Red Hot Cyber. The Cybersecurity Blog
Critical Vulnerability in MongoDB Compass: CVE-2024-6376 Exposes Systems to Code Injection Risks
A critical security vulnerability, identified as CVE-2024-6376, has been discovered in MongoDB Compass, a widely-used graphical interface for MongoDB data management. This security flaw could have serious repercussions, including data loss and unauthorized access to systems. Vulnerability Details The vulnerability
Latvian Government Database Compromised: Over 1.6 Million Government Data Lines!
A malicious actor has claimed to have leaked a database containing over 1.6 million lines of data from the Latvian government. The data breach, dated July 7, 2024, includes all information from Latvian government authorities. Incident Details The announcement of
Threat Actors Steal 5.90 GB of Sensitive Data from the Fiscalía General del Estado de Veracruz!
In an era where cybersecurity has become crucial for protecting sensitive data, a recent leak has revealed an alleged security breach at the Fiscalía General del Estado de Veracruz. A malicious actor known as “dwShark” claimed to have stolen the
Dangerous 0day Windows LPE Vulnerability for Sale in the Underground
A malicious actor, under the name “tikila”, has posted an advertisement on a hacking forum for the sale of a local privilege escalation (LPE) vulnerability for Windows. According to the post, this vulnerability has been tested and confirmed to work
Europol Breached: Secret Documents for Sale on the Dark Web
July 6, 2024: A well-known user of the BreachForums, IntelBroker, has recently announced the sale of a collection of crypto-related documents stolen from Europol’s EPE platform. The data breach, which occurred in May 2024, involved the theft of critical files
The New RockYou2024 Collection has been published! 10 Billion Credentials Compromised
Everyone involved with CTF has used the infamous rockyou.txt wordlist at least once, mainly to perform password cracking activities. The file is a list of 14 million unique passwords originating from the 2009 RockYou hack making a piece of computer security history. The
RHC DarkLab Interview Stormous Ransomware. Between history, ideology, techniques and tactics
Redazione RHC - November 24th, 2024
The Stormous group represents a significant threat in the ransomware landscape: it has an established reputation for its targeted attacks and its overtly pro-Russian ideology. The group may have started...
How Threat Actor make EDR’s harmless with a reboot
Alex Necula - November 22nd, 2024
I became aware of this technique like 9 months ago, and now I see this on a attack in the wild conducted by Qilin Ransomware Gang, so it’s time to...
The Story Of Conti Ransomware – The War Within (Episode 2)
Alessio Stefan - November 22nd, 2024
This is a continuation of the Conti story. You can read the previous part, which covered the group's origins, in the previous article. We will now explore the internal components...
IntelBroker Claims Tesla Charging Database Breach
Redazione RHC - November 20th, 2024
Recently, the threat actor known as IntelBroker , posted an alleged data breach. The post, which appeared on the BreachForums platform, claims that Tesla’s charging station database has been compromised and made...
Sign up for the newsletter