Androset: Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite
https://github.com/Anof-cyber/Androset
https://github.com/Anof-cyber/Androset
GitHub
GitHub - Anof-cyber/Androset: Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP tableโฆ
Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Suite. - Anof-cyber/Androset
๐11
Android TV Boxes: AllWinner H616/H618 & RockChip 3328 Android Malware Analysis & Cleanup
https://github.com/DesktopECHO/T95-H616-Malware
https://github.com/DesktopECHO/T95-H616-Malware
GitHub
GitHub - DesktopECHO/T95-H616-Malware: "Pre-Owned" malware in ROM for AllWinner H616/H618 & RockChip RK3328 Android TV Boxes
"Pre-Owned" malware in ROM for AllWinner H616/H618 & RockChip RK3328 Android TV Boxes - DesktopECHO/T95-H616-Malware
๐9๐ฅ1
Android greybox fuzzing with AFL++ Frida mode
https://blog.quarkslab.com/android-greybox-fuzzing-with-afl-frida-mode.html
https://blog.quarkslab.com/android-greybox-fuzzing-with-afl-frida-mode.html
Quarkslab
Android greybox fuzzing with AFL++ Frida mode - Quarkslab's blog
This article is about greybox fuzzing of userland targets that can be encountered in Android using AFL++ and its Frida mode. We also discuss how to target JNI functions, to test the native features invoked by Java code.
๐13
Vulnerabilities identified in Amazon Fire TV Stick
1) Local network PIN brute forcing (CVE-2023-1385)
2) Arbitrary Javascript code to execution (CVE-2023-1384)
3) Register services that are only locally accessible (CVE-2023-1383)
https://www.bitdefender.com/files/News/CaseStudies/study/430/Bitdefender-PR-Whitepaper-AMZFr-creat6696-en-EN.pdf
1) Local network PIN brute forcing (CVE-2023-1385)
2) Arbitrary Javascript code to execution (CVE-2023-1384)
3) Register services that are only locally accessible (CVE-2023-1383)
https://www.bitdefender.com/files/News/CaseStudies/study/430/Bitdefender-PR-Whitepaper-AMZFr-creat6696-en-EN.pdf
๐7๐ฅ7โค1๐ค1
Flutter Hackers: Understand and reverse engineere Flutter APK Release Mode with Frida
Part 1: https://infosecwriteups.com/flutter-hackers-uncovering-the-devs-myopia-part-1-6c316be56b13
Part 2: https://infosecwriteups.com/flutter-hackers-uncovering-the-devs-myopia-part-2-598a44942b5e
Part 1: https://infosecwriteups.com/flutter-hackers-uncovering-the-devs-myopia-part-1-6c316be56b13
Part 2: https://infosecwriteups.com/flutter-hackers-uncovering-the-devs-myopia-part-2-598a44942b5e
Medium
Flutter Hackers: Uncovering the Devโs Myopia (Part 1)
Life hack for understanding Flutter Application through source code leaks
๐11๐3
Arbitrary code execution discoverd in Android imo-International Calls & Chat with 1B installs up to version 2022.11.1051 (CVE-2022-47757)
A path traversal vulnerability delivered using a deeplink can force the IMO app to write files into its data directory. This allows an attacker to write a library file that the app uses to dynamically load modules
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47757
A path traversal vulnerability delivered using a deeplink can force the IMO app to write files into its data directory. This allows an attacker to write a library file that the app uses to dynamically load modules
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47757
cve.mitre.org
CVE -
CVE-2022-47757
CVE-2022-47757
The mission of the CVEยฎ Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
๐11โค1
FluHorse โ Newly Discovered Android Malware Disguised as Popular Android Apps Targeting East Asia to steal victim credentials and 2FA codes
https://research.checkpoint.com/2023/eastern-asian-android-assault-fluhorse/
https://research.checkpoint.com/2023/eastern-asian-android-assault-fluhorse/
Check Point Research
Eastern Asian Android Assault - FluHorse - Check Point Research
Research by: Alex Shamshur, Sam Handelman, Raman Ladutska, Ohad Mana Introduction In the latest research conducted by Check Point Research, we describe a newly discovered malware called FluHorse. The malware features several malicious Android applicationsโฆ
๐13๐ค2โค1
Mobile Threats Report for Q1/2023 by Avast
https://decoded.avast.io/threatresearch/avast-q1-2023-threat-report/#mobile
https://decoded.avast.io/threatresearch/avast-q1-2023-threat-report/#mobile
Avast Threat Labs
Avast Q1/2023 Threat Report - Avast Threat Labs
Social Engineering Dominance, Rising Tide of Information-Stealers, and OneNote Abused by Malware Groups
๐10๐ค1
Fleckpe - A new family of Trojan subscribers discovered on Google Play #Jocker #Harly
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/
https://securelist.com/fleckpe-a-new-family-of-trojan-subscribers-on-google-play/109643/
Securelist
Subscription Trojans on Google Play
The new Trojan family, Fleckpe, spreads via Google Play inside photo editors and wallpapers, subscribing the unaware user to paid services.
๐13
Bypass Tiktok SSL pinning on Android devices
https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass
https://github.com/Eltion/Tiktok-SSL-Pinning-Bypass
GitHub
Eltion/Tiktok-SSL-Pinning-Bypass
Bypass Tiktok SSL pinning on Android devices. Contribute to Eltion/Tiktok-SSL-Pinning-Bypass development by creating an account on GitHub.
๐20๐ค2
Meta (Facebook) Adversarial Threat Report for Q1 2023 (Android threats included)
https://about.fb.com/wp-content/uploads/2023/05/Meta-Quarterly-Adversarial-Threat-Report-Q1-2023.pdf
https://about.fb.com/wp-content/uploads/2023/05/Meta-Quarterly-Adversarial-Threat-Report-Q1-2023.pdf
๐8โค1
Analysis of Android SpyNote spyware targeting Indian Railway Catering and Tourism Corporation (IRCTC) users
https://labs.k7computing.com/index.php/spynote-targets-irctc-users/
https://labs.k7computing.com/index.php/spynote-targets-irctc-users/
K7 Labs
SpyNote targets IRCTC users
We at K7 Labs, recently came across an email message as shown in Figure 1, from Indian Railway Catering and [โฆ]
๐9
GSMA Mobile Telecommunications Security Landscape in 2022
(ransomware, malware, smsishing, spyware, SIM swap, eSIM fraud, supply chain attacks, critical national infrastructure attacks, human threat...)
https://www.gsma.com/security/wp-content/uploads/2023/02/GSMA-Mobile-Telecommunications-Security-Landscape-2023_v1_for-website.pdf
(ransomware, malware, smsishing, spyware, SIM swap, eSIM fraud, supply chain attacks, critical national infrastructure attacks, human threat...)
https://www.gsma.com/security/wp-content/uploads/2023/02/GSMA-Mobile-Telecommunications-Security-Landscape-2023_v1_for-website.pdf
๐8โค2
Three ways how to dynamically load code into an Android application at runtime
https://erev0s.com/blog/3-ways-for-dynamic-code-loading-in-android/
https://erev0s.com/blog/3-ways-for-dynamic-code-loading-in-android/
Erev0S
3 ways for Dynamic Code Loading in Android
erev0s blog for cyber security and more
๐12๐1
DroidFrida: Android app for executing frida scripts directly on your android device
https://github.com/ac3ss0r/DroidFrida/
https://github.com/ac3ss0r/DroidFrida/
GitHub
GitHub - ac3ss0r/DroidFrida: Portable frida injector for rooted android devices.
Portable frida injector for rooted android devices. - ac3ss0r/DroidFrida
๐27๐คฎ4
JAMBOREE: Portable all in one tool to install essential Android tools (Java, Android tools, Magisk, BurpSuit, Objection, Root Emulator, Frida etc.)
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
GitHub
GitHub - freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy: Java Android Magisk Burp Objection Root Emulator Easyโฆ
Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE) - freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
๐14โค1
I/O 2023: What's new in Android security and privacy
-Safe Browsing: faster more intelligent protection
-Passkeys helps move users beyond passwords
-new API that lets developers limit accessibility services from interacting with their apps
-Data safety section in Google Play last year to help you see how developers collect, share, and protect user data
-Better control and protection over your photos and videos
https://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html
-Safe Browsing: faster more intelligent protection
-Passkeys helps move users beyond passwords
-new API that lets developers limit accessibility services from interacting with their apps
-Data safety section in Google Play last year to help you see how developers collect, share, and protect user data
-Better control and protection over your photos and videos
https://security.googleblog.com/2023/05/io-2023-android-security-and-privacy.html.html
Google Online Security Blog
I/O 2023: What's new in Android security and privacy
Posted by Ronnie Falcon, Product Manager Android is built with multiple layers of security and privacy protections to help keep you, your...
๐16๐ฅ1๐ฅฐ1๐1
Advanced Frida Usage Part 1 โ iOS Encryption Libraries
https://8ksec.io/advanced-frida-usage-part-1-ios-encryption-libraries-8ksec-blogs/
https://8ksec.io/advanced-frida-usage-part-1-ios-encryption-libraries-8ksec-blogs/
๐12โค1
Converso app: How I accidentally breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger called Converso
https://crnkovic.dev/testing-converso/
https://crnkovic.dev/testing-converso/
crnkovic.dev
Testing a new encrypted messaging app's extraordinary claims
How I breached a nonexistent database and found every private key in a 'state-of-the-art' encrypted messenger.
๐13๐ฅ7
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App (CVE-2023-28153, CVE-2023-29078, CVE-2023-29079)
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
SEC Consult
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App
Multiple vulnerabilities have been identified in the Kiddoware Kids Place Parental Control Android App. Users of the parent's web dashboard can be attacked via cross site scripting or cross site request forgery vulnerabilities, or attackers may upload arbitraryโฆ
๐14โค2๐ค1
Revisiting Stealthy Sensitive Information Collection from Android Apps [slides] #BlackHatAsia23
https://i.blackhat.com/Asia-23/AS-23-Bai-Stealthy-Sensitive-Information-Collection-from-Android-Apps.pdf
https://i.blackhat.com/Asia-23/AS-23-Bai-Stealthy-Sensitive-Information-Collection-from-Android-Apps.pdf
๐7