<\/a>], it is only a matter of time until the real bad guys come up with their own exploits as well.<\/p>\n<p>The Tor-originating scans that GreyNoise is currently seeing &#8212; and which Morris told <em>ZDNet<\/em> that are still ongoing at the time of writing &#8212; are a first sign that things are about to get worse. Really worse!<\/p>\n<h3>More vulnerability reports:<\/h3>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/30185\/Intense-Scanning-Activity-Detected-For-BlueKeep-RDP-Flaw.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":27235,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[5505],"class_list":["post-27234","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermicrosoftflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Intense Scanning Activity Detected For BlueKeep RDP Flaw 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Intense Scanning Activity Detected For BlueKeep RDP Flaw 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-05-27T16:49:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/06\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png\" \/>\n\t<meta property=\"og:image:width\" content=\"770\" \/>\n\t<meta property=\"og:image:height\" content=\"578\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Intense Scanning Activity Detected For BlueKeep RDP Flaw\",\"datePublished\":\"2019-05-27T16:49:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/\"},\"wordCount\":527,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png\",\"keywords\":[\"headline,hacker,microsoft,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/\",\"name\":\"Intense Scanning Activity Detected For BlueKeep RDP Flaw 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png\",\"datePublished\":\"2019-05-27T16:49:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/06\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png\",\"width\":770,\"height\":578},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermicrosoftflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Intense Scanning Activity Detected For BlueKeep RDP Flaw\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Intense Scanning Activity Detected For BlueKeep RDP Flaw 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/","og_locale":"en_US","og_type":"article","og_title":"Intense Scanning Activity Detected For BlueKeep RDP Flaw 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-05-27T16:49:06+00:00","og_image":[{"width":770,"height":578,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/06\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Intense Scanning Activity Detected For BlueKeep RDP Flaw","datePublished":"2019-05-27T16:49:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/"},"wordCount":527,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/06\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png","keywords":["headline,hacker,microsoft,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/","url":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/","name":"Intense Scanning Activity Detected For BlueKeep RDP Flaw 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/06\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png","datePublished":"2019-05-27T16:49:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/06\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/06\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw.png","width":770,"height":578},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/intense-scanning-activity-detected-for-bluekeep-rdp-flaw\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftflaw\/"},{"@type":"ListItem","position":3,"name":"Intense Scanning Activity Detected For BlueKeep RDP Flaw"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/27234","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=27234"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/27234\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/27235"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=27234"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=27234"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=27234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}