Red Hot Cyber. The Cybersecurity Blog
UK: Strict rules for online age verification. Pornhub and YouPorn will comply.
Starting Friday, adults in the UK who try to access pornographywill have to prove they are over 18, under some of the strictest regulations in the world. The change means that, instead of having to pr...
Operation Checkmate: A major law enforcement coup. BlackSuit has been apprehended!
During a coordinated international operation dubbed Operation Checkmate, law enforcement officials have dealt a major blow to the BlackSuit ransomware group (onion link here, which has fallen into the...
What does a CISO do? Meet the Chief Information Security Officer: a beautiful but demanding position.
How many times have we heard this acronym: CISO? But how many of us don’t know precisely what it means or have little in-depth knowledge of what a Chief Information Security Officer does? This p...
SharePoint and CrowdStrike: Two Faces of the Same Digital Fragility
In recent days, the global digital landscape has been rocked by a cybersecurity bug that affected on-premise Microsoft SharePoint servers, exposing thousands of organizations to cyber attacks. These a...
ToolShell: Microsoft SharePoint Zero-Day Vulnerability Has Been Under Attack Since Early July
According to cybersecurity experts, several Chinese hacker groups are exploiting a series of zero-day vulnerabilities in Microsoft SharePoint in their attacks. In particular, it emerged that attackers...
Red Hot Cyber Conference 2026. The fifth edition in Rome on Monday, May 18th and Tuesday, May 19th.
The Red Hot Cyber Conference is back! After the great success of the third and fourth editions, the free annual event created by the RHC community is back! An event designed to bring young people clos...
Patriotic Code: From DDoSia and NoName057(16) to CISM, the algorithm that shapes youth for Putin
In February 2025 we had already observed the functioning of DDoSIA, the crowd-hacking system promoted by NoName057(16): a client distributed via Telegram, DDoS attacks against European targets, reward...
Artificial Intelligence: History, Technology, Ethics, Regulations, and the Future
Artificial intelligence (AI) is software that can generate output (i.e., content, predictions, decisions, recommendations) capable of interacting with the environment and according to human objectives...
What are penetration tests, why are they done, who performs them, and the benefits for organizations.
Penetration testing is an increasingly widespread practice in the field of cybersecurity. It is a real simulation of a cyber attack, conducted by a team of security experts, in order to identify and a...
What is Identity and Access Management (IAM)? Let’s find out how to protect your online identities.
How does a large organization with millions of user credentials circulating between production servers, web applications, mobile apps, and workstations, connecting to countless profiles, keep proper r...
Featured Articles

Starting Friday, adults in the UK who try to access pornographywill have to prove they are over 18, under some of the strictest regulations in the world. The change means that, instead of having to pr...

During a coordinated international operation dubbed Operation Checkmate, law enforcement officials have dealt a major blow to the BlackSuit ransomware group (onion link here, which has fallen into the...

How many times have we heard this acronym: CISO? But how many of us don’t know precisely what it means or have little in-depth knowledge of what a Chief Information Security Officer does? This p...

In recent days, the global digital landscape has been rocked by a cybersecurity bug that affected on-premise Microsoft SharePoint servers, exposing thousands of organizations to cyber attacks. These a...

According to cybersecurity experts, several Chinese hacker groups are exploiting a series of zero-day vulnerabilities in Microsoft SharePoint in their attacks. In particular, it emerged that attackers...

How to Start a Cyber Security Program: The First Steps
Cybersecurity has become a crucial component for protecting corporate information and sensitive data. Starting a cybersecurity program is not only a necessity, but a must for any organization that wants to protect its information assets. But how do you begin

What are Side Channel Attacks? How they work and how to defend data from cyber threat physics.
Side Channel Attacks represent a sophisticated category of cyber threats that focus on weaknesses in security systems. These attacks differ from traditional techniques based on brute force or software vulnerabilities, as they focus on aspects that seem insignificant at a

What is Phishing as a Service (PaaS). Let’s explore cybercrime services and access some underground resources.
“Phishing as a service” (PaaS) is a type of service offered by cybercriminals or illicit service providers that simplifies and automates the entire process of creating and distributing phishing attacks and, consequently, malicious campaigns. It works similarly to many other

What is a False Flag in Cybersecurity: From its Origins to Its Use in Malware and National Security Attacks
In the vast world of cybersecurity, an often controversial and highly intriguing practice is that of “false flags.” This term, originally used in the context of military operations and intelligence, refers to the act of attributing an action to a

Chinese humanoid robot replaces its own battery and works 24 hours a day
The presentation of the Walker S2 represents a major step forward in the operational autonomy of humanoid robots. Thanks to the ability to autonomously replace its own battery, the robot can guarantee continuous operation, overcoming one of the most significant

Gmail introduces Shielded Email. Temporary email to fight spam and protect your privacy.
Google continues to actively develop Gmail, adding new features with elements of artificial intelligence to the email service. These updates make using email more convenient, but at the same time, they present users with a difficult choice between convenience and

16 flaws discovered in MediaTek chips: smartphones and smart TVs at risk!
Redazione RHC - July 22nd, 2025
In an age where connectivity is ubiquitous and smart devices are an integral part of our daily lives, cybersecurity is no longer optional, but a necessity. Every month, major chip...

Sophos fixes five vulnerabilities in Sophos Firewall, two of which are rated critical
Redazione RHC - July 22nd, 2025
Sophos recently announced the fixes for five independent security vulnerabilities found in its firewalls, some critical and others high and medium. The vulnerabilities have been fixed via automatically distributed hotfixes,...

TIM’s Red Team Research discovers five CVEs on Eclipse GlassFish, one critical (score 9.8)
Redazione RHC - July 21st, 2025
Thursday, July 16 was a significant day for the cybersecurity researchers of the Italian Red Team Research (RTR) team of TIM, which saw the publication of five new vulnerabilities (CVE)...

What is Secure Code Development? Discovering an essential practice in cybersecurity.
Redazione RHC - July 21st, 2025
In the previous article on Patch Management, we started talking about 4 fundamental pillars in the world of Cybersecurity. These four pillars are Patch Management, Hardening, Secure Code Development, and...
Sign up for the newsletter