Vulnerability discovered in devices with a Mali GPU
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
Blogspot
Mind the Gap
By Ian Beer, Project Zero Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but...
π14π₯5
Discovered ongoing Android RAT campaign that uses FIFA World Cup in Qatar as a lure and already infected over 750 devices.
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
π15
Forwarded from The Bug Bounty Hunter
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
Medium
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
Hola H3ckers,
π32
This Malicious App on Google Play Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
π13β€1
Fake Security App Found Abuses Japanese Payment System
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abuses-japanese-payment-system/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abuses-japanese-payment-system/
McAfee Blog
Fake Security App Found Abuses Japanese Payment System | McAfee Blog
Authored by SangRyol Ryu and Yukihiro Okutomi McAfeeβs Mobile Research team recently analyzed new malware targeting mobile payment users in Japan. The
π9
Schoolyard Bully Android Trojan Discovered On Google Play Steals Facebook Credentials
https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/
https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/
Zimperium
Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium
Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, readβ¦
π11
Forwarded from The Bug Bounty Hunter
Huawei Security Hypervisor Vulnerability
https://blog.impalabs.com/2212_advisory_huawei-security-hypervisor.html
https://blog.impalabs.com/2212_advisory_huawei-security-hypervisor.html
Impalabs
Huawei Security Hypervisor Vulnerability
This advisory contains information about the following vulnerabilities:
- OOB Accesses Using the Logging System
- OOB Accesses Using the Logging System
π9
Remote code vulnerabilities discovered in three applications that enable an Android device to be used as a remote keyboard and mouse for their computers
https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/
https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/
Blackduck
CyRC Advisory: Mouse & Keyboard App Vulnerabilities | Black Duck Blog
Discover CyRC's advisory on remote code execution vulnerabilities in popular mouse and keyboard apps and understand their potential impact.
π10π6
October 2022 review of virus activity on mobile devices by Doctor Web
https://news.drweb.com/show/review/?lng=en&i=14617
https://news.drweb.com/show/review/?lng=en&i=14617
Dr.Web
Dr.Web β Doctor Webβs October 2022 review of virus activity on mobile devices
Find out on Doctor Webβs site about the latest virus threats and information security issues.
π8β€2
Roots in the Past: General Mobile E-Tab4
https://erfur.github.io/2022/12/04/roots-in-the-past-1.html
https://erfur.github.io/2022/12/04/roots-in-the-past-1.html
π10π₯°4
An upsurge of new Android Banking Trojan βZanubisβ
https://labs.k7computing.com/index.php/an-upsurge-of-new-android-banking-trojan-zanubis/
https://labs.k7computing.com/index.php/an-upsurge-of-new-android-banking-trojan-zanubis/
K7 Labs
An upsurge of new Android Banking Trojan βZanubisβ
We came across the tweet of an Android malware sample, a banking trojan that mainly targets Peru banks by [β¦]
π15π₯2π±2β€1π1π1
Android Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
Threatfabric
Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
A new campaign is targeting Android & Windows with multiple Trojans using Zombinder: a thirdparty service to infect a legitimate app with malicious payload
π13
Android app "Web Explorer β Fast Internet" with over 5m downloads leaked user browsing history
https://cybernews.com/security/android-app-leaked-user-browsing-history/
https://cybernews.com/security/android-app-leaked-user-browsing-history/
Cybernews
Android app with over 5m downloads leaked user browsing history
Web Explorer β Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific usersβ browsing history.
π15π€¨1
Frida script to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
Gist
Frida script to bypass common methods of sslpining Android
Frida script to bypass common methods of sslpining Android - mixunpin.js
π19π¨2
How to setup and scan wi-fi networks using Hijacker app
https://www.instagram.com/p/CmB6ufaDFf3/
https://www.instagram.com/p/CmB6ufaDFf3/
π26π₯5π₯°2π1
Forwarded from The Bug Bounty Hunter
apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
https://github.com/ax/apk.sh
https://github.com/ax/apk.sh
GitHub
GitHub - ax/apk.sh: Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuildingβ¦
Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh
π39π₯2
BrasDex: A new Brazilian ATS Android Banker with ties to Desktop malware
https://www.threatfabric.com/blogs/brasdex-a-new-brazilian-ats-malware.html
https://www.threatfabric.com/blogs/brasdex-a-new-brazilian-ats-malware.html
ThreatFabric
BrasDex: A new Brazilian ATS Android Banker with ties to Desktop malware
ThreatFabricβs analysts discovered a multi-platform banking malware campaign targeting Brazil, reaching thousands of victims.
π16π₯°5
Do you have hacking experience in mobiles and would like to earn much more bounty rewards than now?
Fill out the form below and we will provide free unlimited access to Oversecured Android/iOS vulnerability scanners
https://docs.google.com/document/u/0/d/1dwDtx9S3CSXtjThv-f9t9VbD1cw6c-KOVr506LxU3dg/mobilebasic
Apply here: https://docs.google.com/forms/d/e/1FAIpQLSde-rGWyGF7ug3MIhf3OGE3uJg78tQgcIlsf0MOBApnBVqqVw/viewform
Fill out the form below and we will provide free unlimited access to Oversecured Android/iOS vulnerability scanners
https://docs.google.com/document/u/0/d/1dwDtx9S3CSXtjThv-f9t9VbD1cw6c-KOVr506LxU3dg/mobilebasic
Apply here: https://docs.google.com/forms/d/e/1FAIpQLSde-rGWyGF7ug3MIhf3OGE3uJg78tQgcIlsf0MOBApnBVqqVw/viewform
π15π12π₯2π2
MoneyMonger: Predatory Loan Scam Campaigns Move to Flutter
https://www.zimperium.com/blog/moneymonger-predatory-loan-scam-campaigns-move-to-flutter/
https://www.zimperium.com/blog/moneymonger-predatory-loan-scam-campaigns-move-to-flutter/
Zimperium
MoneyMonger: Predatory Loan Scam Campaigns Move to Flutter - Zimperium
The Zimperium zLabs team recently discovered a Flutter application with malicious code. The Flutter-obfuscated malware campaign, MoneyMonger, is solely distributed through third-party app stores and sideloaded onto the victimβs Android device. Read more toβ¦
π18
How to install firmware for external Wi-Fi adapters in NetHunter using Magisk
https://www.youtube.com/shorts/BjAKy97B1d4
https://www.youtube.com/shorts/BjAKy97B1d4
π30π₯2
GodFather Android Malware Returns Targeting Banking Users
https://blog.cyble.com/2022/12/20/godfather-malware-returns-targeting-banking-users/
https://blog.cyble.com/2022/12/20/godfather-malware-returns-targeting-banking-users/
Cyble
Godfather Malware Returns: Targeting Banking Users And Online Security
The Godfather malware is back, specifically targeting banking users. Learn how this threat works and what steps you can take to protect your online banking security.
π19