Red Hot Cyber. The Cybersecurity Blog
DataLeak Microsoft: 4GB of Microsoft PlayReady Code Made Public!
On June 11, a Microsoft engineer inadvertently made 4GB of internal code related to Microsoft PlayReady public. The information leak occurred on the Microsoft Developer Community, a forum dedicated to developers. Details of the Information Leak The leaked material included:
Linux Kernel UAF 0-day Vulnerability on sale in the Dark Web
Recently, a security alert shaked the infosec environment: A malicious actor has announced the sale of Use After Free (UAF) 0-day vulnerability affecting the Linux Kernel on the well-known darknet forum BreachForum. The vulnerabilit permits high privileges code execution to
WordPress: Five Plugins Found with Malicious Code
On June 24, 2024, Wordfence revealed a supply chain attack on WordPress plugins, leading to the compromise of five plugins with malicious code. The affected plugins are: The malicious code aimed to create a new admin user and inject SEO
Julian Assange Free! Freedom Reclaimed After Five Years of Detention
London, June 25, 2024 – Julian Assange, the founder of WikiLeaks, was released yesterday from the maximum-security Belmarsh prison after spending 1901 days in detention. The news was announced by WikiLeaks on the social media platform X, confirming that Assange
BlackByte: The Return of the Gang after a few months of inactivity
In recent years, the cybersecurity landscape has been marked by ongoing ransomware attacks , with criminal groups constantly evolving to evade defenses. One such group, known as BlackByte, recently returned to action after months of inactivity, reviving its double extortion strategy and
Presumed Cyber Attack on Zerto: Not for Financial or Espionage Purposes but for Political Reasons
Recently, Handala, a malicious actor, posted on a well-known dark web forum, claiming a cyber attack against Zerto, a subsidiary of Hewlett Packard Enterprise (HPE). Zerto is renowned for its advanced solutions for disaster recovery, ransomware resilience, and workload mobility,
Echelon Stealer: The Open Source Malware
Pietro Melillo - July 31st, 2024
Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features...
Ferrari avoids deepfake scam! An executive unmasks the CEO’s fake audio messages
Redazione RHC - July 29th, 2024
In an incident earlier this month, a Ferrari executive found himself receiving unusual messages that appeared to come from the company's CEO, Benedetto Vigna. The messages came via WhatsApp, owned...
The Ransomware Group Ransomexx Claims Attack on Liteon
Pietro Melillo - July 26th, 2024
On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the...
A Threat Actors Posts Update on Luxottica’s 2021 Data Breach
Redazione RHC - July 25th, 2024
Recently, a threat actor in a clandestine forum posted an update on the 2021 data breach concerning the giant Luxottica, one of the world's largest eyewear companies. According to the...
Sign up for the newsletter