Red Hot Cyber. The Cybersecurity Blog

KillSec Announces New Ransomware-as-a-Service (RaaS) Platform
June 25, 2024 – KillSec, a well-known hacktivist group, has announced the launch of their latest offering on their Telegram channel: KillSec RaaS (Ransomware-as-a-Service). This new platform promises to enhance the capabilities of aspiring cybercriminals by providing advanced tools and

UNZIPPED DATA – LEVI STRAUSS COMPROMISED ACCOUNTS
The legendary Jeans retailer Levi Strauss & Co. identified a significant data breach that affected over 72,000 customers. The incident was discovered on June 13th, 2024 and it was the result of a credential stuffing attack, where attackers used combination

LockBit: The Bluff of Double Extortion Against the Federal Reserve
In recent years, the cybersecurity landscape has been dominated by the growing threat posed by ransomware groups. Among these, LockBit has emerged as one of the most notorious and feared. However, a recent event has called their credibility into question:

Xehook Stealer: The Rise and Sale of a Formidable Stealer Malware
Introduction Xehook Stealer is a sophisticated malware targeting Windows operating systems, first discovered in January 2024. Within a year, Xehook has rapidly gained notoriety for its advanced data collection capabilities and support for over 110 cryptocurrencies and 2FA extensions. Starting

DataLeak Microsoft: 4GB of Microsoft PlayReady Code Made Public!
On June 11, a Microsoft engineer inadvertently made 4GB of internal code related to Microsoft PlayReady public. The information leak occurred on the Microsoft Developer Community, a forum dedicated to developers. Details of the Information Leak The leaked material included:

Linux Kernel UAF 0-day Vulnerability on sale in the Dark Web
Recently, a security alert shaked the infosec environment: A malicious actor has announced the sale of Use After Free (UAF) 0-day vulnerability affecting the Linux Kernel on the well-known darknet forum BreachForum. The vulnerabilit permits high privileges code execution to

The Ransomware Group Ransomexx Claims Attack on Liteon
Pietro Melillo - July 26th, 2024
On July 26, 2024, the ransomware group Ransomexx publicly claimed responsibility for an attack against Liteon, a giant in the electronic components sector. This attack is further evidence of the...

A Threat Actors Posts Update on Luxottica’s 2021 Data Breach
Redazione RHC - July 25th, 2024
Recently, a threat actor in a clandestine forum posted an update on the 2021 data breach concerning the giant Luxottica, one of the world's largest eyewear companies. According to the...

The dark side of the Windows Command Prompt: how malicious commands can replace legitimate ones
Carlo Di Dato - July 25th, 2024
If you choose to read this article, please note that it will not discuss a vulnerability or a bug, but rather an intended behavior of Windows Command Prompt which, in...

RHC interviews RADAR and DISPOSSESSOR: “When it comes to security, the best defense is a good offense.”
RHC Dark Lab - July 25th, 2024
In our usual underground analysis activities, we came into contact with the cyber gang DISPOSSESSOR, which came to attention in February 2024 in the cyber threat landscape. Accessing their Data...
Sign up for the newsletter