#CredentialHygiene

Ransomware gangs are loving this dumb but deadly make-me-admin ESXi vulnerability

by

July 30, 2024 at 07:22AM Recent Microsoft news serves as a caution to not join VMware ESXi hypervisor to Active Directory due to a newly patched vulnerability, CVE-2024-37085. Exploiting this allows attackers to gain full control of an ESXi hypervisor, potentially causing data theft, network disruption, or ransomware deployment. Patches are available, and enhanced credential … Read more

Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds

by

December 16, 2023 at 12:36AM Microsoft is alerting about an increase in malicious activities by an emerging threat group, Storm-0539, targeting retail entities through advanced email and SMS phishing attacks. The attacks aim to steal credentials and session tokens to conduct gift card fraud and theft during the holiday shopping season. The group is financially … Read more