Social engineering Archivi

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Tag: Social engineering

Storm-0900 Phishing Campaign Spreads XWorm Malware

Redazione RHC 04/12/2025

Over the holiday season, a coordinated attack was detected and blocked by Microsoft Threat Intelligence security analysts, involving tens of thousands of emails crafted to deceive recipients. The cybercriminal group known as Storm-0900 launched a large-scale phishing campaign, targeting users across the United States. The campaign exploited two main social engineering themes : fake parking ticket notifications and fraudulent medical test results. Microsoft Threat Intelligence analysts and security researchers discovered that this campaign led to the spread of XWorm, a widespread modular remote access malware used by many threat actors across the cyber threat landscape. In connection with the Thanksgiving holiday, attackers

Cybersecurity in December: How Compliance Hurries Leave Companies Vulnerable

Ambra Santoro 03/12/2025

December isn’t just about Christmas lights: for those working in cybersecurity, it’s the month when the human factor collapses and companies rush to buy solutions just to be “compliant” for the new year. A perfect breeding ground for mistakes, vulnerabilities, and choices that will be paid dearly in 2026. Frenzy, Tiredness and Lurking Attackers The arrival of December brings with it a strange mix of frenzy and vulnerability. On the one hand, employees, still stunned by the endless Black Friday deals, are dragging themselves towards Christmas with inboxes full of fake “order confirmations.” On the other hand, there are IT managers and

Calendar Subscriptions: A Hidden Danger in Your Digital Life

Redazione RHC 01/12/2025

Digital calendars have long been a convenient way to keep track of daily activities, but new research from Bitsight shows that this familiar tool can become a real attack channel. Bitsight researchers discovered over 390 abandoned domains associated with iCalendar sync , which received daily requests from approximately 4 million iOS and macOS devices. Anyone who re-registers these domains gains the ability to stealthily add events to users’ calendars, complete with links, files, and any other content. The problem is that third-party calendar subscriptions are typically created with a single click, for holidays, event calendars, discounts, or app reminders . But this

CEO Scam: How to Protect Your Company from Business Email Compromise

Redazione RHC 28/11/2025

This morning, Paragon Sec was contacted by an Italian company that had been the victim of a new fraud attempt known as the CEO Scam . The accounting department received an urgent email, apparently from their CEO, requesting immediate payment of a €4,000 invoice. The message, accompanied by a seemingly authentic invoice, indicated the need for an immediate transfer. The employee in charge of payments, believing he was following a direct order from his manager, made the transfer without further verification . Only later did the bank discover that the IBAN indicated was associated with a fraudulent entity and promptly blocked the

Supply Chain Attack on OpenAI: Analytics Provider Mixpanel Compromised

Redazione RHC 27/11/2025

OpenAI has confirmed a security incident at Mixpanel, a third-party analytics provider used for its APIs. According to the investigation, the cause of the security incident involving OpenAI and Mixpanel has been identified as a breach of Mixpanel’s systems, ruling out any involvement of OpenAI’s infrastructure. The preliminary investigation indicates that an attacker gained unauthorized access to a portion of the Mixpanel environment and extracted a dataset containing limited identifying information about some OpenAI API users. OpenAI has stated that the incident did not affect users of ChatGPT or other consumer products. Mixpanel Incident: What Happened? The OpenAI Mixpanel security incident began