Over the past several months I have been observing random Remote Desktop Protocol (RDP) activity targeting my honeypot. Back in September, US-Cert [1] issued an alert regarding RDP being actively used and exploited by malicious actors released by the FBI [2].
Article Link: https://isc.sans.edu/diary/rss/24422