Red Hot Cyber. The Cybersecurity Blog
What are penetration tests, why are they done, who performs them, and the benefits for organizations.
Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order to identify and a...
What is Identity and Access Management (IAM)? Let’s find out how to protect your online identities.
How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper r...
Sophos fixes five vulnerabilities in Sophos Firewall, two of which are rated critical
Sophos recently announced the fixes for five independent security vulnerabilities found in its firewalls, some critical and others high and medium. The vulnerabilities have been fixed via automaticall...
What is Secure Code Development? Discovering an essential practice in cybersecurity.
In the previous article on Patch Management, we started talking about 4 fundamental pillars in the world of Cybersecurity. These four pillars are Patch Management, Hardening, Secure Code Development, ...
Vulnerability in 7-Zip: Attackers can perform denial-of-service attacks
A critical security flaw related to memory corruption has been discovered in the popular 7-Zip archiver. This vulnerability can be exploited by attackers to cause denial-of-service conditions by creat...
What are Side Channel Attacks? How they work and how to defend data from cyber threat physics.
Side Channel Attacks represent a sophisticated category of cyber threats that focus on weaknesses in security systems. These attacks differ from traditional techniques based on brute force or software...
What is cyber hacktivism? History, motivations, hacking, consequences, and evolution.
The term “hacktivism” is a combination of the English terms “hacking” and “hacktivism” and was coined to describe the use of computer hacking for political or socia...
Disloyal employees. Let’s find out who they are and how to protect ourselves from this growing threat.
In the digital age, cybersecurity is a critical issue for any company handling sensitive data. However, not all risks are external. In fact, employees themselves often pose a threat to an organization...
Bullying and cyberbullying: what it is and how to protect yourself.
News reports are highlighting an ever-increasing number of cases of cyberbullying, some with dramatic outcomes (see incitement to suicide). Cyberbullying is a new form of psychological violence, an in...
What are Botnets? A Journey Through Malware, Cyber Threat Intelligence, and OSINT
The Internet provides a sea of information. We often talk on RHC about Open Source Intelligence (OSINT) and Cyber Threat Intelligence (CTI), i.e. those intelligence disciplines that deal with the rese...
Featured Articles

Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order to identify and a...

How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper r...

Sophos recently announced the fixes for five independent security vulnerabilities found in its firewalls, some critical and others high and medium. The vulnerabilities have been fixed via automaticall...

In the previous article on Patch Management, we started talking about 4 fundamental pillars in the world of Cybersecurity. These four pillars are Patch Management, Hardening, Secure Code Development, ...

A critical security flaw related to memory corruption has been discovered in the popular 7-Zip archiver. This vulnerability can be exploited by attackers to cause denial-of-service conditions by creat...

What are penetration tests, why are they done, who performs them, and the benefits for organizations.
Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order to identify and assess the vulnerabilities of a computer system

What is Zero Trust Security? A Journey into the Future of Security 2.0
What is Zero Trust? Why is it so important today and why is there so much talk about it? Zero Trust is an innovative approach that is increasingly gaining traction as a powerful strategy for protecting data, resources, and privacy.

What are Common Vulnerabilities and Exposures (CVE)
The primary goal of computer security is vulnerability management. In achieving this goal, CVE helps specialists, who are an integral part of the information security community. If you’re a reader of RHC, you’ve probably heard this acronym before, but what

What is Identity and Access Management (IAM)? Let’s find out how to protect your online identities.
How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper records of them? How does a large organization manage the digital identities of individual

New wave of Microsoft SharePoint Server attacks claims victims: over 100 organizations affected
We recently discussed a critical zero-day vulnerability, CVE-2025-53770, in Microsoft SharePoint Server, which bypasses the previous security flaw CVE-2025-49706. It was already known at the time that the vulnerability involved the deserialization of untrusted data, thus allowing code execution even

16 flaws discovered in MediaTek chips: smartphones and smart TVs at risk!
In an age where connectivity is ubiquitous and smart devices are an integral part of our daily lives, cybersecurity is no longer optional, but a necessity. Every month, major chip manufacturers like MediaTek publish security bulletins to inform industry partners

What are penetration tests, why are they done, who performs them, and the benefits for organizations.
Redazione RHC - July 22nd, 2025
Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order...

What is Zero Trust Security? A Journey into the Future of Security 2.0
Redazione RHC - July 22nd, 2025
What is Zero Trust? Why is it so important today and why is there so much talk about it? Zero Trust is an innovative approach that is increasingly gaining traction...

What are Common Vulnerabilities and Exposures (CVE)
Redazione RHC - July 22nd, 2025
The primary goal of computer security is vulnerability management. In achieving this goal, CVE helps specialists, who are an integral part of the information security community. If you're a reader...

What is Identity and Access Management (IAM)? Let’s find out how to protect your online identities.
Redazione RHC - July 22nd, 2025
How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper records of them? How...
Sign up for the newsletter