Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
Banner Mobile
Fortinet 970x120px

Tag: cyber threat intelligence

Ticketmaster Breach: 30,000 Free Tickets Released

Pietro Melillo 08/07/2024

After claiming to have stolen 170,000 tickets for Taylor Swift’s ERAS Tour, the hacker group Sp1d3rHunters today announced they have distributed over 30,000 more tickets for high-profile events. The allegedly leaked tickets today include events for: Sp1d3rHunters, known for their illicit activities in the cybercrime world, posted a detailed message on a dark forum claiming they had breached Ticketmaster’s security. Reportedly, the flaw exploited by the hacker group allows them to print physical tickets (Ticketfast, e-tickets, and tickets sent via mail) which, unlike Ticketmaster’s dynamic electronic tickets, cannot be automatically updated. How To: 4-Step Guide to Creating Your Own Ticketfast Tickets Current

Critical Vulnerability in MongoDB Compass: CVE-2024-6376 Exposes Systems to Code Injection Risks

Pietro Melillo 08/07/2024

A critical security vulnerability, identified as CVE-2024-6376, has been discovered in MongoDB Compass, a widely-used graphical interface for MongoDB data management. This security flaw could have serious repercussions, including data loss and unauthorized access to systems. Vulnerability Details The vulnerability affects versions of MongoDB Compass prior to 1.42.2. According to the National Vulnerability Database (NVD), the flaw has received a score of 9.8 out of 10 in the Common Vulnerability Scoring System (CVSS), indicating an extremely high risk. This score highlights the severity of the issue and the need for immediate action to mitigate potential damage. Implications of the Vulnerability Exploitation of

Latvian Government Database Compromised: Over 1.6 Million Government Data Lines!

Pietro Melillo 08/07/2024

A malicious actor has claimed to have leaked a database containing over 1.6 million lines of data from the Latvian government. The data breach, dated July 7, 2024, includes all information from Latvian government authorities. Incident Details The announcement of the breach was made on a specialized forum, where the user identified as Hana posted the initial message. Hana, a VIP user with 15 posts and a reputation of 30, indicated that the data dump includes 1,660,183 lines. The post provides a description of the extent of the leak, emphasizing that all data from the Latvian government has been compromised. Authenticity of

Threat Actors Steal 5.90 GB of Sensitive Data from the Fiscalía General del Estado de Veracruz!

Pietro Melillo 08/07/2024

In an era where cybersecurity has become crucial for protecting sensitive data, a recent leak has revealed an alleged security breach at the Fiscalía General del Estado de Veracruz. A malicious actor known as “dwShark” claimed to have stolen the database of the Office of the Attorney General of the State of Veracruz, exposing sensitive data such as names, phone numbers, emails, and other personal information. Fiscalía General del Estado de Veracruz The Fiscalía General del Estado de Veracruz (FGE Veracruz) is the entity responsible for administering criminal justice in the state of Veracruz, Mexico. This institution plays a crucial role in

Dangerous 0day Windows LPE Vulnerability for Sale in the Underground

Pietro Melillo 07/07/2024

A malicious actor, under the name “tikila”, has posted an advertisement on a hacking forum for the sale of a local privilege escalation (LPE) vulnerability for Windows. According to the post, this vulnerability has been tested and confirmed to work on various versions of Windows, including Windows 10, Windows 11, and several Windows Server versions (2008, 2012, 2016, 2019, 2022). Vulnerability Details The announcement claims that the vulnerability is 100% reliable and does not cause system crashes, ensuring process continuity. The author specifies that the vulnerability has been tested on fully updated and patched systems, implying it might exploit an unknown zero-day

Europol Breached: Secret Documents for Sale on the Dark Web

Pietro Melillo 07/07/2024

July 6, 2024: A well-known user of the BreachForums, IntelBroker, has recently announced the sale of a collection of crypto-related documents stolen from Europol’s EPE platform. The data breach, which occurred in May 2024, involved the theft of critical files and documents. Breach Details The EPE (Europol Platform for Experts) platform is a secure system used by Europol for sharing sensitive information among European law enforcement agencies. The breach allowed hackers to access valuable information, potentially jeopardizing several ongoing investigations. Reportedly, IntelBroker has uploaded a small amount of these documents to the forum as proof of the successful breach. In a post

Taylor Swift’s Tour at Risk: Hacker Demands $2 Million from Ticketmaster for 170k Stolen Barcodes

Pietro Melillo 05/07/2024

A cyber incident has hit Ticketmaster, with a malicious actor issuing a ransom demand, threatening to release sensitive data unless a payment of $2 million USD is made. The hacker claims to possess 170,000 barcodes related to Taylor Swift’s ERAS tour events, along with a vast amount of additional data, including user information and barcodes for numerous other events. Ransom Details and Compromised Tickets According to the cybercriminal, the compromised barcodes include tickets for Taylor Swift’s concerts on the following dates and locations: In a statement, the hacker threatens to release all 680 million user records and 30 million additional event barcodes

Medusa Ransomware claims responsibility for the attack on Harry Perkins Institute

Alessio Stefan 05/07/2024

On July 3, 2024, the Australian research institute Harry Perkins was the victim of a ransomware attack claimed by MEDUSA on their official DLS. More than 4.6 Terabytes of CCTV recordings inside the main building are the data being held hostage. A payment of $500,000 is demanded for the deletion of the data and the same amount to be able to download it. Additionally, for $10,000 the victim can add 24 hours to the countdown that started 9 days ago. The nature of the data attacked (video recordings) is unusual compared to other ransomware attacks, the privacy of the 172 employees and

Critical Vulnerabilities in Splunk Enterprise Enable Remote Code Execution

Pietro Melillo 03/07/2024

Splunk, a leading provider of software for searching, monitoring, and analyzing machine-generated big data, has released urgent security updates for its flagship product, Splunk Enterprise. These updates address multiple critical vulnerabilities that pose significant security risks, including the potential for remote code execution (RCE). The affected versions include 9.0.x, 9.1.x, and 9.2.x, and the vulnerabilities were identified by both internal and external security researchers. Key Vulnerabilities Addressed The critical vulnerabilities patched in these updates are as follows: Additional Vulnerabilities In addition to the aforementioned critical issues, several Cross-Site Scripting (XSS) vulnerabilities have been addressed. XSS vulnerabilities allow attackers to inject malicious scripts

Threat Actors Release 2022 Electronic Arts (EA) Employee Database

Pietro Melillo 02/07/2024

Recently, a threat actor allegedly leaked a database containing information on Electronic Arts (EA) employees from 2022. The data breach was confirmed by the threat actor himself, who explained the reasons behind his decision to make the data public. Currently, we are unable to accurately confirm the veracity of the breach, as no press release has been issued on the official website regarding the incident. Therefore, this article should be used as an “intelligence source.” The Leaker’s Motives The threat actor stated: “I recently noticed that a new burner account was created to try and sell this data breach, but it has

Category