Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

- March 13th, 2025 - (Posted in Cybercrime and Darknet)
Babuk, one of the most notorious ransomware groups in cybercrime, has launched the Babuk Locker 2.0 Affiliate Program 2025, an affiliate program for skilled hackers looking to profit from ransomware attacks. This program, published on their data leak site, introduces new advanced features and a more structured model for those...
ClamAV
Cybercrime and Darknet

ClamAV and signatures generation

Threat intelligence has many fields of application, starting from control of infrastructures using automation processes to security increasing the perimeter of applications and solutions in

Cybercrime and Darknet

Loki, starting IOC discovering

Today is always more important and significant to be efficient in controlling our own infrastructures; actions to put in place for this verification process shall

Cybercrime and Darknet

Flipping pages, from userland to godmode

Traslate: Antonio Piovesan On X, Lau (@notselwyn) (https://twitter.com/notselwyn/) released a blogpost on 26 March at https://pwning.tech/nftables/ describing an elaborate attack on the Linux kernel that

Critical Apache Tomcat Vulnerability CVE-2024-34750 Could Bring Your Server to a Halt!

- July 5th, 2024

The vulnerability CVE-2024-34750 in Apache Tomcat, as described in the security bulletin AL01/240705/CSIRT-ITA, concerns an issue that can be exploited to overload the server's computing resources, leading to a Denial...

  

Threat Actors: Alleged Data Breach of Ukraine Traffic Police

- July 5th, 2024

Recently, a threat actor in an underground forum published an alleged data breach. The leak purportedly involves sensitive information from the Ukraine traffic police (GAI). The data, spanning millions of...

  

Serious Vulnerability in Windows Systems: Here’s How an Attacker Can Gain Complete Control of Your PC

- July 5th, 2024

A severe security vulnerability has been discovered in MSI Center, a widely used software on Windows systems. This flaw, classified as CVE-2024-37726 and with a CVSS score of 7.8 (high), allows a low-privileged attacker...

  

Medusa Ransomware claims responsibility for the attack on Harry Perkins Institute

- July 5th, 2024

On July 3, 2024, the Australian research institute Harry Perkins was the victim of a ransomware attack claimed by MEDUSA on their official DLS. More than 4.6 Terabytes of CCTV...

  

Sign up for the newsletter