Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
Fortinet 320x100px
Banner Ancharia Desktop 1 1

Tag: vulnerabilità

Analysis of Recorded Future’s CVE Report – February 2025

Sandro Sana 05/03/2025

The monthly Recorded Future CVE report for February 2025 provides a detailed overview of current cybersecurity threats, highlighting a slight decline compared to the previous month. A total of 25 high-impact vulnerabilities were identified, down from 33 in January, yet the overall risk level remains high. Several of these vulnerabilities are already being actively exploited by cybercriminals, making a timely response from corporate security teams essential. One of the key aspects of this report is the ability to analyze the issue from two complementary perspectives: that of CEOs and that of IT managers and CISOs. On one hand, business leaders must understand

RHC interviews Vanir Group. Former affiliates of LockBit, Karakurt and Knight united to extort money: ‘Hire professionals, don’t be cheap’

RHC Dark Lab 12/07/2024

New threat actors often emerge every day to destabilize the digital foundations of organizations around the world. One of the most recent and disturbing cybergangs uncovered by Darklab of Red Hot Cyber team is the VANIR group, a collective known for its ruthless ransomware operations. This exclusive interview, conducted by Dark Lab group, sheds light on an enemy as mysterious as it is dangerous. “You have to know the demons to learn how to counter them.” This phrase, frequently quoted by Red Hot Cyber in conferences and articles, underscores the importance of understanding the modus operandi of cyber criminals. Knowing the “demons”

Critical Vulnerability in MongoDB Compass: CVE-2024-6376 Exposes Systems to Code Injection Risks

Pietro Melillo 08/07/2024

A critical security vulnerability, identified as CVE-2024-6376, has been discovered in MongoDB Compass, a widely-used graphical interface for MongoDB data management. This security flaw could have serious repercussions, including data loss and unauthorized access to systems. Vulnerability Details The vulnerability affects versions of MongoDB Compass prior to 1.42.2. According to the National Vulnerability Database (NVD), the flaw has received a score of 9.8 out of 10 in the Common Vulnerability Scoring System (CVSS), indicating an extremely high risk. This score highlights the severity of the issue and the need for immediate action to mitigate potential damage. Implications of the Vulnerability Exploitation of

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

Alessio Stefan 05/07/2024

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker to gain complete control of the system. Privilege escalation refers to an attack in which a user with limited privileges gains access with higher privileges, such as those of an administrator, without having the proper authorization. This can allow a malicious user to perform actions that would not normally be allowed. CVE Details By exploiting a flaw in the way MSI Center handles permissions, a malicious actor can manipulate the filesystem and trick the software into

Category