❌

Normal view

Universiteiten denken na om te doen wat Odido naliet na gigantische Canvas-hack

Na de gigantische hack rondom onderwijsplatform Canvas lijken meerdere Universiteiten te overwegen om hackerscollectief ShinyHunters te betalen. Dit willen ze doen om te voorkomen dat de privΓ©gegevens van miljoenen studenten en docenten op straat komen te liggen.Β 

DarkSword Malware

5 May 2026 at 12:42

DarkSword is a sophisticated piece of malwareβ€”probably government designedβ€”that targets iOS.

Google Threat Intelligence Group (GTIG) has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in recovered payloads, we believe the exploit chain to be called DarkSword. Since at least November 2025, GTIG has observed multiple commercial surveillance vendors and suspected state-sponsored actors utilizing DarkSword in distinct campaigns. These threat actors have deployed the exploit chain against targets in Saudi Arabia, Turkey, Malaysia, and Ukraine.

DarkSword supports iOS versions 18.4 through 18.7 and utilizes six different vulnerabilities to deploy final-stage payloads. GTIG has identified three distinct malware families deployed following a successful DarkSword compromise: GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER. The proliferation of this single exploit chain across disparate threat actors mirrors the previously discovered Coruna iOS exploit kit. Notably, UNC6353, a suspected Russian espionage group previously observed using Coruna, has recently incorporated DarkSword into their watering hole campaigns.

A week after it was identified, a version of it leaked onto the internet, where it is being used more broadly.

This news is a month old. Your devices are safe, assuming you patch regularly.

Unicum in VPN-land: Norton ontwikkelt eerste VPN voor AI

AI-assistenten en autonome agenten worden een steeds groter onderdeel van ons leven, maar bescherming is op dat gebied nog schaars. Althans, dat is wat Norton VPN zag toen het besloot een speciale, en de allereerste, VPN voor Agenten te ontwikkelen.Β 

Strengthening cyber capacity in Kenya: A new toolkit with lessons for the region

4 May 2026 at 16:00

When a major cyber incident hits, theΒ firstΒ decisionsΒ aren’tΒ technicalβ€”they’reΒ human. Who takes the lead? How quickly can information be shared? When should governments step in, and how do you protect public trust while keeping essential services running?Β 

These questions are at the heart of Microsoft’sΒ Advancing Regional CybersecurityΒ (ARC) initiative, launched in 2025 to help governments strengthen cyber preparedness through practical, public-private collaboration. Today,Β we’reΒ sharing the first tangible output of that work:Β the ARC Kenya Exercise Report & Toolkit, developed through a tabletop exercise held in Nairobi in December 2025.Β Β 

Developed with Kenya’s National Computer and Cybercrime Coordination Committee (NC4) andΒ RiskSight, theΒ toolkit isΒ a practical planning resource designed to help government and cross-sector leaders prepare for cyber crises before they occur.Β It is grounded in real conversations among leaders from government, regulators, critical infrastructure operators, law enforcement, academia, and the private sector working through what a serious cyber incident wouldΒ demand of them, together.Β 

Stress‑testing decisions before a crisisΒ hits

The ambition of theΒ β€œSilicon Savannah” makes Kenya a compelling setting for this work. Its digital economy is expanding rapidlyβ€”fromΒ mobile‑firstΒ financial services toΒ cloud‑enabledΒ public infrastructureβ€”positioning the country as a regional technology leader. But rapid digital growth also brings increased exposure to more sophisticated cyber threats. As systems become more interconnected, a serious cyber incident can quickly disrupt essential services, undermine public trust, and threaten economic stability.Β 

Kenya’s approachΒ recognizes this reality andΒ reflects a critical principle: cybersecurity is not separate from innovation; it is one of the conditions that allows digital transformation to scale safely. The ARC initiative embodies this philosophyΒ and helps decisionΒ makers confront the practical realities of coordination, escalation, and responseΒ in this complex environment.Β 

This is exactly what the ARC Kenya tabletop exercise was designed to do. TheΒ objectiveΒ was not to test tools but toΒ stress‑testΒ decisionΒ making under pressure. Participants were challenged with complex scenariosβ€”includingΒ AI‑enabledΒ breaches, ransomware attacks, andΒ infrastructure‑levelΒ disruptions. The focus was not on technical fixes but on leadership clarity,Β cross‑agencyΒ coordination, andΒ real‑timeΒ decisionΒ making inΒ high‑pressureΒ environments.Β 

The outcome was both a roadmap for the unknown and a clear recognition of the need for shared expectations before a crisis beginsβ€”particularly around leadership and authority, trusted informationΒ sharing channels, and agreed response frameworks. These gaps,Β identifiedΒ by participants themselves, now form the backbone of the ARC Kenya Toolkit.Β 

What the ARC KenyaΒ toolkit delivers

The toolkit translates the lessons of the exercise into concrete actions that leaders can take nowβ€”before the next incident occurs. It also serves as a practicalΒ and specificΒ 12‑month roadmap for strengthening Kenya’s cyber preparedness, moving from lessonsΒ identifiedΒ to durable, institutional capability.Β Specifically, the toolkit provides recommendations to:Β 

  • Clarify national leadership during major cyber incidents, enabling government, regulators, law enforcement, and critical infrastructure operators to coordinate more quickly, with fewer gaps and overlaps.Β 
  • Establish practical,Β standards‑alignedΒ incident response modelsΒ for the entire country, including priority playbooks that teams can train on and execute consistently.Β 
  • Strengthen operational readiness across sectors, with better coordination between security operations centers (SOCs), clearer escalation thresholds, and more reliable incident reporting pathways.Β 
  • Deepen trusted informationΒ sharing andΒ public‑privateΒ collaborationΒ through common handling rules, safer β€œgood‑faith” reporting mechanisms, and regular joint exercises to build muscle memory before a crisis.

Taken together, these elements enable leaders not only to respond more effectively to cyber incidents, but to institutionalize preparedness, coordination, and resilience across the national cyber ecosystem. For African countries more broadly, the model also offers a practical pathway to strengthen regional cyber cooperationβ€”by aligning expectations around escalation, information sharing, and public‑privateΒ coordination before aΒ cross‑borderΒ incident occurs. By translatingΒ high‑levelΒ principles into practical, repeatable approaches to crisis readiness, the toolkit underscores the value of trusted international partnerships and alignment with global norms for responsible state behavior in cyberspace.Β 

Why Kenya’sΒ approach matters beyond its borders

Many countries across the Global South are grappling with similar challenges: fragmented ownership of critical infrastructure, uneven cyber capacity across sectors, and the need to coordinate rapidly under pressure. While firmly grounded in Kenya’s national context, the lessons from ARC Kenya are therefore intentionally designed to resonate far beyond its borders and to be highly transferable.Β 

Importantly, this work does not end in Kenya. We are already building on these lessons through ARC engagements in other regions, including a new workstream in Mexico, applying the same approach to strengthen preparedness, coordination, and resilience across different national contexts.Β 

By design, the ARC initiative is not simply a record of a single exercise. It is a foundation others can build onβ€”atΒ aΒ national or regional levelβ€”offeringΒ leadersΒ a practical starting point to turn shared responsibility into sustained capability.Β 

Explore the ARC Kenya ToolkitΒ & TabletopΒ Exercise

Β 

For more than a decade, the Microsoft Digital Crimes Unit (DCU) has persistently disrupted cybercrime and nation-state threats targeting people, organizations, and critical infrastructure. Explore major disruptionsβ€”and the ongoing cases and operations behind them here: Disrupting cyberthreats since 2008 | Microsoft

The post Strengthening cyber capacity in Kenya: A new toolkit with lessons for the region appeared first on Microsoft On the Issues.

How cyberattacks on companies affect everyone

23 April 2026 at 17:34

If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout usually lands on ordinary people.

The most obvious harm is stolen data. When attackers break into a business, it is usually customer information that ends up in criminal hands, and that can lead to identity theft, tax fraud, credit card fraud, and a long tail of scam attempts that can continue for months or years. For consumers, the breach itself is often just the start of the cleanup.

That work is annoying, time-consuming, and sometimes expensive. People may have to freeze credit, replace cards, change passwords, be on the lookout for suspicious transactions, and dispute charges. The Federal Trade Commission (FTC) specifically advises consumers to use IdentityTheft.gov after a breach and recommends steps like credit freezes and fraud alerts to reduce the chance of further abuse.

When sensitive data is exposed, the harm is not only financial. Medical, insurance, and other deeply personal records can be used to create more convincing phishing or extortion attempts, and the stress of knowing that private information is circulating among criminals can linger long after the technical incident is over. In other words, breach victims are not just cleaning up a data problem, they are dealing with a loss of trust.


Breaches happen every day. Don’t be the last to know.


Cybercrime also hits consumers through service disruption. Ransomware and intrusion campaigns can interrupt payment systems, telecom services, shipping, energy distribution, booking platforms, and other infrastructure people rely on every day. In those cases, the consumer impact is immediate: you may not be able to pay, travel, call, buy, or even work normally. The CSIS timeline and Canada’s cyberthreat assessment both show that these disruptions are increasingly tied to high-value targets and can be part of broader state or criminal campaigns.

Not all these incidents are driven by cybercriminals. Recently, Britain’s cybersecurity chief warned that the UK is handling 4 nationally significant cyberincidents every week, with the majority now traced back to foreign governments rather than cybercriminal groups.

Another cost is easy to overlook: disinformation and confusion. When attackers steal data, disrupt services, or impersonate trusted brands, they can also flood the public with fake support messages, scam calls, refund schemes, and phishing emails pretending to be the breached company. The breach becomes a launchpad for more fraud, and consumers are left trying to separate legitimate notifications from those sent by attackers.

Then there is the security backlash. After a breach, companies usually tighten access rules, add more multi-factor authentication prompts, force reauthentication, shorten sessions, and increase fraud checks. Those measures are often necessary, but they also make ordinary digital life more cumbersome. The consumer ends up paying with time and frustration for security problems they did not create.

That is why company-targeted cybercrime is not really only a business problem. It is a consumer issue, a public-trust issue, and sometimes even a national security issue. A single breach can leak data, trigger fraud, interrupt essential services, amplify scams, and make using the internet more frustrating for everyone else. The real cost is rarely confined to the company that got hit.

Knowing this, it’s worth thinking carefully about which companies to trust with your data and how much you’re willing to share . You cannot stop every attack against every company you deal with, but you can limit the fallout by being more selective. Some considerations:

  • Do they need all the information they are asking for?
  • Would it hurt anything if you leave some fields blank or give less specific answers?
  • Has this company been breached in the past, and how did they handle it?
  • How long will they store the data you provide?
  • Can you easily have your data removed at your request?

Your name, address, and phone number areΒ probably alreadyΒ for sale.Β Β 

Data brokers collect and sell your personal details to anyone willing to pay. Malwarebytes Personal Data Remover finds them and gets your information removed, then keeps watch so it stays that way.Β 

How cyberattacks on companies affect everyone

23 April 2026 at 17:34

If you use the internet, you’ve likely been affected by cybercrime in some way. Even when an attack is aimed at a company, the fallout usually lands on ordinary people.

The most obvious harm is stolen data. When attackers break into a business, it is usually customer information that ends up in criminal hands, and that can lead to identity theft, tax fraud, credit card fraud, and a long tail of scam attempts that can continue for months or years. For consumers, the breach itself is often just the start of the cleanup.

That work is annoying, time-consuming, and sometimes expensive. People may have to freeze credit, replace cards, change passwords, be on the lookout for suspicious transactions, and dispute charges. The Federal Trade Commission (FTC) specifically advises consumers to use IdentityTheft.gov after a breach and recommends steps like credit freezes and fraud alerts to reduce the chance of further abuse.

When sensitive data is exposed, the harm is not only financial. Medical, insurance, and other deeply personal records can be used to create more convincing phishing or extortion attempts, and the stress of knowing that private information is circulating among criminals can linger long after the technical incident is over. In other words, breach victims are not just cleaning up a data problem, they are dealing with a loss of trust.


Breaches happen every day. Don’t be the last to know.


Cybercrime also hits consumers through service disruption. Ransomware and intrusion campaigns can interrupt payment systems, telecom services, shipping, energy distribution, booking platforms, and other infrastructure people rely on every day. In those cases, the consumer impact is immediate: you may not be able to pay, travel, call, buy, or even work normally. The CSIS timeline and Canada’s cyberthreat assessment both show that these disruptions are increasingly tied to high-value targets and can be part of broader state or criminal campaigns.

Not all these incidents are driven by cybercriminals. Recently, Britain’s cybersecurity chief warned that the UK is handling 4 nationally significant cyberincidents every week, with the majority now traced back to foreign governments rather than cybercriminal groups.

Another cost is easy to overlook: disinformation and confusion. When attackers steal data, disrupt services, or impersonate trusted brands, they can also flood the public with fake support messages, scam calls, refund schemes, and phishing emails pretending to be the breached company. The breach becomes a launchpad for more fraud, and consumers are left trying to separate legitimate notifications from those sent by attackers.

Then there is the security backlash. After a breach, companies usually tighten access rules, add more multi-factor authentication prompts, force reauthentication, shorten sessions, and increase fraud checks. Those measures are often necessary, but they also make ordinary digital life more cumbersome. The consumer ends up paying with time and frustration for security problems they did not create.

That is why company-targeted cybercrime is not really only a business problem. It is a consumer issue, a public-trust issue, and sometimes even a national security issue. A single breach can leak data, trigger fraud, interrupt essential services, amplify scams, and make using the internet more frustrating for everyone else. The real cost is rarely confined to the company that got hit.

Knowing this, it’s worth thinking carefully about which companies to trust with your data and how much you’re willing to share . You cannot stop every attack against every company you deal with, but you can limit the fallout by being more selective. Some considerations:

  • Do they need all the information they are asking for?
  • Would it hurt anything if you leave some fields blank or give less specific answers?
  • Has this company been breached in the past, and how did they handle it?
  • How long will they store the data you provide?
  • Can you easily have your data removed at your request?

Your name, address, and phone number areΒ probably alreadyΒ for sale.Β Β 

Data brokers collect and sell your personal details to anyone willing to pay. Malwarebytes Personal Data Remover finds them and gets your information removed, then keeps watch so it stays that way.Β 

Hulp na online pesten wordt deel van de inboedelverzekering

18 April 2026 at 14:01
Online pesten kan zo hoog oplopen, dat mensen er hulp bij nodig hebben om de schadelijke berichten offline te halen. Je zou denken dat als dat al deel uitmaakte van een verzekering, dat tot de zorgverzekering behoorde, maar nu gaat UnivΓ© het als eerste als speciale dekking op de inboedelverzekering zetten.Β 

GTA 6-hack loopt af met een sisser - geen trailer, wel geldzaken

14 April 2026 at 13:12
Vannacht was het zover. Hackgroep Shinyhunters deelde de geclassificeerde informatie die zij wisten te stelen van Rockstar Games, de ontwikkelaar van Grand Theft Auto VI. Wie hoopte op een nieuwe trailer van de game, is waarschijnlijk teleurgesteld. Wel bracht de hack inzicht in hoe waanzinnig veel geld GTA Online nog oplevert.

How Hackers Are Thinking About AI

14 April 2026 at 12:49

Interesting paper: β€œWhat hackers talk about when they talk about AI: Early-stage diffusion of a cybercrime innovation.”

Abstract: The rapid expansion of artificial intelligence (AI) is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to intensify the scale and sophistication of attacks by seasoned cybercriminals. This paper examines the evolving relationship between cybercriminals and AI using a unique dataset from a cyber threat intelligence platform. Analyzing more than 160 cybercrime forum conversations collected over seven months, our research reveals how cybercriminals understand AI and discuss how they can exploit its capabilities. Their exchanges reflect growing curiosity about AI’s criminal applications through legal tools and dedicated criminal tools, but also doubts and anxieties about AI’s effectiveness and its effects on their business models and operational security. The study documents attempts to misuse legitimate AI tools and develop bespoke models tailored for illicit purposes. Combining the diffusion of innovation framework with thematic analysis, the paper provides an in-depth view of emerging AI-enabled cybercrime and offers practical insights for law enforcement and policymakers.

Booking.com warns customers of hack that exposed their data

Undisclosed number of names and contact and reservation details accessed in latest cybercrime attempt

The accommodation reservation website Booking.com has suffered a data breach with β€œunauthorised parties” gaining access to customers’ details.

The platform said it β€œnoticed some suspicious activity involving unauthorised third parties being able to access some of our guests’ booking information”.

Continue reading...

Β© Photograph: CrocusPhotography/Alamy

Β© Photograph: CrocusPhotography/Alamy

Β© Photograph: CrocusPhotography/Alamy

Apple: β€˜Nog geen enkele iPhone in Lockdownmodus is ooit gehackt’

28 March 2026 at 14:26
Apple heeft sinds 2022 een speciale lockdownmodus ingebouwd in zijn iPhones. Die is bedoeld voor wie mogelijk doelwit is van een geavanceerde cyberaanval. Volgens Apple werkt de modus zo goed, dat het nog geen hacker is gelukt om door de beveiliging heen te breken van iemand die de modus aan heeft staan.

Google warns quantum computers could hack encrypted systems by 2029

Banks, governments and tech providers urged to upgrade security because current systems will soon be obsolete

Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, Google has warned.

The tech company said in a blogpost that quantum computers would pose a β€œsignificant threat to current cryptographic standards” before the end of the decade and urged other companies to follow its lead.

Continue reading...

Β© Photograph: Reuters

Β© Photograph: Reuters

Β© Photograph: Reuters

Deze nieuwe hack kan miljoenen iPhones kraken en je merkt er niets van

19 March 2026 at 15:02
Beveiligingsonderzoekers hebben een hacktool ontdekt die iPhones kan overnemen zonder dat de gebruiker ook maar iets hoeft te doen. De tool, die de naam DarkSword draagt, kan in enkele minuten vrijwel al je persoonlijke gegevens stelen. Dat meldt beveiligingsbedrijf Lookout, dat de dreiging samen met Google en iVerify heeft onderzocht.

Apple geeft iPhone 6s na 11 jaar nog een update en die is heel belangrijk

12 March 2026 at 11:11
Apple heeft nieuwe beveiligingsupdates uitgerold voor oudere iPhones om een gevaarlijk lek te dichten dat bekendstaat als Coruna. Het gaat om de updates iOS 15.8.7 en iOS 16.7.15 waarmee toestellen tot de iPhone 6s worden beschermd.

Russische hacksoftware voor iPhones blijkt uit de Verenigde Staten te komen

10 March 2026 at 13:03
Het lijkt wel een soap rondom de iPhone-hacksoftware Coruna. Langzamerhand komt boven water wie het inzet, bij wie het gebruikt wordt en wie de mogelijke ontwikkelaar is. En het ziet ernaar uit dat de Verenigde Staten het zichzelf erg lastig hebben gemaakt.

Trap niet in deze valse en nare Google-beveiligingscheck

4 March 2026 at 10:23
Cybercriminelen gebruiken momenteel een nare en doordachte truc om wachtwoorden en privΓ©gegevens te stelen. Ze doen zich voor als een officiΓ«le beveiligingscontrole van Google, maar in werkelijkheid installeren ze kwaadaardige software in je browser.

Resterende klantgegevens nu ook gepubliceerd door Odido-hackers

1 March 2026 at 15:33
De internetcriminelen die telecomprovider Odido hebben gehackt hebben alle resterende gestolen klantgegevens openbaar gemaakt. De hackers hadden eerder nog plannen om de data in delen vrij te geven om zo de aandacht van het publiek vast te houden, maar besloten uiteindelijk om alles in één keer te publiceren.

❌