Demonstration of using BlueDucky to exploit 0-click Bluetooth vulnerability of unpatched Android smartphone (CVE-2023-45866)
Exploit was triggered by Raspberry Pi 4 and then by Android running NetHunter
https://youtu.be/GOGW7U1f2RA
Exploit was triggered by Raspberry Pi 4 and then by Android running NetHunter
https://youtu.be/GOGW7U1f2RA
YouTube
Using BlueDucky to test 0-click Bluetooth vulnerability
#nethunter #kali #kalilinux #smartphone #tech #howto #bluetooth #blueducky #CVE-2023-45866
π12β€1
After almost 7 years, new version of drozer compatible with Python 3 and modern Java was released.
If you don't know, drozer was a very popular security testing framework for Android
https://github.com/WithSecureLabs/drozer
If you don't know, drozer was a very popular security testing framework for Android
https://github.com/WithSecureLabs/drozer
π21
Technical analysis of Android malware Vultur
https://research.nccgroup.com/2024/03/28/android-malware-vultur-expands-its-wingspan/
https://research.nccgroup.com/2024/03/28/android-malware-vultur-expands-its-wingspan/
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
π8π6β€2π₯±2
Google fixed 2 Pixel vulnerabilities which are being actively exploited in the wild by forensic companies
CVE-2024-29745 refers to a vulnerability in the fastboot firmware used to support unlocking/flashing/locking. Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory.
CVE-2024-29748 refers to a vulnerability providing the ability to interrupt a factory reset triggered by a device admin app. It appears they've implemented a partial solution in firmware.
https://discuss.grapheneos.org/d/11860-vulnerabilities-exploited-in-the-wild-fixed-based-on-grapheneos-reports
CVE-2024-29745 refers to a vulnerability in the fastboot firmware used to support unlocking/flashing/locking. Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory.
CVE-2024-29748 refers to a vulnerability providing the ability to interrupt a factory reset triggered by a device admin app. It appears they've implemented a partial solution in firmware.
https://discuss.grapheneos.org/d/11860-vulnerabilities-exploited-in-the-wild-fixed-based-on-grapheneos-reports
GrapheneOS Discussion Forum
Vulnerabilities exploited in the wild fixed based on GrapheneOS reports - GrapheneOS Discussion Forum
β€17π1
How charging your phone can compromise your data using three types of Juice Jacking attack
https://www.mobile-hacker.com/2024/04/04/how-charging-your-phone-can-compromise-your-data-using-juice-jacking-attack/
https://www.mobile-hacker.com/2024/04/04/how-charging-your-phone-can-compromise-your-data-using-juice-jacking-attack/
Mobile Hacker
How charging your phone can compromise your data using Juice Jacking attack
This is a third time I have seen FBI posting warnings on X about risks of using free public charging stations in airports, hotels, or shopping centers.
π19π¨4β‘2
Hornet dating app with over 10 million installs had vulnerabilities, allowing precise location determination of their users, even with distance display being disabled
https://research.checkpoint.com/2024/the-illusion-of-privacy-geolocation-risks-in-modern-dating-apps/
https://research.checkpoint.com/2024/the-illusion-of-privacy-geolocation-risks-in-modern-dating-apps/
Check Point Research
The Illusion of Privacy: Geolocation Risks in Modern Dating Apps - Check Point Research
Key takeaways Introduction Dating apps traditionally utilize location data, offering the opportunity to connect with people nearby, and enhancing the chances of real-life meetings. Some apps can also display the distance of the user to other users. This featureβ¦
π16β€2π€·ββ1π€1
Bypassing anti-reversing defences in iOS applications
https://twelvesec.com/2023/10/10/bypassing-anti-reversing-defences-in-ios-applications/
https://twelvesec.com/2023/10/10/bypassing-anti-reversing-defences-in-ios-applications/
Twelvesec
Bypassing anti-reversing defences in iOS applications - Twelvesec
A walktrough on dynamically bypassing anti-debugging and anti-reversing defences in iOS applications.
π9β€3
Threat actor "Starry Addax" targets human rights defenders in North Africa with new Android malware
https://blog.talosintelligence.com/starry-addax/
https://blog.talosintelligence.com/starry-addax/
Cisco Talos Blog
Starry Addax targets human rights defenders in North Africa with new malware
Cisco Talos is disclosing a new threat actor we deemed βStarry Addaxβ targeting mostly human rights activists, associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware.
π11
Active Android espionage campaign targeting users mainly in India and Pakistan with apps bundled with the XploitSPY malware posing mostly as messaging services - even available on Google Play Store
https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/
π₯7π5β‘1
ANDROID SUPPLY CHAIN VALIDATION CHEAT SHEET
This cheat sheet is based on the work performed on Android TV devices (we documented our steps in the post Android TV Devices: Pre-0wned Supply Chain Security Threats)
https://eclypsium.com/blog/android-supply-chain-validation-cheat-sheet/
This cheat sheet is based on the work performed on Android TV devices (we documented our steps in the post Android TV Devices: Pre-0wned Supply Chain Security Threats)
https://eclypsium.com/blog/android-supply-chain-validation-cheat-sheet/
Eclypsium | Supply Chain Security for the Modern Enterprise
Android Supply Chain Validation Cheat Sheet - Eclypsium | Supply Chain Security for the Modern Enterprise
Several different tools and techniques are available for Android to enumerate software and configurations, allowing you to begin to validate the software on devices. This cheat sheet is based on the work performed on Android TV devices (we documented ourβ¦
π14β€2
iOS LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India
https://blogs.blackberry.com/en/2024/04/lightspy-returns-renewed-espionage-campaign-targets-southern-asia-possibly-india
https://blogs.blackberry.com/en/2024/04/lightspy-returns-renewed-espionage-campaign-targets-southern-asia-possibly-india
Blackberry
Secure Communications Blog
Explore expert insights on secure communications from BlackBerryβcovering government, critical infrastructure, resilience, compliance, and trusted communications at scale.
π8π₯2
SoumniBot: the new Android bankerβs unique techniques
https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/
https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/
Securelist
Analysis of the SoumniBot Android banker
We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and detection.
π8β€2
Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
https://www.shielder.com/blog/2024/04/element-android-cve-2024-26131-cve-2024-26132-never-take-intents-from-strangers/
https://www.shielder.com/blog/2024/04/element-android-cve-2024-26131-cve-2024-26132-never-take-intents-from-strangers/
Shielder
Shielder - Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
A writeup about two intent-based Android vulnerabilities CVE-2024-26131 and CVE-2024-26132 in Element (Matrix).
π₯11π2π―2
XAgent Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities
https://www.linkedin.com/pulse/xagent-spyware-targeting-ios-devices-western-europe-dmitry-bestuzhev-xunle
https://www.linkedin.com/pulse/xagent-spyware-targeting-ios-devices-western-europe-dmitry-bestuzhev-xunle
Linkedin
XAgent Spyware Targeting iOS Devices in Western Europe: Analysis of Capabilities
Executive Summary: During a recent discussion between "Isabelle Quinn" and myself regarding the latest findings of iOS malware, we encountered new samples of interest. Following observations of activity from the Triangulation group a few days ago by Dmitryβ¦
π₯12β€1π1
[BlackHat Asia 2024] Analysing a NSO iOS Spyware Sample
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#you-shall-not-pass---analysing-a-nso-ios-spyware-sample-37980
[slides] https://i.blackhat.com/Asia-24/Asia-24-Frielingsdorf-YouShallNotPassAnalysing.pdf
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#you-shall-not-pass---analysing-a-nso-ios-spyware-sample-37980
[slides] https://i.blackhat.com/Asia-24/Asia-24-Frielingsdorf-YouShallNotPassAnalysing.pdf
Blackhat
Black Hat Asia 2024
π16β€2
[BlackHat Asia 2024] Privacy Detective: Sniffing Out Your Data Leaks for Android
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#privacy-detective-sniffing-out-your-data-leaks-for-android-37301
[slides] https://i.blackhat.com/Asia-24/Presentations/Asia-24-Zhou-PrivacyDetective.pdf
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#privacy-detective-sniffing-out-your-data-leaks-for-android-37301
[slides] https://i.blackhat.com/Asia-24/Presentations/Asia-24-Zhou-PrivacyDetective.pdf
Blackhat
Black Hat Asia 2024
π6β€3
[BlackHat Asia 2024] SystemUI As EvilPiP: The Hijacking Attacks on Modern Mobile Devices
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#systemui-as-evilpip-the-hijacking-attacks-on-modern-mobile-devices-36260
[slides] https://i.blackhat.com/Asia-24/Presentations/Asia-24-WeiMinCheng-systemui-as-evilpip-the-hijacking-attacks-on-modern-mobile-devices.pdf
https://www.blackhat.com/asia-24/briefings/schedule/?s=03#systemui-as-evilpip-the-hijacking-attacks-on-modern-mobile-devices-36260
[slides] https://i.blackhat.com/Asia-24/Presentations/Asia-24-WeiMinCheng-systemui-as-evilpip-the-hijacking-attacks-on-modern-mobile-devices.pdf
Blackhat
Black Hat Asia 2024
π7
Security analysis of system apps of prepaid Android carrier devices
[slides] https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf
[slides] https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf
π₯9π2β€1
Vulnerabilities across cloud keyboard apps reveal keystrokes to network eavesdroppers (Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi that could be exploited to reveal what a user types)
https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/
https://citizenlab.ca/2024/04/vulnerabilities-across-keyboard-apps-reveal-keystrokes-to-network-eavesdroppers/
The Citizen Lab
The not-so-silent type
In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nineβ¦
π13π₯5
Brokewell: A New Android Banking Trojan Targeting Users In Germany
https://cyble.com/blog/brokewell-a-new-android-banking-trojan-targeting-users-in-germany/
https://cyble.com/blog/brokewell-a-new-android-banking-trojan-targeting-users-in-germany/
Cyble
Brokewell: New Android Trojan Targeting Germany Users
Cybel uncovers the 'Brokewell' Android Banking Trojan targeting German users with overlay attacks, keylogging, and screen recording. Stay updated on threats.
π10β€2π1