Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Mobile
Crowdstriker 970×120

Category: Cybercrime and Darknet

The market for “controlling” people is taking off on the Dark Web.

Redazione RHC 28/11/2025

BI.ZONE experts analyzed over 3,500 advertisements on darknet platforms offering dossiers on specific individuals, known as “probiv” (finding). One in five offers (21%) promises a complete profile of an individual. The market is divided into three price ranges. The budget one is a basic check based on one or two parameters: for example, searching for a person’s full name and date of birth using a phone number or email address. However, most offers (75%) are in the mid-range price range, around 20 euros. For this amount, they promise not only to verify a person’s identity using contact information, but also to compile

God is in the Cloud: They Hacked Your Brain and You Liked It

Fabrizio Saviano 28/11/2025

We’re in the age of paid deception. Your every click is a private referendum in which they, the algorithms, always win. And they’re never wrong: they observe you, profile you, know you better than your mother. You think you’re choosing the detergent, but instead, the detergent has chosen you. Advertising no longer sells products. It used to be said that you are the product, but that’s no longer the case. Advertising sells your attention, your reflexes, your tics. Manipulation today is automatic, and the beauty is that they call it “convenience.” They convince you that you make the decisions, but hitting the

Does Windows Suck? A Video by Dave Plummer, the Microsoft Engineer Who Created Task Manager

Redazione RHC 28/11/2025

Dave Plummer, a highly regarded former senior engineer at Microsoft who led the development of several key Windows components, including Task Manager, the Windows NT port of Space Cadet Pinball , and native support for ZIP files, has now publicly addressed a controversial issue, bluntly analyzing why Windows “sucks.” IT Home noted that in his latest YouTube video, “Windows “SUCKS”: How I’d Fix It by a Retired Microsoft Windows Engineer,” Plummer points out that many of the measures Microsoft has taken to simplify the operating system and improve the user experience for less experienced users have actually irritated a group of more

China surpasses US in open-source AI models

Redazione RHC 28/11/2025

China surpasses the United States in the global market for open-source artificial intelligence (AI) models. According to a November 26 Financial Times report, a study by MIT and open-source AI startup Hugging Face found that the share of downloads of open-source AI models developed by Chinese teams rose to 17% over the past year, surpassing their American counterparts for the first time and gaining a key lead in the global application of AI technology. Amid the AI boom sweeping the global tech industry, US tech giants such as OpenAI, Google, and Anthropic tend to adopt a ” closed ” strategy, maintaining complete

ENISA takes on the role of Root in the European Cybersecurity Initiative (CVE).

Redazione RHC 27/11/2025

The European Union Agency for Cybersecurity (ENISA) has taken on the role of Root within the Common Vulnerabilities and Exposures (CVE) programme, becoming the main point of reference for national authorities, EU CSIRTs and partners falling within its mandate. The new role expands on the Agency’s existing functions as Vulnerability Numbering Authority (CNA), which is responsible for assigning CVE identifiers and publishing the related records for reports managed by European CSIRTs, an operational role that has been active since January 2024. ENISA Executive Director Juhan Lepassaar highlighted how this change strengthens the Agency’s ability to support vulnerability management within the Union, contributing

Supply Chain Attack on OpenAI: Analytics Provider Mixpanel Compromised

Redazione RHC 27/11/2025

OpenAI has confirmed a security incident at Mixpanel, a third-party analytics provider used for its APIs. According to the investigation, the cause of the security incident involving OpenAI and Mixpanel has been identified as a breach of Mixpanel’s systems, ruling out any involvement of OpenAI’s infrastructure. The preliminary investigation indicates that an attacker gained unauthorized access to a portion of the Mixpanel environment and extracted a dataset containing limited identifying information about some OpenAI API users. OpenAI has stated that the incident did not affect users of ChatGPT or other consumer products. Mixpanel Incident: What Happened? The OpenAI Mixpanel security incident began

Be careful when using SSDs! Without power, you risk data loss

Redazione RHC 27/11/2025

XDA Developers reminds us that using solid-state drives for long-term storage is risky. If SSDs are left without power for years, data can become corrupted or even disappear entirely. Unlike HDDs , which store data on magnetized platters, SSDs write information by changing the electrical charge in NAND flash cells . Flash memory is considered non-volatile: data is retained even after power is lost. However, the length of time an SSD can reliably store data without being connected to a power source is limited. According to Joint Electron Device Engineering Council (JEDEC) specifications, even inexpensive drives with QLC NAND can retain data

Quantum Computing vs. Artificial Intelligence: Which Will Really Change the Future?

Redazione RHC 27/11/2025

Quantum mechanics remains a complex and mysterious field, both difficult to explain and difficult to understand. This branch of physics studies the unusual behavior of tiny particles, phenomena that are opening up new scientific possibilities with potentially revolutionary applications. Despite the pronouncements and investments of tech giants like Microsoft and Google, quantum computing remains less visible compared to the growing focus on artificial intelligence (AI). Generally, while AI is predominantly software-oriented and relies on existing hardware, quantum technology requires specialized physical devices such as sensors and quantum computers, which are still bulky, expensive, and rare today. Brian Hopkins , vice president and

ToddyCat APT Group Targets Microsoft 365 Email Security

Redazione RHC 27/11/2025

Email security continues to be one of the most critical points in modern cyber attacks. While compromising a Windows domain is already a success for a malicious actor, gaining access to corporate email accounts can open the door to espionage, fraud, extortion, and difficult-to-detect lateral movement . ToddyCat: The ability to target any organization It is in this context that the operational evolution of ToddyCat takes place, an APT group already known for its advanced techniques and its ability to target government and military organizations. In recent months, the group has demonstrated a significant leap in quality, introducing new ways to access

Tor Boosts Security with Counter Galois Onion CGO Encryption

Redazione RHC 27/11/2025

The Tor project has announced the introduction of a new encryption scheme, called Counter Galois Onion (CGO) , intended to replace the previous Tor1 Relay method. The update aims to strengthen network security and counter threats from online attackers. The new system has already been implemented in Arti , the Rust implementation of Tor, and in the C version of Tor Relay. According to the development team, the old Tor1 system had three main weaknesses: vulnerability to tagging attacks , lack of forward secrecy , and insufficient authentication strength . Among these, tagging attacks are considered the most significant risk, as Tor1

Category