News
Discover
NewsletterLatest news
Vulnerability
Critical Apache Tomcat Vulnerability CVE-2024-34750 Could Bring Your Server to a Halt!
The vulnerability CVE-2024-34750 in Apache Tomcat, as described in the security bulletin AL01/240705/CSIRT-ITA, concerns an issue that can be exploited...
Raffaela Crisci - July 5, 2024
Cybercrime
Threat Actors: Alleged Data Breach of Ukraine Traffic Police
Recently, a threat actor in an underground forum published an alleged data breach. The leak purportedly involves sensitive information from...
RHC Dark Lab - July 5, 2024
Vulnerability
Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC
A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and...
Alessio Stefan - July 5, 2024
Cybercrime
Medusa Ransomware claims responsibility for the attack on Harry Perkins Institute
On July 3, 2024, the Australian research institute Harry Perkins was the victim of a ransomware attack claimed by MEDUSA...
Alessio Stefan - July 5, 2024
Cybercrime
A new potential data breach has exposed sensitive information of 70,000 users of the French amusement park Bol D’Air on BreachForum
Fresh Data Breach Exposes Sensitive Information of French Amusement Park Bol D'Air on BreachForum. Currently, we are unable to accurately...
Alessio Stefan - July 4, 2024
Cybercrime
Threat Actors Post Tennis Tournament Data Breach in Israel
Recently, a threat actor in an underground forum published an alleged data breach. This breach is claimed to have compromised...
RHC Dark Lab - July 4, 2024
Cybercrime
Threat Actors Post Data Breach of SD Biosensor Healthcare Private Limited
A member of BreachForums recently reported a significant data breach involving SD Biosensor Healthcare Private Limited, a company specializing in...
Pietro Melillo - July 4, 2024
Cybercrime
The Reversal of the Brain Cipher Group after the Attack on Indonesia Terkoneksi
In recent days, the ransomware group known as Brain Cipher severely hit the data center of Indonesia Terkoneksi, an attack...
Pietro Melillo - July 3, 2024
innovation
Intel CPUs Vulnerable! New “Indirector” Attack Threatens Sensitive Data Detection.
Modern Intel processors, including Raptor Lake and Alder Lake CPUs (i.e., 12th and 13th generation Intel "Core" processors), are vulnerable...
Raffaela Crisci - July 3, 2024
Cybercrime
Threat Actors Release 2022 Electronic Arts (EA) Employee Database
Recently, a threat actor allegedly leaked a database containing information on Electronic Arts (EA) employees from 2022. The data breach...
Pietro Melillo - July 2, 2024
Vulnerability
OpenSSH: An RCE run as Root puts 14 million instances on Linux at risk
A recent critical vulnerability in OpenSSH, identified as CVE-2024-6387, could allow unauthenticated remote code execution with root privileges on glibc-based...
Sandro Sana - July 2, 2024
Cybercrime
Possible Data Breach of the Internal Security Operations Command (ISOC)
A member of BreachForums has announced a significant data breach involving Thailand's Internal Security Operations Command (ISOC), an agency known...
Pietro Melillo - July 1, 2024
The Ransomware Group Ransomexx Claims Attack on Liteon
On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the...
The dark side of the Windows Command Prompt: how malicious commands can replace legitimate ones
If you choose to read this article, please note that it will not discuss a vulnerability or a bug, but rather an intended behavior of Windows Command Prompt which, in...
RHC interviews RADAR and DISPOSSESSOR: “When it comes to security, the best defense is a good offense.”
In our usual underground analysis activities, we came into contact with the cyber gang DISPOSSESSOR, which came to attention in February 2024 in the cyber threat landscape. Accessing their Data...
IntelBroker Strikes Again: Unauthorized Access to Two Major American Companies Up for Sale
IntelBroker strikes again, announcing the sale of unauthorized access to two major American companies, each with revenues reaching hundreds of billions. This announcement was made public through a post on...
Exposed the Data of 3,379 Spanish Doctors! When Fraud Becomes “On-Target”
Recently, a threat actor in an underground forum called Breach Forums published an alleged data breach. The post claims to have exposed the names, departments, and emails of 3,379 Spanish...
The other side of cybersecurity: stress and burnout are “by design” in domain experts
We often talk about cyber security and the importance of a complete cyber program today. Today, however, we will focus on analyzing another important point in the profession of the...
PoC Released for SQL Injection Without Authentication on WordPress WZone Plugin
A proof of concept (PoC) for a critical vulnerability identified as CVE-2024-33544 has recently been released. This vulnerability involves an unauthenticated SQL injection, which poses a serious threat to the...
Sale of a 0Day RCE Exploit for GLPI HelpDesk
Recently, a user on the Breachforums known as "cisc0" posted an announcement regarding the sale of a 0Day exploit for GLPI HelpDesk. According to the user, this exploit works on...
Play Ransomware Claims Attack on MIPS Technologies
In the last few hours, the Data Leak site of the ransomware gang Play Ransomware has published a new claim: the giant MIPS Technologies (www.mips.com) has been the victim of...
The Hackers Choice – 30 years of hacking without trying to get rich!
Imagine a time before firewalls and ubiquitous encryption, when the digital frontier was wide open for exploration. Hackers weren't criminals, they were pioneers, fueled by an insatiable thirst for knowledge. ...
Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE