How to unpack Android malware with Medusa tool
https://youtu.be/D2-jREzCE9k
https://youtu.be/D2-jREzCE9k
YouTube
Unpacking Android malware with Medusa
In this video, we unpack a malicious sample of Android/Joker with an open source tool named Medusa. This tool is dynamic, based on Frida. We select hooks to display unobfuscated strings, dump dynamic DEX and URLs.
A similar demo was presented in French atβ¦
A similar demo was presented in French atβ¦
π22π2
A technical analysis of Pegasus for Android β Part 1
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-1/
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-1/
π14π₯±4
Analysis of iOS SingPass app and its RASP protector - part 1
https://www.romainthomas.fr/post/22-08-singpass-rasp-analysis/
https://www.romainthomas.fr/post/22-08-singpass-rasp-analysis/
Romain Thomas
Part 1 β SingPass RASP Analysis | Romain Thomas
This first blog post introduces the RASP checks used in SingPass
π18
Zanubis LATAM Banking Trojan https://www.entdark.net/2022/09/zanubis-latam-banking-trojan.html
π13
Vulnerability in TikTok Android app could lead to one-click account hijacking https://www.microsoft.com/security/blog/2022/08/31/vulnerability-in-tiktok-android-app-could-lead-to-one-click-account-hijacking/
Microsoft News
Vulnerability in TikTok Android app could lead to one-click account hijacking
Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users' accounts with a single click.
π20
Detailed technical analysis of SOVA Android malware
https://muha2xmad.github.io/malware-analysis/sova/
https://muha2xmad.github.io/malware-analysis/sova/
muha2xmad
Technical analysis of SOVA android malware
Ψ¨Ψ³Ω
Ψ§ΩΩΩ Ψ§ΩΨ±ΨΩ
Ω Ψ§ΩΨ±ΨΩΩ
π11β€3
Mobile App Supply Chain Vulnerabilities Could Endanger Sensitive Business Information
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mobile-supply-chain-aws
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mobile-supply-chain-aws
Security
Mobile App Supply Chain Vulnerabilities Could Endanger Sensitive Business Information
Over three-quarters of the apps Symantec analyzed contained valid AWS access tokens that allowed access to private AWS cloud services.
π8π₯1
Sharkbot Trojan is back in Google Play
https://blog.fox-it.com/2022/09/02/sharkbot-is-back-in-google-play/
https://blog.fox-it.com/2022/09/02/sharkbot-is-back-in-google-play/
Fox-IT International blog
Sharkbot is back in Google Play
Authored by Alberto Segura (main author) and Mike Stokkel (co-author) Introduction After we discovered in February 2022 the SharkBotDropper in Google Play posing as a fake Android antivirus and cleβ¦
π16π2β€1
Technical analysis of SharkBot android malware
https://muha2xmad.github.io/malware-analysis/sharkbot/
https://muha2xmad.github.io/malware-analysis/sharkbot/
muha2xmad
Technical analysis of SharkBot android malware
Ψ¨Ψ³Ω
Ψ§ΩΩΩ Ψ§ΩΨ±ΨΩ
Ω Ψ§ΩΨ±ΨΩΩ
π13β€2
Android Malware Disguised as βThe China Freedom Trapβ & Stealing Neighboring Cell Information
https://blog.cyble.com/2022/09/05/spyware-campaign-targeting-the-uyghur-community/
https://blog.cyble.com/2022/09/05/spyware-campaign-targeting-the-uyghur-community/
π10π±5π2
The Rise in Incidence of Fake e-shop Scams that provide malicious banking Android apps
https://blog.cyble.com/2022/09/08/the-rise-in-incidence-of-fake-e-shop-scams/
https://blog.cyble.com/2022/09/08/the-rise-in-incidence-of-fake-e-shop-scams/
π11
Access to arbitrary file of the Nextcloud Android app from within the Nextcloud Android app
https://hackerone.com/reports/1408692
https://hackerone.com/reports/1408692
HackerOne
Nextcloud disclosed on HackerOne: Access to arbitrary file of the...
Security advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw2w-gpcv-v39f
π11β€1
Analysis of a recent campaign conducted by APT42 group (APT35, Charming Kitten, ITG18, Yellow Garuda, Phosphorus, TA453) targets Iranian citizens
https://www.mandiant.com/media/17826
https://www.mandiant.com/media/17826
Mandiant
Mandiant APT 42 Report | Mandiant
π11
Attacking the Android kernel using the Qualcomm TrustZone
https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone
https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone
Tamir Zahavi-Brunnerβs Blog
Attacking the Android kernel using the Qualcomm TrustZone
In this post I describe a somewhat unique Android kernel exploit, which utilizes the TrustZone in order to compromise the kernel.
π19π₯1
Harly - a new Trojan discovered on Google Play secretly subscribe users to paid services. It is similar to Joker and dates back to 2020.
https://twitter.com/sh1shk0va/status/1570021797697032197
https://twitter.com/sh1shk0va/status/1570021797697032197
X (formerly Twitter)
Tatyana Shishkova (@sh1shk0va) on X
New Trojans on Google Play that secretly subscribe users to paid services - we called this family Harly. Similar to Joker and dates back to 2020, the current campaign is targeting users in Thailand.
https://t.co/fSKyY62FKD
https://t.co/mHfFJ6aavy
https://t.co/fSKyY62FKD
https://t.co/mHfFJ6aavy
π11π€6π1π―1
Fake Security App Found Abusing Japanese Payment System
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abusing-japanese-payment-system/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abusing-japanese-payment-system/
McAfee Blog
Fake Security App Found Abuses Japanese Payment System | McAfee Blog
Authored by SangRyol Ryu and Yukihiro Okutomi McAfeeβs Mobile Research team recently analyzed new malware targeting mobile payment users in Japan. The
π13
The deep links crash course, Part 1: Introduction to deep links
https://medium.com/androiddevelopers/the-deep-links-crash-course-part-1-introduction-to-deep-links-2189e509e269
https://medium.com/androiddevelopers/the-deep-links-crash-course-part-1-introduction-to-deep-links-2189e509e269
Medium
The deep links crash course, Part 1: Introduction to deep links
βWhat can you do with deep links?β I welcome you to the first installment of the deep links crash course seriesβ¦
π₯15π11β€1
The deep links crash course, Part 2: Deep links from Zero to Hero
https://medium.com/androiddevelopers/the-deep-links-crash-course-part2-deep-links-from-zero-to-hero-37f94cc8fb88
https://medium.com/androiddevelopers/the-deep-links-crash-course-part2-deep-links-from-zero-to-hero-37f94cc8fb88
Medium
The deep links crash course, Part2: Deep links from Zero to Hero
In this post, we will take a closer look at different types of deep links.
π₯14π11πΎ5π3π1
Video reverse engineering series of mobile operating systems, applications, and firmware
https://www.youtube.com/playlist?list=PLkOopkYm0fCV45i_n8z5LSUL3QBXNAP2G
https://www.youtube.com/playlist?list=PLkOopkYm0fCV45i_n8z5LSUL3QBXNAP2G
YouTube
Reversing Shorts
Short videos on reverse engineering mobile operating systems, applications, and firmware. Only real-world examples with free tools :)
π24π3β€2
Technical analysis of Hydra Android banking malware
https://muha2xmad.github.io/malware-analysis/hydra/
https://muha2xmad.github.io/malware-analysis/hydra/
muha2xmad
Technical analysis of Hydra android malware
Ψ¨Ψ³Ω
Ψ§ΩΩΩ Ψ§ΩΨ±ΨΩ
Ω Ψ§ΩΨ±ΨΩΩ
π11β€3
How I hacked my car (2021 Hyundai Ioniq SEL)
Part 1: https://programmingwithstyle.com/posts/howihackedmycar/
Part 2: https://programmingwithstyle.com/posts/howihackedmycarpart2/
Part 3: https://programmingwithstyle.com/posts/howihackedmycarpart3/
Part 1: https://programmingwithstyle.com/posts/howihackedmycar/
Part 2: https://programmingwithstyle.com/posts/howihackedmycarpart2/
Part 3: https://programmingwithstyle.com/posts/howihackedmycarpart3/
Programming With Style
How I Hacked my Car
Note: As of 2022/10/25 the information in this series is slightly outdated. See Part 5 for more up to date information.
The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wirelessβ¦
The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wirelessβ¦
π30π₯2π₯°1