Red Hot Cyber. The Cybersecurity Blog
NSO Group targeted! BlackMeta attacks Spyware maker’s central domain
The Pro-Palestinian group BlackMeta (or DarkMeta) announced on August 1, 2024, on their official telegram channel that they conducted a destructive attack on the NSO group’s infrastructure, including the central domain. Along with the site of the Israeli intelligence group,
Echelon Stealer: The Open Source Malware
Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features for extracting sensitive data. Despite being presented as an educational
Ferrari avoids deepfake scam! An executive unmasks the CEO’s fake audio messages
In an incident earlier this month, a Ferrari executive found himself receiving unusual messages that appeared to come from the company’s CEO, Benedetto Vigna. The messages came via WhatsApp, owned by Meta Inc. and suggested that a major acquisition was
The Ransomware Group Ransomexx Claims Attack on Liteon
On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the growing threat that cybercriminals pose to large companies. Below, we
A Threat Actors Posts Update on Luxottica’s 2021 Data Breach
Recently, a threat actor in a clandestine forum posted an update on the 2021 data breach concerning the giant Luxottica, one of the world’s largest eyewear companies. According to the post, the breach allegedly exposed extensive personal information of millions
The dark side of the Windows Command Prompt: how malicious commands can replace legitimate ones
If you choose to read this article, please note that it will not discuss a vulnerability or a bug, but rather an intended behavior of Windows Command Prompt which, in my opinion, poses a security risk.I decided to publish it
Ransomware Gangs weaponize Windows Defender Application Control (WDAC) to disable EDR products.
Alex Necula - January 13th, 2025
In the past days we saw that Ransomware Gangs use WDAC to disable EDR products. I have known this type of attack for a year when a guy posts a...
The Story Of Conti Ransomware – The Last Ceremony (Final Episode)
Alessio Stefan - January 8th, 2025
This is the last episode of “The Story Of Conti Ransomware” series, we would finally reach the decline of the group and what this means for the current ransomware landscape....
The Fall of the Human Conscience: Programming Desensitization
Olivia Terragni - January 4th, 2025
Author: Ashleigh Crause Is our Obsessive use of technology making us insensitive? “Technology - Ashleigh Crause tells us - is, by far, one of the most amazing inventions to date”....
Harley-Davidson Targeted by Cyber Criminals: 888 Claims Data Breach
RHC Dark Lab - December 31st, 2024
Recently, a threat actor on an underground forum posted an alleged data breach. According to reports, the famous American company Harley-Davidson has been the victim of a data breach that...
Sign up for the newsletter