Analysis of SOVA Android Banking Trojan
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
π11π1
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
projectzero.google
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain - Project Zero
Posted by Maddie Stone, Project Zero Note: The three vulnerabilities discussed in this blog were all fixed in Samsungβs March 2021 release. They were...
β€18π4
Massive Phishing Campaigns Target India Banksβ Clients
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
Trend Micro
Massive Phishing Campaigns Target India Banksβ Clients
π11
Vulnerability affecting seemingly all Google Pixel phones allows to bypass lock screen protection (Bounty: $70K, CVE-2022-20465)
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
bugs.xdavidhu.me
Accidental $70k Google Pixel Lock Screen Bypass
David SchΓΌtz's bug bounty writeups
π21π€―7π7
Lookout Discovers Long-running Surveillance Campaigns Targeting Uyghurs
https://www.lookout.com/blog/uyghur-surveillance-campaign-badbazaar-moonshine
https://www.lookout.com/blog/uyghur-surveillance-campaign-badbazaar-moonshine
Lookout
Lookout Discovers Surveillance Campaigns Targeting Uyghurs | Threat Intel
Researchers from Lookout have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the Peopleβs Republic of China and abroad.
π8π4π’4π1
Discovering vendor-specific vulnerabilities in Android
https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/
https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/
News, Techniques & Guides
Discovering vendor-specific vulnerabilities in Android
For several years, Oversecured has been the best way to discover vulnerabilities in Android and iOS mobile apps.
π13
Appshark - static analysis platform to scan vulnerabilities in an Android app
https://github.com/bytedance/appshark
https://github.com/bytedance/appshark
GitHub
GitHub - bytedance/appshark: Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. - bytedance/appshark
π16
Can you exploit the app? New Android uncrackable challenge
https://github.com/Ch0pin/uncrackable
https://github.com/Ch0pin/uncrackable
GitHub
GitHub - Ch0pin/uncrackable: A list of bizarre crackmes
A list of bizarre crackmes. Contribute to Ch0pin/uncrackable development by creating an account on GitHub.
π12
Xenomorph Android banking malware found on Google Play with over 1,000 installs
https://www.zscaler.com/blogs/security-research/rise-banking-trojan-dropper-google-play-0
https://www.zscaler.com/blogs/security-research/rise-banking-trojan-dropper-google-play-0
Zscaler
Rise of Banking Trojan Dropper in Google Play | Zscaler
The Zscaler ThreatLabz team has recently discovered the Xenomorph banking trojan embedded in a Lifestyle app in the Google Play store. Read more.
π8π€―1
Phishing Campaign Targeting Indonesian BRI Bank Using SMS Stealer
https://blog.cyble.com/2022/11/15/phishing-campaign-targeting-indonesian-bri-bank-using-sms-stealer
https://blog.cyble.com/2022/11/15/phishing-campaign-targeting-indonesian-bri-bank-using-sms-stealer
Cyble
SMS Stealer Phishing Campaign Hits Indonesia's BRI Bank
Cyble Research & Intelligence Labs analyzes an active phishing campaign targeting Indonesian BRI bank using Android SMS Stealer.
π13π±1
Pixel 6 Bootloader: Exploitation (part 3)
https://eshard.com/posts/pixel6_bootloader_3
https://eshard.com/posts/pixel6_bootloader_3
π9
Forwarded from The Bug Bounty Hunter
CVE-2022-32929 - Bypass iOS backup's TCC protection
https://theevilbit.github.io/posts/cve-2022-32929/
https://theevilbit.github.io/posts/cve-2022-32929/
theevilbit blog
CVE-2022-32929 - Bypass iOS backup's TCC protection
Intro Link to heading Normally, when a users backup their iOS device, the backup is saved into ~/Library/Application Support/MobileSync/Backup directory. The MobileSync directory is properly protected by TCC, as the backup can contain photos, contact informationβ¦
π21
IT threat evolution in Q3 2022. Mobile statistics
https://securelist.com/it-threat-evolution-in-q3-2022-mobile-statistics/107978/
https://securelist.com/it-threat-evolution-in-q3-2022-mobile-statistics/107978/
Securelist
IT threat evolution in Q3 2022. Mobile statistics
In Q3 2022, a total of 5,623,670 mobile malware, adware, and riskware attacks were blocked, and 438,035 malicious installation packages were detected.
π10π₯2
Android Malware Analysis Workshop
SLIDES:
https://drive.google.com/file/d/1Y6SFYPuYdydabxE33MaZlKTxN-_Wron4/view
SLIDES:
https://drive.google.com/file/d/1Y6SFYPuYdydabxE33MaZlKTxN-_Wron4/view
π22π₯7
Android users risk falling victim to fraudsters during online job searches
https://news.drweb.com/show/?i=14608&lng=en
https://news.drweb.com/show/?i=14608&lng=en
Dr.Web
Android users risk falling victim to fraudsters during online job searches
Doctor Web is alerting users to the emergence of malicious Android apps that attackers have disguised as job-search software. Through these applications, fraudsters can collect their victimsβ personal information and steal money from them using deceptiveβ¦
π10π1π³1π1
Android SharkBot Droppers Found on Google Play
https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/
https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/
Bitdefender Labs
Android SharkBot Droppers on Google Play Underline Platform's Security Needs
A common theme we've noticed in the last few months consists of malicious apps distributed directly from the Google Play Store.
π10π±3
Bahamut cybermercenary group targets Android users with fake VPN apps
https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/
https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/
WeLiveSecurity
Bahamut cybermercenary group targets Android users with fake VPN apps
ESET researchers uncover an active campaign where the Bahamut APT targets Android users via trojanized versions of two legitimate VPN apps.
π8π±3
Vulnerability discovered in devices with a Mali GPU
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
Blogspot
Mind the Gap
By Ian Beer, Project Zero Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but...
π14π₯5
Discovered ongoing Android RAT campaign that uses FIFA World Cup in Qatar as a lure and already infected over 750 devices.
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
π15
Forwarded from The Bug Bounty Hunter
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
Medium
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
Hola H3ckers,
π32
This Malicious App on Google Play Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
π13β€1