Hunting Down 1 Second Logins

Recently, my team and I worked several incidents where folks had exposed Terminal Servers directly to the Internet. (Don’t do this!) Even worse, many of these systems had a significant lack of proper password controls. As you might expect, within a few days, they were compromised by remote attackers using password brute force tools. But, this article isn’t really about that…