Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search
UtiliaCS 320x100
970x120

Tag: #cybersecurity

China Accuses US of Cyber Attacks, Denies Involvement in Brickstorm Malware

Redazione RHC 06/12/2025

A spokesperson for the Chinese Embassy in Canada responded to a reporter’s question about the outcry in Canada over so-called “Chinese cyber attacks.” A reporter asked : Recently, the Canadian Cyber Security Centre, along with the U.S. Cybersecurity and Infrastructure Security Agency and the National Security Agency, jointly released an analysis report stating that Chinese government-backed cyber threat actors used the Brickstorm malware to infiltrate the systems of government agencies, facilities, and IT organizations. What is China’s comment? As we all know, the United States is the true “hacker empire,” the master of cyber attacks and the greatest threat to global cybersecurity.

AI Browser Attack: Google Drive Wiper Threat Exposed

Redazione RHC 06/12/2025

Researchers at Striker STAR Labs have described a new agent-based browser attack that can turn a regular email into a near-complete wiper of your Google Drive inbox. The attack targets Comet , an AI-powered browser from Perplexity that can automatically manage a user’s email and cloud. The technique, called Google Drive Wiper, is a ” zero-click ” attack: the user doesn’t have to click on a malicious link or open an attachment. It works by connecting the browser to Gmail and Google Drive via OAuth. The user grants the agent one-time permission to read emails, view files, and perform actions on them

FreeBSD 15.0: Discover the Power of This Unix-like Operating System

Redazione RHC 06/12/2025

Behind many of the digital applications and services we take for granted every day lies a silent giant: FreeBSD . Known primarily to insiders, this Unix-like operating system has become the beating heart of some of the most sophisticated networking infrastructures in the world. Its stability, exceptional performance, and flexibility in network optimization make it the preferred choice for mission-critical and high-traffic environments. Yet, few know that FreeBSD is behind the smooth operation of platforms like WhatsApp , some components of Netflix , Sony PlayStation consoles, and even Juniper Networks firewalls and routers. Thanks to its ability to handle large volumes of

Splunk Enterprise Vulnerability: CVE-2025-20386 and CVE-2025-20387

Redazione RHC 05/12/2025

Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on configuration files during software deployment on Windows systems , allowing non-administrative users to access the Splunk installation directory and its entire contents. This vulnerability is not a traditional remote code execution vulnerability, but rather expands the attack surface through local security degradation. In the affected versions: Splunk has released a fixed version and users are advised to update immediately: For users who cannot upgrade immediately, you can run the following commands using

Apache HTTP Server Update Fixes Critical Security Vulnerabilities

Redazione RHC 05/12/2025

The Apache Software Foundation has released a significant update for its popular Apache HTTP Server , addressing a total of five separate security vulnerabilities. Administrators are recommended to apply this update as soon as possible to ensure their web infrastructure is protected against the identified vectors. The newly released version 2.4.66 represents a comprehensive fix for issues including both infinite loops during certificate renewal and possible NTLM credential leaks on Windows operating systems. Two of the identified vulnerabilities, rated “moderate,” pose specific risks to shared hosting configurations using suexec and Windows environments, while the remaining three are labeled “low” severity. Among the

Cyber Insurance: Why Basic Hygiene Matters

Redazione RHC 05/12/2025

Cyber insurance has become a topic of discussion on management committees. It’s no longer an add-on, but rather an essential consideration in corporate risk management. Yet many companies rely on a security net that can fail just when they need it most—not because of advanced attacks, but because of fundamental flaws that remain unresolved. The false sense of false protection Cybersecurity insurance policies are designed to mitigate the financial impact of an incident, but they aren’t a blank check. In practice, many companies receive only partial payments or even have their claims rejected. The reason is usually a failure to meet the

Neurodivergence in Cybersecurity: A Hidden Competitive Advantage

Fabrizio Saviano 05/12/2025

Personal growth manuals sell hyperfocus as the secret to success. Routines as the key to productivity. Stepping out of your comfort zone as a universal panacea. But Jeff Bezos ( ADHD ), Elon Musk ( Asperger’s ) and Richard Branson ( dyslexic ) didn’t discover hyperfocus by reading a self-help book: they were born with it. Thomas Edison was obsessive and unable to concentrate on a single task for long, yet he invented the light bulb. Leonardo da Vinci left works unfinished because his mind was racing in too many directions. Einstein learned to read, write, and speak late. Today, they would

Leroy Merlin Cyberattack Exposes Personal Data of French Customers

Redazione RHC 04/12/2025

A cyberattack has affected Leroy Merlin, involving the personal data of numerous customers in France, impacting hundreds of thousands of individuals. Leroy Merlin assures that “additional security measures have been implemented” with enhanced surveillance. “Data protection is a top priority for the brand,” adds the management, specifying that the CNIL (National Commission for Information Technology and Civil Liberties) has also been informed of the situation. The stolen data primarily includes contact information, such as dates of birth, phone numbers, email addresses, names, addresses, and loyalty program information. This information is enough to support highly credible phishing campaigns, tailored frauds, and social engineering

Critical React Server Vulnerability: Update Now to Prevent RCE Attacks

Redazione RHC 04/12/2025

Developers and administrators around the world are urgently updating their servers following the discovery of a critical vulnerability in React Server, which allows attackers to remotely execute unauthenticated code with a single HTTP request. The exploit is now publicly available , and the issue has received the highest severity rating, 10 out of 10, on CVSS. React is actively used on servers to accelerate JavaScript and content rendering: instead of completely reloading the page with each request, it only redraws the modified parts of the interface. This significantly saves resources and improves application performance. React is estimated to be used by approximately

Storm-0900 Phishing Campaign Spreads XWorm Malware

Redazione RHC 04/12/2025

Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group known as Storm-0900 launched a large-scale phishing campaign, targeting users across the United States. The campaign exploited two main social engineering themes : fake parking ticket notifications and fraudulent medical test results. Microsoft Threat Intelligence analysts and security researchers discovered that this campaign led to the spread of XWorm, a widespread modular remote access malware used by many threat actors across the cyber threat landscape. In connection with the Thanksgiving holiday, attackers

Category