A new Belgian law will allow ethical hackers to hack into the data of Belgian companies without any prior permission. Until now such practices could land you in jail.

No Morals, No Qualms, No Borders: From an Office Building in Israel, Experts in Technological Manipulation Are Attacking Democracies, Media and Elections Across the World

Dans du projet « Story Killers » qui poursuit le travail de la journaliste indienne Gauri Lankesh sur la désinformation, le consortium Forbidden Stories révèle aujourd’hui l’existence d’une entreprise israélienne ultra-secrète impliquée dans la manipulation d’élections à grande échelle et le piratage de responsables politiques africains. Une plongée inédite au cœur d’un monde où s’entremêlent armée de trolls, cyber espionnage et jeux d’influence. Story Killers, une enquête mondiale sur les mercenaires de la désinformation, que Mondafrique a le fierté de publier. Cécile Andrzejewski « Les choses n’ont pas forcément besoin d’être vraies, du moment qu’elles sont crues. » Voilà une citation qui

For more than six months, undercover reporters posed as consultants working on behalf of a businessman who wanted to delay an African election

ThreatLabz observed a new campaign targeting a Government organization in which the threat actors utilized a new Command & Control (C2) framework named Havoc

We decided to check what ChatGPT already knows about threat research and whether it can help with identifying simple adversary tools and classic indicators of compromise, such as well-known malicious hashes and domains.

Learn how fake URL shorteners are redirecting hacked website traffic to crypto themed websites to generate fraudulent AdSense revenue.

Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims.

This was a weekend of record-breaking DDoS DDoS. Over the weekend, Cloudflare detected and mitigated dozens of hyper-volumetric DDoS attacks. The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps. This is the largest reported HTTP DDoS attack on record, more than 35% higher than the previous reported record of 46M rps in June 2022.

What's allowed for Cupertino is verboten for everyone else Apple has again been sued for promising privacy and allegedly failing to provide it. The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.

Hackers dropped their logo into the online broadcast and a voice shouted, “Death to the Islamic Republic.”

In 2018, EFF along with researchers from Lookout Security published a report describing the Advanced Persistent Threat (APT) we dubbed "Dark Caracal." Now we have uncovered a new Dark Caracal campaign operating since March of 2022, with hundreds of infections across more than a dozen countries. In this report we will present evidence that the cyber mercenary group Dark Caracal is still active and continues to be focused on Latin America, as was reported last year. We have discovered that Dark Caracal, using the Bandook spyware, is currently infecting over 700 computers in Central and South America, primarily in The Dominican Republic and Venezuela.

n late November 2022, a few days after ETH Alumni launched their new feature “Who is who” which allows them to look up and connect to other members, I came across a severe access control vulnerability. Without any authorization over the internet, it allowed extracting at least 35418 member profiles, including full name, postal address, nationality, title, graduation field, study start year, gender, profile picture and hashed passwords.

Infinity Team, a collaboration between Killnet and Deanon Club, has established its own forum and marketplace called Infinity

The world’s most prolific crypto thieves have used Sinbad.io to launder tens of millions. Its creator, “Mehdi,” answers WIRED’s questions.