Explore the risks and mitigation strategies associated with Remote Desktop Protocol (RDP) in this informative conference talk from NorthSec 2022. Delve into the growing importance of RDP in remote work environments and its security implications when improperly deployed. Learn about conventional RDP attacks, including Monster-in-the-Middle (MITM) and NetNTLMv2 hash capture, as well as techniques to bypass Network Level Authentication (NLA). Discover the default vulnerability allowing server-side NLA downgrades in all clients. Gain insights from both attacker and defender perspectives, with step-by-step instructions for deploying a secure and functional RDP server. Benefit from the expertise of cybersecurity researchers Olivier Bilodeau and Lisandro Ubiedo as they share their findings from three years of work on PyRDP, an open-source RDP library.