Mobile App Supply Chain Vulnerabilities Could Endanger Sensitive Business Information
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mobile-supply-chain-aws
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/mobile-supply-chain-aws
Security
Mobile App Supply Chain Vulnerabilities Could Endanger Sensitive Business Information
Over three-quarters of the apps Symantec analyzed contained valid AWS access tokens that allowed access to private AWS cloud services.
๐8๐ฅ1
Sharkbot Trojan is back in Google Play
https://blog.fox-it.com/2022/09/02/sharkbot-is-back-in-google-play/
https://blog.fox-it.com/2022/09/02/sharkbot-is-back-in-google-play/
Fox-IT International blog
Sharkbot is back in Google Play
Authored by Alberto Segura (main author) and Mike Stokkel (co-author) Introduction After we discovered in February 2022 the SharkBotDropper in Google Play posing as a fake Android antivirus and cleโฆ
๐16๐2โค1
Technical analysis of SharkBot android malware
https://muha2xmad.github.io/malware-analysis/sharkbot/
https://muha2xmad.github.io/malware-analysis/sharkbot/
muha2xmad
Technical analysis of SharkBot android malware
ุจุณู
ุงููู ุงูุฑุญู
ู ุงูุฑุญูู
๐13โค2
Android Malware Disguised as โThe China Freedom Trapโ & Stealing Neighboring Cell Information
https://blog.cyble.com/2022/09/05/spyware-campaign-targeting-the-uyghur-community/
https://blog.cyble.com/2022/09/05/spyware-campaign-targeting-the-uyghur-community/
๐10๐ฑ5๐2
The Rise in Incidence of Fake e-shop Scams that provide malicious banking Android apps
https://blog.cyble.com/2022/09/08/the-rise-in-incidence-of-fake-e-shop-scams/
https://blog.cyble.com/2022/09/08/the-rise-in-incidence-of-fake-e-shop-scams/
๐11
Access to arbitrary file of the Nextcloud Android app from within the Nextcloud Android app
https://hackerone.com/reports/1408692
https://hackerone.com/reports/1408692
HackerOne
Nextcloud disclosed on HackerOne: Access to arbitrary file of the...
Security advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vw2w-gpcv-v39f
๐11โค1
Analysis of a recent campaign conducted by APT42 group (APT35, Charming Kitten, ITG18, Yellow Garuda, Phosphorus, TA453) targets Iranian citizens
https://www.mandiant.com/media/17826
https://www.mandiant.com/media/17826
Mandiant
Mandiant APT 42 Report | Mandiant
๐11
Attacking the Android kernel using the Qualcomm TrustZone
https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone
https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone
Tamir Zahavi-Brunnerโs Blog
Attacking the Android kernel using the Qualcomm TrustZone
In this post I describe a somewhat unique Android kernel exploit, which utilizes the TrustZone in order to compromise the kernel.
๐19๐ฅ1
Harly - a new Trojan discovered on Google Play secretly subscribe users to paid services. It is similar to Joker and dates back to 2020.
https://twitter.com/sh1shk0va/status/1570021797697032197
https://twitter.com/sh1shk0va/status/1570021797697032197
X (formerly Twitter)
Tatyana Shishkova (@sh1shk0va) on X
New Trojans on Google Play that secretly subscribe users to paid services - we called this family Harly. Similar to Joker and dates back to 2020, the current campaign is targeting users in Thailand.
https://t.co/fSKyY62FKD
https://t.co/mHfFJ6aavy
https://t.co/fSKyY62FKD
https://t.co/mHfFJ6aavy
๐11๐ค6๐1๐ฏ1
Fake Security App Found Abusing Japanese Payment System
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abusing-japanese-payment-system/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abusing-japanese-payment-system/
McAfee Blog
Fake Security App Found Abuses Japanese Payment System | McAfee Blog
Authored by SangRyol Ryu and Yukihiro Okutomi McAfeeโs Mobile Research team recently analyzed new malware targeting mobile payment users in Japan. The
๐13
The deep links crash course, Part 1: Introduction to deep links
https://medium.com/androiddevelopers/the-deep-links-crash-course-part-1-introduction-to-deep-links-2189e509e269
https://medium.com/androiddevelopers/the-deep-links-crash-course-part-1-introduction-to-deep-links-2189e509e269
Medium
The deep links crash course, Part 1: Introduction to deep links
โWhat can you do with deep links?โ I welcome you to the first installment of the deep links crash course seriesโฆ
๐ฅ15๐11โค1
The deep links crash course, Part 2: Deep links from Zero to Hero
https://medium.com/androiddevelopers/the-deep-links-crash-course-part2-deep-links-from-zero-to-hero-37f94cc8fb88
https://medium.com/androiddevelopers/the-deep-links-crash-course-part2-deep-links-from-zero-to-hero-37f94cc8fb88
Medium
The deep links crash course, Part2: Deep links from Zero to Hero
In this post, we will take a closer look at different types of deep links.
๐ฅ14๐11๐พ5๐3๐1
Video reverse engineering series of mobile operating systems, applications, and firmware
https://www.youtube.com/playlist?list=PLkOopkYm0fCV45i_n8z5LSUL3QBXNAP2G
https://www.youtube.com/playlist?list=PLkOopkYm0fCV45i_n8z5LSUL3QBXNAP2G
YouTube
Reversing Shorts
Short videos on reverse engineering mobile operating systems, applications, and firmware. Only real-world examples with free tools :)
๐24๐3โค2
Technical analysis of Hydra Android banking malware
https://muha2xmad.github.io/malware-analysis/hydra/
https://muha2xmad.github.io/malware-analysis/hydra/
muha2xmad
Technical analysis of Hydra android malware
ุจุณู
ุงููู ุงูุฑุญู
ู ุงูุฑุญูู
๐11โค3
How I hacked my car (2021 Hyundai Ioniq SEL)
Part 1: https://programmingwithstyle.com/posts/howihackedmycar/
Part 2: https://programmingwithstyle.com/posts/howihackedmycarpart2/
Part 3: https://programmingwithstyle.com/posts/howihackedmycarpart3/
Part 1: https://programmingwithstyle.com/posts/howihackedmycar/
Part 2: https://programmingwithstyle.com/posts/howihackedmycarpart2/
Part 3: https://programmingwithstyle.com/posts/howihackedmycarpart3/
Programming With Style
How I Hacked my Car
Note: As of 2022/10/25 the information in this series is slightly outdated. See Part 5 for more up to date information.
The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wirelessโฆ
The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wirelessโฆ
๐30๐ฅ2๐ฅฐ1
Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices
https://www.microsoft.com/security/blog/2022/09/21/rewards-plus-fake-mobile-banking-rewards-apps-lure-users-to-install-info-stealing-rat-on-android-devices/
https://www.microsoft.com/security/blog/2022/09/21/rewards-plus-fake-mobile-banking-rewards-apps-lure-users-to-install-info-stealing-rat-on-android-devices/
Microsoft News
Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices
A fake mobile banking rewards app delivered through a link in an SMS campaign has been making the rounds, targeting customers of Indian banking institutions. Users who install the mobile app are unknowingly installing an Android malware with remote accessโฆ
๐23๐ฅ5โค1
Technical analysis of Ginp Android malware
https://muha2xmad.github.io/malware-analysis/ginp/
https://muha2xmad.github.io/malware-analysis/ginp/
muha2xmad
Technical analysis of Ginp android malware
ุจุณู
ุงููู ุงูุฑุญู
ู ุงูุฑุญูู
๐10โค3
iOS Native Code Obfuscation and Syscall Hooking - part 2
https://www.romainthomas.fr/post/22-09-ios-obfuscation-syscall-hooking/
https://www.romainthomas.fr/post/22-09-ios-obfuscation-syscall-hooking/
Romain Thomas
Part 2 โ iOS Native Code Obfuscation and Syscall Hooking | Romain Thomas
This second blog post deals with native code obfuscation and RASP syscall interception
๐13
Basecamp for Android app allowed to trigger Javascript interface via WebView that would then provide access to Java native code (Bounty - $1,210)
https://hackerone.com/reports/1343300
https://hackerone.com/reports/1343300
HackerOne
Basecamp disclosed on HackerOne: com.basecamp.bc3 Webview...
It was identified that the android **com.basecamp.bc3 application**, contains a Webview where the loaded URLs are not sanitised properly. As this webview's functionality is extended via javascript...
๐8
Vulnerabilities discovered in Android and iOS WhatsApp could have caused remote code execution when receiving a crafted video file (CVE-2022-27492) and remote code execution in an established video call (CVE-2022-36934)
https://www.whatsapp.com/security/advisories/2022/
https://www.whatsapp.com/security/advisories/2022/
WhatsApp.com
WhatsApp Security Advisories 2022
WhatsApp Security Advisories 2022 - List of security fixes for WhatsApp products
๐16๐9๐1๐1
Mobile App Penetration Testing Cheat Sheet
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
GitHub
GitHub - tanprathan/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collectionโฆ
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - tanprathan/MobileApp-Pentest-Chea...
๐27๐ฅฐ1