Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
Enterprise BusinessLog 320x200 1
Banner Ancharia Desktop 1 1

Author: Raffaela Crisci

IntelBroker Strikes Again: Unauthorized Access to Two Major American Companies Up for Sale

Raffaela Crisci 24/07/2024

IntelBroker strikes again, announcing the sale of unauthorized access to two major American companies, each with revenues reaching hundreds of billions. This announcement was made public through a post on the dark web forum, BreachForums, known for selling illicit data and hacking services. The threat actor is capable of obtaining and offering access to high-profile systems, making them a threat to companies. They also use double extortion tactics, threatening to publicly disclose stolen data. Sale Details According to IntelBroker, the offered access includes a wide range of systems and sensitive resources, including: Image of the Post Found on the Dark Web Additionally,

Critical Apache Tomcat Vulnerability CVE-2024-34750 Could Bring Your Server to a Halt!

Raffaela Crisci 05/07/2024

The vulnerability CVE-2024-34750 in Apache Tomcat, as described in the security bulletin AL01/240705/CSIRT-ITA, concerns an issue that can be exploited to overload the server’s computing resources, leading to a Denial of Service (DoS). Apache Tomcat is an open-source server that implements Java Servlet, JavaServer Pages (JSP), and other Java technologies. The vulnerability was discovered directly by the Tomcat security team. Vulnerability Details The vulnerability was identified in the open-source web server Apache Tomcat, developed by the Apache Software Foundation. This security flaw can be exploited by a remote attacker to overload the computing resources of the vulnerable system, thus compromising service availability.

Intel CPUs Vulnerable! New “Indirector” Attack Threatens Sensitive Data Detection.

Raffaela Crisci 03/07/2024

Modern Intel processors, including Raptor Lake and Alder Lake CPUs (i.e., 12th and 13th generation Intel “Core” processors), are vulnerable to a new high-precision Branch Target Injection (BTI) attack called “Indirector.” Discovered by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen of the University of California, San Diego (UCSD), Indirector exploits vulnerabilities within the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB). These two critical components in Intel CPUs could be abused to hijack execution and leak sensitive data. This attack represents a significant security threat, bypassing existing protection mechanisms. Full details will be disclosed at the upcoming USENIX Security Symposium in August 2024. BTI BTI (Branch Target

Cybercriminals exploit ARC popularity to spread Poseidon Malware : Mac users are the target!

Raffaela Crisci 01/07/2024

In teh last months Mac users have been targeted by a new wave of cyberattack trough malvertising campaigns. The last threat, called “Poseidon” by their creators, has been revealed this 24th June and exploits Google ADV to spread the infostealer. A recent MalwareBytes Lab’s report described this campaign as teh second attempt to use Arc browser as bait thanks to its growing popularity. MALWARE DETAILS Poseidon is a MacOS malware in active development, designed to compete with Atomic Stealer (AMOS). This specific infostealer shares a good number of AMOS’s functionality like exfiltration methods, crypto wallet and password stealing from softwares like Bitwarden

Category