Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
UtiliaCS 320x100
LECS 970x120 1

Author: Alessio Stefan

The New RockYou2024 Collection has been published! 10 Billion Credentials Compromised

Alessio Stefan 06/07/2024

Everyone involved with CTF has used the infamous rockyou.txt wordlist at least once, mainly to perform password cracking activities. The file is a list of 14 million unique passwords originating from the 2009 RockYou hack making a piece of computer security history. The “rockyou lineage” has evolved over the years. Attackers used the original RockYou file as a starting point and continually added passwords from various data breaches. This culminated in RockYou2021, a list containing a staggering 8.4 billion records. These huge wordlists are used for credential stuffing and other brute-force attacks, putting untrained users at risk of unauthorized access, like Levi Strauss experienced this

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

Alessio Stefan 05/07/2024

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker to gain complete control of the system. Privilege escalation refers to an attack in which a user with limited privileges gains access with higher privileges, such as those of an administrator, without having the proper authorization. This can allow a malicious user to perform actions that would not normally be allowed. CVE Details By exploiting a flaw in the way MSI Center handles permissions, a malicious actor can manipulate the filesystem and trick the software into

Medusa Ransomware claims responsibility for the attack on Harry Perkins Institute

Alessio Stefan 05/07/2024

On July 3, 2024, the Australian research institute Harry Perkins was the victim of a ransomware attack claimed by MEDUSA on their official DLS. More than 4.6 Terabytes of CCTV recordings inside the main building are the data being held hostage. A payment of $500,000 is demanded for the deletion of the data and the same amount to be able to download it. Additionally, for $10,000 the victim can add 24 hours to the countdown that started 9 days ago. The nature of the data attacked (video recordings) is unusual compared to other ransomware attacks, the privacy of the 172 employees and

Potential Data Breach: Sensitive Indonesian Data for Sale on Dark Web

Alessio Stefan 04/07/2024

A recent alert in information security landscape has been issued: a threat actor has announced the sale of the Attorney General’s Office of the Republic of Indonesia (Kejaksaan Agung Republik Indonesia) database on a well-known dark web forum. The Attorney General’s Office of the Republic of Indonesia (Kejaksaan Agung Republik Indonesia) is the chief prosecutor’s office of Indonesia, responsible for overseeing criminal investigations, legal actions, and law enforcement in Indonesia. This agency plays a crucial role in the Indonesian judicial system, ensuring that crimes are prosecuted and that the law is upheld. The Kejaksaan Agung database is a critical resource for managing the information and operations of the Attorney General’s Office. It encompasses

PRAISE TO VX-UNDERGROUND – The hack-library turns 5!

Alessio Stefan 19/05/2024

Every nerd or technology enthusiasts cannot deny the influence of the 1980s on modern computer science. Commodore Amiga, Nintendo, Apple II, now computers are affordable to everyone who could finally benefits of this outstanding innovation. During this years what actually changed the view of the world was the birth of the first internet connections. Not just technology have started to spread but information as well, once a slow trickle now races across borders like a digital wildfire. Not surprisingly, the hacker culture received a huge boost during this period. The Jargon File has been shared publicly for the first time and Open Source

Category