Where To Draw The Legal Line

Hello all, I’m a white hat who is interested in advancing my offensive skills. I’ve just gotten my GCIH certification, and during that course I learned some of the basics. I’d love to continue testing and playing around with some of the tools I learned about outside of the VM environment they supplied us with. However, I am totally unsure about where my activity becomes illegal and I don’t want to even come close to committing any crimes unknowingly. Does anyone have any information on how I can go about this? Can I use nmap on a public network? Can I throw some sql injection tests in some random website? How do bug bounty hunters do it? Let me know if anyone can advise on this, thank you!

submitted by /u/spenny1111
[link] [comments]

What’s the threshold of skill at which you could be classified as a "hacker?"

I’ve been wondering this for a bit. We have different classifications of hackers, both in the private and government sector. Classifications range from script kiddies to advanced persistent threats (ATPs). There is also a tier system. But to be classified as a hacker. Not to advertise is, but to know that you have become one (ethical or unethical), what do you suppose the skill threshold is? Maybe a certification such as OSCP? Or the ability to do a hard HTB with no hints?

submitted by /u/idkbrololwtf
[link] [comments]

Italy, France and Singapore Warn of a Spike in ESXI Ransomware

ESXi ransomware targeted thousands of VMware servers in a global-scale campaign, security experts and international CERTs warn. Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware (VMW.N) ESXi servers. ESXi is VMware’s hypervisor, a technology that allows organizations to host several virtualized computers running multiple operating systems on a […]

The post Italy, France and Singapore Warn of a Spike in ESXI Ransomware appeared first on Security Affairs.

How do I copy the contents of this pull-down menu?

I’d like to get all the companies that will be exhibiting at this event from this pull down menu. This can be found here, however, I tried “inspecting” it on Chrome and “View Page Source.” I wasn’t successful with my webscraper, and I think that I’m on the right track by playing around with the “Inspect” or “View Page Source.” Any help would be appreciated.

submitted by /u/Motor-Performance-
[link] [comments]

"Hacking Cyberdeck?" idk…

GOOOOOOD DAY!

I want to build a cyberdeck to use for various things. Less dedicated to hacking and more a jack of all trades. But, I want to be able to run kali linux and not be disappointed with the SBC I buy. I now next to nothing about hacking, so this is what I’m going to use to learn. It might not be the best option, but it makes it funner in my mind and the adhd demand dopamine lol… Any suggestions on a good SBC? There are just too many options. I’ve been between the orange pi 5, rock pi 5, and lattepanda 3. I’ve been leaning towards the lattepanda. I’ve found a wifi antenna, screen… everything else but the SBC.

Thank you for your input!

submitted by /u/Deforest_diamond
[link] [comments]

Beginner Alert

Hello im IT student and beginner to hacking know about phishing and lil bit abou linux how can i start and be a good one??? submitted by /u/DAmn_ItsOk226 [link] [comments]

Royal Ransomware adds support for encrypting Linux, VMware ESXi systems

Royal Ransomware operators added support for encrypting Linux devices and target VMware ESXi virtual machines. The Royal Ransomware gang is the latest extortion group in order of time to add support for encrypting Linux devices and target VMware ESXi virtual machines. Other ransomware operators already support Linux encrypting, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, […]

The post Royal Ransomware adds support for encrypting Linux, VMware ESXi systems appeared first on Security Affairs.

Legality of account stealing

I was browsing TikTok today and I came across a video of some guy stealing a person’s Roblox account while in class. I noticed that this person was promoting his “services” in stealing and selling Roblox accounts.

I decided to join the server on an alternative account to check whether it is real or not. He does seem to have a few accounts on sale which are allegedly stolen, and on his second server, he seems to be selling (from what I personally understand) guides on how to refund items that you have received (which I am pretty sure is a crime of its own). From the few videos that he has posted advertising his “work,” it does seem like a legitimate method of stealing accounts (he is stealing the account’s cookie via an image and then using it to access the account), although there is no real way for me to confirm that it isn’t just for show.

After clicking on his TikTok account linked on the Discord (seems to be different from the one I saw the video from), he had a video with the caption “16-year-old beamer” and he showed an envelope with money inside (like he was showing off the money he earned). After that, I went ahead and reported both his TikTok account and his Discord servers, and left them both.

This got me thinking though, how legal is this? I assume that if a credit card was saved and he was buying stuff with the credit card, that would be credit card fraud, but since Roblox doesn’t store that information, the only thing currency-wise that exists are Robux, so is this really covered under some law? Additionally, he is selling said accounts and making profit out of it. I would assume this is illegal, but I can’t quite wrap my head around what law this would be under. My question to you is, how legal is this, and what laws cover this specific issue? Surely, there must be some law covering stealing and selling accounts, right?

submitted by /u/Batimius
[link] [comments]