Tag: credential harvesting
76 articles

Warlock ransomware: Exclusive Critical Threat to SharePoint
If your organization still runs on-premises SharePoint, Trend Micro’s findings are a wake-up call: attackers are using a ToolShell exploit to turn unpatched SharePoint instances into staging grounds for multi-stage Warlock ransomware campaigns that can steal data and cripple recovery. Patch promptly, lock down admin access, and treat collaboration platforms as critical assets before a trusted service becomes an easy path to extortion.

Apache ActiveMQ Critical: Stunning Persistence Risk
Attackers are exploiting an old Apache ActiveMQ flaw to plant persistent access on cloud Linux hosts with a loader called DripDropper — then cunningly patching the same hole to hide their tracks and keep rivals out. If you run ActiveMQ or cloud VMs, inventory, patch, and boost behavior-based detection now before this stealthy campaign takes hold.

malvertising campaign: Exclusive Dangerous PS1Bot Threat
What if the ads you trust were actually a backdoor? A new malvertising campaign is quietly using compromised ad networks to deploy PS1Bot — a modular PowerShell malware that runs in memory, evades traditional defenses, and can turn ordinary browsers into footholds for wider attacks.

Microsoft malware: Stunning Critical Threats Exposed
Russian state-backed hackers have unleashed stealthy Microsoft-targeted malware to hijack Outlook accounts—exposing how fragile our email defenses can be. Now’s the time to tighten security with phishing-resistant MFA, vigilant monitoring, and smarter user habits to stay one step ahead.