From gbhackers.com
Research carried out by security analysts at CRIL (Cyble Research and Intelligence Labs) recently identified several ransomware groups that are actively targeting open RDP ports in an attempt to deploy ransomware.
There could be major security issues that could occur if an RDP port is left open on the internet without being protected. Systems with exposed RDP ports can be easily located by threat actors by scanning the internet.
After that, using either stolen credentials or vulnerabilities, attackers can easily gain access to vulnerable systems by exploiting those exposed RDP ports.