Red Hot Cyber. The Cybersecurity Blog
Featured Articles
In recent days, the global digital landscape has been rocked by a cybersecurity bug that affected on-premise Microsoft SharePoint servers, exposing thousands of organizations to cyber attacks. This ev...
According to cybersecurity experts, several Chinese hacker groups are exploiting a series of zero-day vulnerabilities in Microsoft SharePoint in their attacks. In particular, it emerged that attackers...
The Red Hot Cyber Conference is back! After the great success of the third and fourth editions, the free annual event created by the RHC community is back! An event designed to bring young people clos...
In February 2025 we had already observed the functioning of DDoSIA, the crowd-hacking system promoted by NoName057(16): a client distributed via Telegram, DDoS attacks against European targets, reward...
Artificial intelligence (AI) is software that can generate output (i.e., content, predictions, decisions, recommendations) capable of interacting with the environment and according to human objectives...
New wave of Microsoft SharePoint Server attacks claims victims: over 100 organizations affected
We recently discussed a critical zero-day vulnerability, CVE-2025-53770, in Microsoft SharePoint Server, which bypasses the previous security flaw CVE-2025-49706. It was already known at the time that the vulnerability involved the deserialization of untrusted data, thus allowing code execution even
16 flaws discovered in MediaTek chips: smartphones and smart TVs at risk!
In an age where connectivity is ubiquitous and smart devices are an integral part of our daily lives, cybersecurity is no longer optional, but a necessity. Every month, major chip manufacturers like MediaTek publish security bulletins to inform industry partners
Sophos fixes five vulnerabilities in Sophos Firewall, two of which are rated critical
Sophos recently announced the fixes for five independent security vulnerabilities found in its firewalls, some critical and others high and medium. The vulnerabilities have been fixed via automatically distributed hotfixes, without requiring customers to take action, provided that the “Allow
TIM’s Red Team Research discovers five CVEs on Eclipse GlassFish, one critical (score 9.8)
Thursday, July 16 was a significant day for the cybersecurity researchers of the Italian Red Team Research (RTR) team of TIM, which saw the publication of five new vulnerabilities (CVE) discovered in the Eclipse GlassFish project, one of which was
What is Secure Code Development? Discovering an essential practice in cybersecurity.
In the previous article on Patch Management, we started talking about 4 fundamental pillars in the world of Cybersecurity. These four pillars are Patch Management, Hardening, Secure Code Development, and Encryption. The goal of this article is to offer a
What is Hardening: Discovering a Preemptive Strategy for Threat Mitigation
We often talk about “hardening” systems, but many people still don’t know exactly what we’re talking about. We’ve almost all discovered the pillars of cybersecurity, and among them are the Patching process and the secure code development. In addition to
Discovering IaB JohnDoe7: Access for sale from the common man
Redazione RHC - July 23rd, 2025
We continue our series of articles on Initial Access Brokers with an article on JohnDoe7 (also known as LORD1), who, as we'll see later, uses a name/moniker reminiscent of movies...
Cyberattacks skyrocket in Europe! Every three minutes, a company is hit.
Redazione RHC - July 23rd, 2025
With the rapid growth of digital threats, businesses around the world are under cyberattack. According to the latest data from Check Point Research, each organization experiences an average of 1,984...
What are penetration tests, why are they done, who performs them, and the benefits for organizations.
Redazione RHC - July 22nd, 2025
Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order...
What is Zero Trust Security? A Journey into the Future of Security 2.0
Redazione RHC - July 22nd, 2025
What is Zero Trust? Why is it so important today and why is there so much talk about it? Zero Trust is an innovative approach that is increasingly gaining traction...
Sign up for the newsletter