DroidLock - Android-Malware übernimmt das Gerät

Das Forschungsteam von zLabs habe eine neue Bedrohungskampagne entdeckt, die zunächst spanischsprachige Android‑Nutzer ins Visier nimmt. DroidLock, eine quasi-Ransomware, verbreitet sich über Phishing‑Websites. Sie kann den Bildschirm von Geräten mit einer ransomware‑ähnlichen Überlagerung sperren und illegal die Anmeldedaten von App‑Sperren erlangen...

Mehr:
https://maniabel.work/archiv/763

#Android #malware #ransomware #DroidLock #Phishing #infosec #infosecnews #BeDiS

Possible Phishing 🎣
on: ⚠️hxxps[:]//scedasterminalfr[.]web[.]app
🧬 Analysis at: https://urldna.io/scan/693ac8623b77500010a42fdc
#cybersecurity #phishing #infosec #urldna #scam #infosec

🔒 Security News Digest - 2025-12-11

📊 10 updates from 4 sources:

🔹 Security Boulevard: An Inside Look at the Israeli Cyber Scene
https://securityboulevard.com/2025/12/an-inside-look-at-the-israeli-cyber-scene/

🦠 Malwarebytes: DroidLock malware locks you out of your Android device and demands ransom
https://www.malwarebytes.com/blog/news/2025/12/droidlock-malware-locks-you-out-of-your-android-device-and-demands-ransom

🔹 Security Boulevard: Guided redaction in Tonic Textual: Human-precision, streamlined by AI
https://securityboulevard.com/2025/12/guided-redaction-in-tonic-textual-human-precision-streamlined-by-ai/

🔹 Security Boulevard: AIs Exploiting Smart Contracts
https://securityboulevard.com/2025/12/ais-exploiting-smart-contracts/

🔹 Security Boulevard: Attackers Worldwide are Zeroing In on React2Shell Vulnerability
https://securityboulevard.com/2025/12/attackers-worldwide-are-zeroing-in-on-react2shell-vulnerability/

🔹 BleepingComputer: UK fines LastPass over 2022 data breach impacting 1.6 million users
https://www.bleepingcomputer.com/news/security/uk-fines-lastpass-over-2022-data-breach-impacting-16-million-users/

🔹 The Record from Recorded Future News: New 'DroidLock' malware demands a ransom, locks user out of device
https://therecord.media/android-droidlock-malware-demands-ransom-locks-mobile-device

🔹 Security Boulevard: Identity Management in the Fragmented Digital Ecosystem: Challenges and Frameworks
https://securityboulevard.com/2025/12/identity-management-in-the-fragmented-digital-ecosystem-challenges-and-frameworks/

🔹 Security Boulevard: Hacks Up, Budgets Down: OT Oversight Must Be An IT Priority
https://securityboulevard.com/2025/12/hacks-up-budgets-down-ot-oversight-must-be-an-it-priority/

🔹 Security Boulevard: Rethinking Security as Access Control Moves to the Edge
https://securityboulevard.com/2025/12/rethinking-security-as-access-control-moves-to-the-edge/

#InfoSec #SecurityNews

RE: https://social.vivaldi.net/@NetscapeNavigator/115671312844470695

⚠️ Please double-check to make sure your site is using the latest Fediverse software:

Misskey: 2025.12.0
Mastodon: 4.5.3
PeerTube: 8.0.0
PixelFed: 0.12.6
Loops: 1.0.0 Beta 5
Mbin: 1.8.4
Lenny: 0.19.14
Akkoma: 2025.12
Sharkey: 2025.4.4
Pleroma: 2.9.1

#Fediverse #ActivityPub #Mastodon #Misskey #PixelFed #PeerTube #Sharkey #Loops #Akkoma #Pleroma #Mbin #Lemmy #InfoSec #Security #Hack #Foss #OpenSource #Linux #SystemAdmin #Administrator #WebMaster #ITTech #FediAdmin

Tuần này: Lừa đảo giọng nói AI gia tăng, Google vá lỗi nghiêm trọng, tấn công xác thực không mật khẩu, mã độc GhostRabbit nhắm vào freelancer, trang phishing AI không thể phát hiện, đánh cắp token OAuth, ransomware dùng AI do thám. 74% vi phạm liên quan đến thông tin đăng nhập. Chuyển sang xác thực không mật khẩu, bật 2FA, dùng passkeys, kiểm tra email bị lộ. #Cybersecurity #AI #Deepfake #Phishing #Malware #Passwordless #ChromeUpdate #Infosec #AnToanThongTin #GianLan #MatKhau #AI #BaoMat

https:

Comparing AI Agents to Cybersecurity Professionals in Real-World Penetration Testing - Research paper from Standford comparing 10 cybersecurity professionals alongside 6 existing AI agents #Infosec #AI https://arxiv.org/abs/2512.09882

get in losers, we’re gamifying everything now

> “NoName published a daily leaderboard of volunteers who launched the most attacks… and paid top-ranking volunteers in cryptocurrency”

https://www.justice.gov/opa/pr/justice-department-announces-actions-combat-two-russian-state-sponsored-cyber-criminal

#Russia #FSB #GRU #putin #vladimirPutin #uspol #cybersecurity #infosec #noName #ukpol #eupol #botnet #DDoS #ukraine #ukrainewar #crypto #cryptocurrency #litecoin #bitcoin #gamification

This reminds me I gotta update my #tails installs. lol #infosec #computers #censorship

https://lemmy.jtworld.xyz/post/33196

Neu auf dem CyberCrime-Markt: SpiderMan-Phishing-Kit

Das neue Phishing‑Kit Spiderman habe die Cyberkriminellen‑Szene erobert, da es selbst technisch wenig versierten Angreifern das Ausspähen von Bank‑ und Krypto‑Konten ermöglicht, berichtet VARONIS. Der Name sei Programm: Wie ein Spinnennetz verknüpfe das Toolkit zahlreiche europäische Banken und Finanzdienste zu einem einzigen Angriffspunkt.

Mehr: https://maniabel.work/archiv/761

#PhishingKit #Phishing #Spiderman #Crypto #infosec #infosecnews #BeDiS

Google patches actively exploited Chrome vulnerability

Google released an emergency Chrome security update (version 143.0.7499.109/.110) to patch a high-severity zero-day vulnerability (Issue 466192044) that is actively being exploited in the wild, along with two medium-severity vulnerabilities.

**An urgent patch for Chrome - Google is patching an actively exploited flaw in Chrome, and the flaw is nasty enough that even the basic description of it is withheld. DONT WAIT! Update all your Chrome and Chromium browsers (Edge, Opera, Brave, Vivaldi...). Updating the browser is easy, all your tabs reopen after the patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/google-patches-actively-exploited-chrome-vulnerability-o-x-x-m-r/gD2P6Ple2L

Possible Phishing 🎣
on: ⚠️hxxps[:]//courrielweb3245[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/693abf963b7750000d3ecf8d
#cybersecurity #phishing #infosec #urldna #scam #infosec

Possible Phishing 🎣
on: ⚠️hxxps[:]//sp14652[.]sitebeat[.]crazydomains[.]com
🧬 Analysis at: https://urldna.io/scan/693ac0943b77500010a42ea7
#cybersecurity #phishing #infosec #urldna #scam #infosec

@Ashedryden then make shure the #Cyberfascists don't win and host a #CryptoParty instead!

• Cuz that's what I'll do: #Teach #TechLiteracy & #MediaLiteracy!

Hand out #flashdrives with @tails_live / @tails / #Tails on them and spread #links to @torproject / #TorBrowser!

#CryptoParties #Teaching #Media #Cyverfasvism #NotLegalAdvice #tech #TechSupport #ITsec #InfoSec #OpSec #ComSec #Torrorist #Torrorism #Tor #Linux #privacy #DataProtevtion #VPN #I2P

@briankrebs

#GenAiMil uses Gemini 2.5 not the latest 3.0 which is only 3 weeks old. Nevertheless, it excels at reasoning tasks (ranked #1) Its got a context window of 1 million tokens, which means one can feed a sizable document into it.

There is a joke here about reasoning #AI in an unreasoning administration, except there us a reason here, one which most Americans are unable to acknowledge. Destruction of the American state.

The good news us it's for level IL5 (Sensitive but unclassified) information, which means this clownshow is about to start feeding a whole bunch of classified content into it.
I'm looking forward to reading future #infosec breaches post mortems.

Also, remember the #Google now abandoned motto "Do no evil"? How much does evil cost?
$200 million dollars (June contract).
I vaguely remember a whole bunch of Google employees quitting.

Finally, do remember that there is absolutely no regulations WHATSOEVER controlling this tech.
This is nuclear power without safeties.
Car design without seatbelts and crumplezones
and
Food additives with no regulation.
In fact trump "administration" actively threatened states that tried to make houses about #regulateai
#LLM #skynet

❓How secure are your Google Workspace groups? 🤔🔒

Gubble audits Google Groups settings to uncover risky configurations like "Anyone Can Join" or "External Members Allowed." Misconfigurations like these can expose sensitive data or enable phishing scenarios. Automate the checks before risks arise!

#GoogleWorkspace #SecOps #Cybersecurity

🔗 Project link on #GitHub 👉 https://github.com/LowOrbitSecurity/gubble

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

The Alilo Smart AI bunny, for kids three and up: “Here are some types of kink that people might be interested in."

Also defined as “Pet play” by the innocuous bunny: “One: bondage. Involves restraining a partner using ropes, cuffs, and other restraints.”

Futurism: Another AI-Powered Children’s Toy Just Got Caught Having Wildly Inappropriate Conversations https://futurism.com/artificial-intelligence/another-ai-toy-inappropriate

Also:

McDonald’s Issues Extremely Weird Response to Its Disastrous AI Ad https://futurism.com/artificial-intelligence/mcdonalds-ai-commercial @Futurism #infosec

Possible Phishing 🎣
on: ⚠️hxxps[:]//xn--2o2bo1am34d[.]weebly[.]com
🧬 Analysis at: https://urldna.io/scan/693abf7b3b77500010a42e0c
#cybersecurity #phishing #infosec #urldna #scam #infosec

"Over 10,000 Docker Hub images found leaking credentials, auth keys"

https://www.bleepingcomputer.com/news/security/over-10-000-docker-hub-images-found-leaking-credentials-auth-keys/

#security #infosec #dockerhub