Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
Banner Ancharia Mobile 1
2nd Edition GlitchZone RHC 970x120 2

Tag: cyber threat intelligence

RHC interviews Vanir Group. Former affiliates of LockBit, Karakurt and Knight united to extort money: ‘Hire professionals, don’t be cheap’

RHC Dark Lab 12/07/2024

New threat actors often emerge every day to destabilize the digital foundations of organizations around the world. One of the most recent and disturbing cybergangs uncovered by Darklab of Red Hot Cyber team is the VANIR group, a collective known for its ruthless ransomware operations. This exclusive interview, conducted by Dark Lab group, sheds light on an enemy as mysterious as it is dangerous. “You have to know the demons to learn how to counter them.” This phrase, frequently quoted by Red Hot Cyber in conferences and articles, underscores the importance of understanding the modus operandi of cyber criminals. Knowing the “demons”

Alleged Data Breach of the United States Department of Defense and National Security Agency

Pietro Melillo 11/07/2024

Recently, alarming news has emerged on a well-known underground forum regarding alleged data breaches of the United States Department of Defense and the National Security Agency (NSA). The announcements, posted by the user “Gostingr,” have raised concerns among users and cybersecurity experts, particularly due to the sensitive nature of the information involved. Details of the Alleged Breaches According to the post published by the user, the compromised data includes 325,498 lines containing names, emails, phone numbers, and addresses. The file, in CSV format, was compressed into a ZIP archive with a size of 6.3 MB, while the uncompressed size reaches 14.6 MB.

Meow ransomware claims attack in its Data Leak Site at HPE giant

Pietro Melillo 10/07/2024

Introduction Today, the ransomware gang known as Meow has claimed responsibility for a cyberattack on the multinational giant Hewlett Packard Enterprise (HPE). The claim was published on their Data Leak Site (DLS), where the group offered access to an alleged confidential HPE database for $199. HPE Hewlett Packard Enterprise (HPE) is one of the leading global technology companies, established as a result of the split of Hewlett-Packard Company in November 2015. Hewlett-Packard, founded by Bill Hewlett and Dave Packard in 1939, was divided into two separate entities: HP Inc., which focuses primarily on printers and personal computers, and Hewlett Packard Enterprise, which

The Threat Actor 888 claimed a compromise against Microsoft

Pietro Melillo 10/07/2024

On July 9, 2024, a user known as “888” posted on BreachForums claiming to have leaked sensitive data of Microsoft employees. This alleged breach has exposed personal information of 2,073 company employees, reportedly due to a flaw in a third-party system. Details of the Breach According to the post published by “888,” the compromised data includes: The extent of the breach is significant, as the disclosed information can be used for a range of malicious activities, including phishing, fraud, and targeted attacks. Situation Analysis At the moment, we cannot precisely confirm the veracity of the breach. Microsoft has not released any official

The Threat Actor 888 claims responsibility for a breach at Nokia.

Pietro Melillo 10/07/2024

A malicious actor, known by the alias “888,” recently claimed responsibility for disclosing sensitive data belonging to Nokia. The attack, which occurred in July 2024, compromised a wide range of information, raising significant concerns about data security and the protection of personal information. Breach Details According to 888’s statements, the breach led to the exposure of several sensitive data points. Among the compromised information are: Current Status At this time, we cannot confirm the exact accuracy of the breach claims, as the organization has yet to release any official press statement on its website regarding the incident. Therefore, this article should be

Massive Data Exposure on X (Twitter) Affects 200 Million Users

Pietro Melillo 08/07/2024

Recently, X (Twitter) experienced a massive data exposure, compromising nearly 200 million user records. This incident could be one of the largest user data exposures in recent history, jeopardizing the security and privacy of millions of users. In this article, we analyze the details of the exposure, its implications, and the potential risks for the affected users. Currently, we are unable to accurately confirm the veracity of the breach, as no press release has been issued on the official website regarding the incident. Therefore, this article should be used as an “intelligence source.” Scope and Source of the Data Leak The leaked

Alleged NATO Data BreachAlleged NATO Data Breach: 643 CSV Files with User Data and Server Details Leaked

Pietro Melillo 08/07/2024

A threat actor claims to have leaked sensitive data from NATO – TIDE (Think-Tank for Information Decision and Execution Superiority). NATO-TIDE (Think-Tank for Information Decision and Execution Superiority) is a specialized division of NATO (North Atlantic Treaty Organization), focused on enhancing decision-making and execution capabilities through advanced use of information. This organization aims to optimize the collection, analysis, and use of data to support military and strategic operations. The actor, identified by the username “natohub” on an online forum, posted an announcement on July 7, 2024, claiming to have obtained and shared 643 CSV files containing user data, user groups, physical and

Ticketmaster Breach: 30,000 Free Tickets Released

Pietro Melillo 08/07/2024

After claiming to have stolen 170,000 tickets for Taylor Swift’s ERAS Tour, the hacker group Sp1d3rHunters today announced they have distributed over 30,000 more tickets for high-profile events. The allegedly leaked tickets today include events for: Sp1d3rHunters, known for their illicit activities in the cybercrime world, posted a detailed message on a dark forum claiming they had breached Ticketmaster’s security. Reportedly, the flaw exploited by the hacker group allows them to print physical tickets (Ticketfast, e-tickets, and tickets sent via mail) which, unlike Ticketmaster’s dynamic electronic tickets, cannot be automatically updated. How To: 4-Step Guide to Creating Your Own Ticketfast Tickets Current

Critical Vulnerability in MongoDB Compass: CVE-2024-6376 Exposes Systems to Code Injection Risks

Pietro Melillo 08/07/2024

A critical security vulnerability, identified as CVE-2024-6376, has been discovered in MongoDB Compass, a widely-used graphical interface for MongoDB data management. This security flaw could have serious repercussions, including data loss and unauthorized access to systems. Vulnerability Details The vulnerability affects versions of MongoDB Compass prior to 1.42.2. According to the National Vulnerability Database (NVD), the flaw has received a score of 9.8 out of 10 in the Common Vulnerability Scoring System (CVSS), indicating an extremely high risk. This score highlights the severity of the issue and the need for immediate action to mitigate potential damage. Implications of the Vulnerability Exploitation of

Latvian Government Database Compromised: Over 1.6 Million Government Data Lines!

Pietro Melillo 08/07/2024

A malicious actor has claimed to have leaked a database containing over 1.6 million lines of data from the Latvian government. The data breach, dated July 7, 2024, includes all information from Latvian government authorities. Incident Details The announcement of the breach was made on a specialized forum, where the user identified as Hana posted the initial message. Hana, a VIP user with 15 posts and a reputation of 30, indicated that the data dump includes 1,660,183 lines. The post provides a description of the extent of the leak, emphasizing that all data from the Latvian government has been compromised. Authenticity of

Category