Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
Crowdstrike 320×100
970x20 Itcentric

Tag: intelligence

Potential Compromise of a U.S. Military Database

Pietro Melillo 06/11/2024

A high-ranking user of BreachForums, known as “GOD,” is reportedly selling an alleged database belonging to the U.S. Military, which purportedly contains data on over 385,000 personnel and contractors. This database would have been acquired in November 2024 and is said to include critical personal and service-related information. Details of the Potential Breach If authentic, the database would contain various fields of sensitive data, which may be categorized under the following headers: At this time, we cannot confirm the veracity of this information, as the organization has not released an official press statement on its website regarding the incident. Therefore, this article

Hellcat Claims an Alleged Breach Against Schneider Electric

Pietro Melillo 04/11/2024

In recent hours, the ransomware group known as Hellcat has claimed responsibility for an alleged attack against Schneider Electric, a global leader in energy management and automation. This supposed breach was reported on Hellcat’s data leak site, where information was published suggesting unauthorized access to the company’s infrastructure. At this time, we cannot confirm the authenticity of this news, as the organization has not yet released an official press statement on its website regarding the incident. Therefore, this article should be considered as an ‘intelligence source.’ Details of the Possible Breach According to the Hellcat group, access was allegedly obtained through Schneider

Israeli Air Force Data Sale: A Suspected Leak Puts Sensitive Information at Risk

Pietro Melillo 02/11/2024

Recently, a cyber threat actor known as EagleStrike posted an announcement on a dark web forum, claiming to possess confidential data concerning the Israeli Air Force (IAF). According to the post, this collection of information includes critical details about both active and inactive pilots, as well as various Air Force employees. Leak Details The threat actor claims that the data gathered contains a variety of personal and professional information, including: This detailed information could pose a significant risk to the security of the personnel involved and to the operational integrity of the Air Force. Currently, we are unable to confirm the accuracy

IBM Hacked? Threat Actor ‘888’ Reveals Thousands of Employees’ Data Leak!

Luca Galuppi 31/10/2024

Recently, the notorious Threat Actor, identified by the nickname 888 , claimed to have breached IBM systems and stolen personal data belonging to the company’s employees. The leak, dated October 2024, allegedly resulted in the compromise of approximately 17,500 rows of data. At this time, we cannot confirm the veracity of the news, as the organization has not yet released any official press release on its website regarding the incident. Therefore, this article should be considered as ‘intelligence source’. Details of the Breach According to 888, the breach resulted in the data of approximately 17,500 individuals being compromised. The exfiltrated information is said to contain: names, mobile phone numbers, and international area

Alleged SpaceX Database Breach Published on BreachForums

Pietro Melillo 21/09/2024

A recent post on a dark web forum has caught the attention of the international cybersecurity community. A user, identified by the nickname l33tfg, claimed to have published a supposed data leak from SpaceX, the aerospace company owned by Elon Musk. According to the post, the breach allegedly contains sensitive data including emails, password hashes, phone numbers, hosts, and IP addresses. While the news has not yet been officially confirmed by SpaceX or other verified sources, the incident could pose a serious threat to the organization and the security of its corporate data. Attack Overview: Attacker Profile and Motivations The post, dated

WhiteHouse.gov Data Breach: Threat Actors Leak Sensitive Information!

Redazione RHC 21/09/2024

Recently, a threat actor on a dark web forum has posted a claim regarding an alleged data breach involving WhiteHouse.gov. The post, made by a user named “l33tfg,” asserts that sensitive information from the White House’s official website has been leaked. According to the post, the data includes emails, names, phone numbers, hashes, and IP addresses. At the moment, we cannot confirm the veracity of this claim, as the organization has yet to release any official statement on its website regarding the incident. Therefore, this article should be considered as a source of intelligence. Details of the Alleged Breach In the forum

RHC interviews Qilin Ransomware! “Let’s play fair and wait for a worthy opponent on the field”

RHC Dark Lab 19/09/2024

Qilin (from Chinese :麒麟) is a legendary creature that appears in Chinese mythology and is said to appear with the imminent arrival or demise of a sage or illustrious ruler. The Qilin ransomware is a prime example of the growing complexity of cyber threats. Discovered in 2022, Qilin immediately attracted attention for its ability to target critical sectors such as healthcare and education, particularly in the regions of Africa and Asia. Written in Rust and C, Qilin offers an unprecedented level of customisation that sets it apart from most other ransomware. The operators behind this threat can change the extension of encrypted

Echelon Stealer: The Open Source Malware

Pietro Melillo 31/07/2024

Echelon Stealer is an infostealer malware that was first discovered in 2018 and is still active. Currently shared as an open-source tool on GitHub, Echelon Stealer offers various advanced features for extracting sensitive data. Despite being presented as an educational project, its potential for malicious use is significant. What is an Infostealer? An infostealer is a type of malware specifically designed to steal sensitive information from infected devices. These malware can gather a wide range of data, including: Infostealers are often distributed through phishing campaigns, malicious email attachments, compromised software downloads, and other social engineering techniques. Once installed, the infostealer collects data

The Ransomware Group Ransomexx Claims Attack on Liteon

Pietro Melillo 26/07/2024

On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the growing threat that cybercriminals pose to large companies. Below, we examine the details of the attack, its consequences, and the measures that companies can take to defend themselves against similar threats. Who is Liteon? Liteon Technology Corporation, based in Taiwan, is a world leader in the production of a wide range of electronic components. Founded in 1975, Liteon specializes in the development and manufacturing of optoelectronic devices, storage devices, and other electronic

A Threat Actors Posts Update on Luxottica’s 2021 Data Breach

Redazione RHC 25/07/2024

Recently, a threat actor in a clandestine forum posted an update on the 2021 data breach concerning the giant Luxottica, one of the world’s largest eyewear companies. According to the post, the breach allegedly exposed extensive personal information of millions of individuals. This article explores the details of the alleged breach based on information provided by the threat actor. At this time, we cannot confirm the veracity of the news, as the organization has not yet issued any official press release on its website regarding the incident. Therefore, this article should be considered an ‘intelligence source.’ Details of the Alleged Breach According

Category