Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
320×100
Banner Ransomfeed 970x120 1

Author: Pietro Melillo

PoC Released for SQL Injection Without Authentication on WordPress WZone Plugin

Pietro Melillo 19/07/2024

A proof of concept (PoC) for a critical vulnerability identified as CVE-2024-33544 has recently been released. This vulnerability involves an unauthenticated SQL injection, which poses a serious threat to the security of many web applications. The National Vulnerability Database (NVD) has published the details of this vulnerability, highlighting the importance of addressing the issue promptly. Vulnerability Details CVE-2024-33544 is an SQL Injection vulnerability that allows attackers to execute arbitrary SQL commands on a database without the need for authentication. This type of attack exploits gaps in the validation of user-provided input, allowing the manipulation of SQL queries sent to the database. When

Threat Actor IntelBroker Exposes Rapid4Cloud Data on Breach Forums

Pietro Melillo 18/07/2024

In the world of cybersecurity, news of data breaches is commonplace. Recently, a new alleged breach has made waves: the moderator of BreachForums, known as IntelBroker, has claimed to have leaked the source codes (SRC) of various Rapid4Cloud products. Details of the Alleged Breach According to IntelBroker’s post on the forum, the stolen data includes the source codes of several Rapid4Cloud suites, specifically: IntelBroker made the statement on July 17, 2024, specifying that the data breach occurred within the same month. IntelBroker provided links for downloading the data, suggesting that a significant amount of sensitive information is now publicly available. IntelBroker IntelBroker

Sale of a 0Day RCE Exploit for GLPI HelpDesk

Pietro Melillo 18/07/2024

Recently, a user on the Breachforums known as “cisc0” posted an announcement regarding the sale of a 0Day exploit for GLPI HelpDesk. According to the user, this exploit works on all versions of the software without exception. The news has raised concerns among cybersecurity professionals and organizations that use this IT service management system. Description of the Exploit The user “cisc0” claims that the exploit allows remote code execution (RCE) on all versions of GLPI HelpDesk. This type of vulnerability is particularly dangerous as it enables attackers to execute arbitrary commands on the vulnerable server, potentially gaining full control of the system.

Play Ransomware Claims Attack on MIPS Technologies

Pietro Melillo 18/07/2024

In the last few hours, the Data Leak site of the ransomware gang Play Ransomware has published a new claim: the giant MIPS Technologies (www.mips.com) has been the victim of an attack. Although the official publication is scheduled for July 19, 2024, the site has already made some details public, raising concerns among the company’s partners and customers. Play Ransomware Play Ransomware is one of the many ransomware gangs that have emerged in recent years. These criminal groups operate by encrypting victims’ data and demanding a ransom for restoration. Play Ransomware is distinguished by its strategy of publishing stolen data on Data

Data Breach: Personal Information of 6K NATO Employees for Sale

Pietro Melillo 18/07/2024

On July 17, 2024, user Vadimblyaa posted on a well-known cybercriminal forum, claiming to possess personal information of 6,000 NATO employees, acquired through a data breach that occurred on July 13, 2024. Vadimblyaa has put this information up for sale and invites interested parties to make offers for its purchase. Breach Details Vadimblyaa provided specific details regarding the format and content of the compromised data, which includes: According to the report, the file contains over 6,000 lines of data. Veracity and Implications At this time, we cannot precisely confirm the authenticity of the breach, as the NATO organization has not yet released

Alleged Cyber Attack on Sheba Medical Center: Israel’s Largest Hospital

Pietro Melillo 16/07/2024

The Sheba Medical Center, the largest hospital in Israel and ranked ninth in the world, has recently fallen victim to an alleged data breach. A pro-Palestinian hacker group known as Handala has claimed responsibility for the attack, stating that they have compromised a vast amount of sensitive information. However, at this moment, we cannot accurately confirm the validity of the breach, as the organization has not yet released any official press statement on its website regarding the incident. Therefore, this article should be considered as an ‘intelligence source.’ Details of the Breach According to the post published by Handala on a hacking

Rockstar Games Possibly Victim of a Massive Data Leak!

Pietro Melillo 16/07/2024

Recently, an alleged data leak has involved Rockstar Games, one of the world’s largest video game producers, famous for titles like Grand Theft Auto and Red Dead Redemption. According to a user on a hacking forum, personal data of Rockstar Games staff members have been compromised. This article provides a detailed analysis of the available information and the implications of this breach. Data Leak Details Source and Content of the Leak The leak was reported by a user with the nickname “IsIsakaisIs” on BreachForums, a well-known hacking forum. The user claimed to have obtained 1001 lines of data belonging to Rockstar Games

Potential Data Leak from Google: 1 Million Records Exposed

Pietro Melillo 15/07/2024

Recently, a threat actor claimed to have publicly released one million records scraped from Google, raising significant alarm regarding personal data security. The information appeared on an online forum in a post dated July 15, 2024. User “Hana” published a thread titled “Google – 1 Million Scrape – Leaked, Download!” providing details about this alleged data breach. Contents of the Data Leak The data leak is divided into two distinct parts, containing different types of information: Implications and Risks The described data leak includes a significant amount of personal information and reviews, potentially sensitive. The disclosure of such data can lead to

Threat Actor 888 Claims Compromise of BMW (Hong Kong) Customers

Pietro Melillo 15/07/2024

Recently, a concerning news story has emerged in the world of cybersecurity. A well-known hacker, identified by the nickname 888, has allegedly leaked sensitive data belonging to BMW customers in Hong Kong. The data breach, dated July 2024, has led to the compromise of approximately 14,000 rows of confidential information. Details of the Breach According to reports on BreachForums, a notorious hacking forum, the data leak includes personal information of thousands of BMW customers in Hong Kong. The compromised data includes: The publication on BreachForums occurred on July 15, 2024, with hacker 888 making the data available for public download. This incident

End of an Era: SiegedSec, the Hacker Group, Announces Its Dissolution

Pietro Melillo 11/07/2024

The cybercriminal group SiegedSec, which gained notoriety during Russia’s invasion of Ukraine, has recently announced its dissolution. This group, led by “YourAnonWolf,” quickly consolidated its power by increasing the number of its victims. Describing themselves as “gay furry hackers,” SiegedSec is known for its funny slogans and vulgar language. Their main activities include defacing attacks, sensitive data leaks, and unauthorized access to databases and emails. The History of SiegedSec SiegedSec emerged as a significant force in the cybercrime landscape, exploiting the chaos and uncertainty created by the war in Ukraine. The group quickly gained notoriety through a series of high-profile attacks against

Category