Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
Crowdstrike 320×100
Banner Ransomfeed 970x120 1

Red Hot Cyber. The Cybersecurity Blog

Microsoft Exchange Server Penetration Testing: Techniques, Tools, and Countermeasures

Often, during penetration testing, we find ourselves with elevated access (Domain Admin) within an organization. Some companies stop there, thinking that obtaining Domain Admin is the ultimate goal. B...

Notepad++ under attack! How a fake DLL opens the door to criminal hackers

A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijack...

A dangerous zero-day zero-click exploit threatens billions of Android devices

Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerabil...

Does Microsoft use macOS to create Windows wallpapers? Probably!

On October 29, Microsoft released a wallpaper to commemorate the eleventh anniversary of the Windows Insider program, and it is speculated that it was created using macOS. Let us remember that Windows...

Louvre Theft: Windows 2000 and Windows XP on Networks, as Well as Simple Passwords

As we know, the thieves in the “theft of the century” entered through a second-floor window of the Louvre Museum, but the museum had other problems besides unprotected windows. Although Cu...

SesameOp: The Malware That Uses OpenAI Assistants for Command and Control

Microsoft has discovered a new malware, dubbed SesameOp , and published details of how it works . This backdoor was unusual: its creators used the OpenAI Assistants API as a covert control channel , a...

Eight 0-days worth $35 million sold to Russia by US insiders

Former US defense contractor CEO Peter Williams has pleaded guilty to selling ” eight sensitive, protected cyber exploits” to Russian zero-day broker Operation Zero. Court documents and a ...

Trump refuses to export Nvidia chips. China responds: “Don’t worry, we’ll do it ourselves.”

Reuters reported that Trump told reporters during a pre-recorded interview on CBS’s “60 Minutes” and on Air Force One during the return flight: “We’re not going to let an...

Goodbye, malware! In 2025, criminal hackers will use legitimate accounts to remain invisible.

A FortiGuard report for the first half of 2025 shows that financially motivated attackers are increasingly eschewing sophisticated exploits and malware. Instead , they are using valid accounts and leg...

Hanyuan-1: China’s room-temperature quantum computer challenges the US

China’s first atomic quantum computer has reached a major commercial milestone, recording its first sales to domestic and international customers, according to state media. The Hubei Daily, a st...

Previous Next

Featured Articles

Immagine del sito
Microsoft Exchange Server Penetration Testing: Techniques, Tools, and Countermeasures
Di Alessandro Molinari - 06/11/2025

Often, during penetration testing, we find ourselves with elevated access (Domain Admin) within an organization. Some companies stop there, thinking that obtaining Domain Admin is the ultimate goal. B...

Immagine del sito
Notepad++ under attack! How a fake DLL opens the door to criminal hackers
Di Manuel Roccon - 06/11/2025

A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijack...

Immagine del sito
A dangerous zero-day zero-click exploit threatens billions of Android devices
Di Redazione RHC - 05/11/2025

Google has issued an urgent advisory regarding a critical vulnerability in Android that allows attackers to execute arbitrary code on the device without any user interaction. The Zero Click vulnerabil...

Immagine del sito
Does Microsoft use macOS to create Windows wallpapers? Probably!
Di Redazione RHC - 04/11/2025

On October 29, Microsoft released a wallpaper to commemorate the eleventh anniversary of the Windows Insider program, and it is speculated that it was created using macOS. Let us remember that Windows...

Immagine del sito
Louvre Theft: Windows 2000 and Windows XP on Networks, as Well as Simple Passwords
Di Redazione RHC - 04/11/2025

As we know, the thieves in the “theft of the century” entered through a second-floor window of the Louvre Museum, but the museum had other problems besides unprotected windows. Although Cu...

Paycheck piracy is coming! And the paycheck transfer goes to criminals.

Paycheck piracy is coming! And the paycheck transfer goes to criminals.

According to a new report from Microsoft Threat Intelligence , the financially motivated Storm-2657 group is conducting large-scale attacks against un...
Redazione RHC - 28/10/2025 - 06:40
CrowdStrike: 76% of organizations struggle to combat AI attacks

CrowdStrike: 76% of organizations struggle to combat AI attacks

Enterprises are lagging behind in ransomware preparedness as adversaries use AI across the attack chain to accelerate intrusion, encryption and extort...
Redazione RHC - 28/10/2025 - 06:30
Whisper 2FA: The New Phishing Tool That Steals Microsoft 365 Credentials

Whisper 2FA: The New Phishing Tool That Steals Microsoft 365 Credentials

According to new research from Barracuda Networks , a particularly insidious and persistent new Phishing-as-a-Service (PhaaS) kit is stealing credenti...
Redazione RHC - 27/10/2025 - 17:45
Microsoft Teams will spy on your boss when you’re out of the office! Location tracking will be rolled out in December.

Microsoft Teams will spy on your boss when you’re out of the office! Location tracking will be rolled out in December.

Microsoft Teams will receive an update in December 2025 that will allow you to track employee locations over your office Wi-Fi network. According to t...
Redazione RHC - 27/10/2025 - 13:47
China promotes global AI governance under the United Nations

China promotes global AI governance under the United Nations

On October 27, the Blue Hall Forum on the theme of "Improving Global Governance and Building a Community with a Shared Future for Humanity" was held a...
Redazione RHC - 27/10/2025 - 13:16
Australia: Microsoft accused of deceptive practices in Microsoft 365 renewals

Australia: Microsoft accused of deceptive practices in Microsoft 365 renewals

Australia's competition watchdog, the ACCC, said subscribers to Microsoft 365 Personal and Family plans were being asked to pay higher prices for Copi...
Redazione RHC - 27/10/2025 - 13:01
1 13 14 15 16 17 222

Paycheck piracy is coming! And the paycheck transfer goes to criminals.

- October 28th, 2025

According to a new report from Microsoft Threat Intelligence , the financially motivated Storm-2657 group is conducting large-scale attacks against universities and businesses , using stolen employee accounts to redirect...

Facebook Linkedin X

CrowdStrike: 76% of organizations struggle to combat AI attacks

- October 28th, 2025

Enterprises are lagging behind in ransomware preparedness as adversaries use AI across the attack chain to accelerate intrusion, encryption and extortion. Milan – October 27, 2025 – According to CrowdStrike...

Facebook Linkedin X

Whisper 2FA: The New Phishing Tool That Steals Microsoft 365 Credentials

- October 27th, 2025

According to new research from Barracuda Networks , a particularly insidious and persistent new Phishing-as-a-Service (PhaaS) kit is stealing credentials and authentication tokens from Microsoft 365 users. Barracuda experts have...

Facebook Linkedin X

Microsoft Teams will spy on your boss when you’re out of the office! Location tracking will be rolled out in December.

- October 27th, 2025

Microsoft Teams will receive an update in December 2025 that will allow you to track employee locations over your office Wi-Fi network. According to the Microsoft 365 roadmap , "when...

Facebook Linkedin X

China promotes global AI governance under the United Nations

- October 27th, 2025

On October 27, the Blue Hall Forum on the theme of "Improving Global Governance and Building a Community with a Shared Future for Humanity" was held at the Ministry of...

Facebook Linkedin X

Australia: Microsoft accused of deceptive practices in Microsoft 365 renewals

- October 27th, 2025

Australia's competition watchdog, the ACCC, said subscribers to Microsoft 365 Personal and Family plans were being asked to pay higher prices for Copilot or cancel their subscriptions. According to the...

Facebook Linkedin X

Discover the latest critical CVEs issued and stay updated on the most recent vulnerabilities. Or search for a specific CVE

Categories