Malicious app on Google Play drops banking malware on usersโ devices
https://blog.pradeo.com/vultur-malware-dropper-google-play
https://blog.pradeo.com/vultur-malware-dropper-google-play
Pradeo
Malicious app on Google Play drops banking malware on usersโ devices
Pradeoโs researchers discovered a malicious mobile application called 2FA Authenticator distributed on Google Play and installed by 10K+ users.
๐ฅฐ2
How Android updates work: A peek behind the curtains from an insider
https://medium.com/@Za_Raczke/how-android-updates-work-a-peek-behind-the-curtains-from-an-insider-1d8e1a48ec0b
https://medium.com/@Za_Raczke/how-android-updates-work-a-peek-behind-the-curtains-from-an-insider-1d8e1a48ec0b
Medium
How Android updates work: A peek behind the curtains from an insider
Updates on Android were always a topic of discussion in the tech communities. Even though they are a crazily complicated topic and very fewโฆ
How to bypass root detection and SSL pinning on Android and iOS using Frida and Objection
https://securitycafe.ro/2022/02/01/root-detection-and-ssl-pinning-bypass/
https://securitycafe.ro/2022/02/01/root-detection-and-ssl-pinning-bypass/
Security Cafรฉ
Root detection and SSL pinning bypass
There are multiple methods to circumvent the client-side security that blocks the usage of the tested application in an unsafe environment such as Rooted or Jailbroken devices. Next, I will give yoโฆ
A Primer On Android Forensics
https://nex.sx/tech/2022/01/28/a-primer-on-android-forensics.html
https://nex.sx/tech/2022/01/28/a-primer-on-android-forensics.html
nex.sx
A Primer On Android Forensics - Nex
A lot has already been said on iOS forensics for the purpose of discovering traces of compromise and spyware execution. And although a lot more is left to ex...
๐1
Abusing Facebooks
https://www.ash-king.co.uk/blog/abusing-Facebooks-call-to-action-to-launch-internal-deeplinks
Call To Action to launch internal deeplinkshttps://www.ash-king.co.uk/blog/abusing-Facebooks-call-to-action-to-launch-internal-deeplinks
www.ash-king.co.uk
Abusing Facebooks Call To Action to launch internal deeplinks
Ever noticed that big blue button on the top of every Facebook page? This feature, known as Call to action or CTA is designed for user engagement and allows a page to redirect their visitors to a website, an app, inbox etc. I found it was possible for a pageโฆ
๐1
Diving Deeper in Android System Diagnostics and Remote Forensics
https://nex.sx/tech/2022/02/04/diving-deeper-in-android-system-diagnostics.html
https://nex.sx/tech/2022/02/04/diving-deeper-in-android-system-diagnostics.html
nex.sx
Diving Deeper in Android System Diagnostics and Remote Forensics - Nex
Following up from last weekโs Primer on Android Forensics, today we are going to dive a little deeper into Android system diagnostics, have a look at some ne...
๐7
How to build a Cellphone IMSI Catcher (Stingray)
https://www.hackers-arise.com/post/software-defined-radio-part-6-building-a-imsi-catcher-stingray
https://www.hackers-arise.com/post/software-defined-radio-part-6-building-a-imsi-catcher-stingray
๐18โค1
FluBot and Medusa Android banking Trojans attack banks side-by-side via SMiShing
https://www.threatfabric.com/blogs/partners-in-crime-medusa-cabassous.html#medusa-turkish-delight-with-dangerous-filling
https://www.threatfabric.com/blogs/partners-in-crime-medusa-cabassous.html#medusa-turkish-delight-with-dangerous-filling
Threatfabric
Partners-in-crime: Medusa and Cabassous attack banks side-by-side
Two advanced banking Trojans, Medusa and Cabassous (Flubot), are distributed side-by-side using the same SMiShing service.
๐9โค1
Malicious campaign Roaming Mantis (Wroba.o, Moqhao, XLoader) reaches Europe via SMiShing targeting Android and iOS
https://securelist.com/roaming-mantis-reaches-europe/105596/
https://securelist.com/roaming-mantis-reaches-europe/105596/
Securelist
Roaming Mantis reaches Europe
Weโve observed some new activities by Roaming Mantis in 2021, and some changes in the Wroba malware thatโs mainly used in this campaign.
๐9๐ฅฐ1
Zero-Click RCE Exploit for the Peloton Bike (And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device/
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device/
Nowsecure
Zero-Click RCE Exploit for the Peloton Bike Identified and Patched
The Peloton Bike ran an unpatched version of Android 7 which led to it being vulnerable to a number of known issues, most significantly CVE-2021-0326, which could allow an attacker within WiFi range to execute arbitrary code on the device with no user interaction.
๐15๐ฅ3โค1
SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking/
https://sensepost.com/blog/2022/sim-hijacking/
๐20
Google awarded $8.7 million to 696 security researchers in 2021
Highest reward - $157,000 by discovering critical exploitation chain in Android (CVE-2021-39698)
- $3 million went to Android vulnerabilities
- $3.3 million went to Chrome browser bugs
- $0.5 million went to Google Play Store vulnerabilities
- $0.313 million went to Google Cloud bugs.
https://security.googleblog.com/2022/02/vulnerability-reward-program-2021-year.html
Highest reward - $157,000 by discovering critical exploitation chain in Android (CVE-2021-39698)
- $3 million went to Android vulnerabilities
- $3.3 million went to Chrome browser bugs
- $0.5 million went to Google Play Store vulnerabilities
- $0.313 million went to Google Cloud bugs.
https://security.googleblog.com/2022/02/vulnerability-reward-program-2021-year.html
Google Online Security Blog
Vulnerability Reward Program: 2021 Year in Review
Posted by Sarah Jacobus, Vulnerability Rewards Team Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throu...
๐22๐ฅ16๐คฏ3โค2
apkingo - get detailed information about apk files
I retrieves: package name, target SDK, permissions, metadata, certificate serial and issuer, info from Google Play Store and detect if it is malicious using Koodous
https://github.com/andpalmier/apkingo
I retrieves: package name, target SDK, permissions, metadata, certificate serial and issuer, info from Google Play Store and detect if it is malicious using Koodous
https://github.com/andpalmier/apkingo
GitHub
GitHub - andpalmier/apkingo: extract info from apk files
extract info from apk files. Contribute to andpalmier/apkingo development by creating an account on GitHub.
๐19๐ฅ8โค2๐1
How to Bypass Jailbreak Detection On iOS Apps & Games (iOS 11 - iOS 14)
https://idevicecentral.com/jailbreak-guide/how-to-bypass-jailbreak-detection-on-ios-applications-and-games-ios-11-ios-14/
https://idevicecentral.com/jailbreak-guide/how-to-bypass-jailbreak-detection-on-ios-applications-and-games-ios-11-ios-14/
iDevice Central - iOS Jailbreak News, Tutorials and Tools!
How to Bypass Jailbreak Detection On iOS Applications and Games (iOS 11 โ iOS 14) - iDevice Central
Jailbreaking allows users to do more with their devices, to get past Apple's unnecessary walled garden approach. Sideloading, theming, tweaks to customize UI elements or to add functionality that is simply not there on stock iOS, all of these are done throughโฆ
๐12๐1
WiFi Zero Click RCE Trigger PoC CVE-2021-1965
https://github.com/parsdefense/CVE-2021-1965
https://github.com/parsdefense/CVE-2021-1965
๐ฅ14๐5
Collection of Android (Samsung) Security Related Resources https://github.com/NetKingJ/android-security-awesome
GitHub
GitHub - NetKingJ/awesome-android-security: A Collection of Android (Samsung) Security Research References
A Collection of Android (Samsung) Security Research References - NetKingJ/awesome-android-security
๐17โค2๐ฅ1
SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification
https://www.trendmicro.com/en_us/research/22/b/sms-pva-services-use-of-infected-android-phones-reveals-flaws-in-sms-verification.html
https://www.trendmicro.com/en_us/research/22/b/sms-pva-services-use-of-infected-android-phones-reveals-flaws-in-sms-verification.html
Trend Micro
SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification
๐8
Mobile malware evolution 2021 by Kaspersky
https://securelist.com/mobile-malware-evolution-2021/105876/
https://securelist.com/mobile-malware-evolution-2021/105876/
Securelist
Mobile malware evolution 2021
In 2021, cybercriminal activity gradually decreased, and attempts to exploit the pandemic topic became less common. However, mobile malware became more advanced, and attacks more complex.
๐10๐ฅฐ2๐2
Xenomorph - new Android Banker - here is a quick video how smoothly it creates malicious overlay once targeted app (PayPal, Binance, Coinbase etc.) are launched by victim
https://youtu.be/7-yT65lVBf8
https://youtu.be/7-yT65lVBf8
๐15
Writeup for an iOS 15 exploit that can achieve kernel
Impact: A malicious application may be able to execute arbitrary code with kernel privileges (CVE-2021-30955)
https://www.cyberkl.com/cvelist/cvedetail/24
Impact: A malicious application may be able to execute arbitrary code with kernel privileges (CVE-2021-30955)
https://www.cyberkl.com/cvelist/cvedetail/24
Cyberkl
ๆไปๅฎ้ชๅฎค
๐7๐ค5๐คฉ1