How to install Kali NetHunter on TicWatch Pro 3
https://www.mobile-hacker.com/2024/07/25/how-to-install-kali-nethunter-on-ticwatch-pro-3/
https://www.mobile-hacker.com/2024/07/25/how-to-install-kali-nethunter-on-ticwatch-pro-3/
Mobile Hacker
How to install Kali NetHunter on TicWatch Pro 3
In previous series of blogs I focused on installation of Kali NetHunter on older model of TicWatch Pro 2018 (catfish) which might be for some of you a good choice if you already have them forgotten in your drawer or you can get them cheap to play around.โฆ
๐ฅ20๐6โค1
Vulnerability in Telegram for Android: Use-after-free in Connection::onReceivedData
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
๐10
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps
https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/
https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/
Zimperium
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps - Zimperium
true
๐10
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
https://securelist.com/mandrake-apps-return-to-google-play/113147/
https://securelist.com/mandrake-apps-return-to-google-play/113147/
Securelist
New Mandrake Android spyware version discovered on Google Play
Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play
๐คฏ8๐6
Android CraxsRAT strikes in Malaysia
https://www.group-ib.com/blog/craxs-rat-malaysia/
https://www.group-ib.com/blog/craxs-rat-malaysia/
Group-IB
Android Remote Access malware strikes in Malaysia | Group-IB Blog
Group-IB's investigation on a malware sample targeting a Malaysia-based financial organization's clients in the Asia-Pacific region.
๐คก7๐ฅฑ5โค2
BlueStacks (Android emulator) privilege escalation through VM backdooring (CVE-2024-33352)
https://github.com/mmiszczyk/CVE-2024-33352
https://github.com/mmiszczyk/CVE-2024-33352
GitHub
GitHub - mmiszczyk/CVE-2024-33352: BlueStacks privilege escalation through VM backdooring
BlueStacks privilege escalation through VM backdooring - mmiszczyk/CVE-2024-33352
๐ฅ10๐5โค1
Open Redirect in Login Redirect in MobSF (CVE-2024-41955)
Update to MobSF v4.0.5.
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8m9j-2f32-2vx4
Update to MobSF v4.0.5.
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8m9j-2f32-2vx4
GitHub
Open Redirect in Login Redirect
### Impact
_What kind of vulnerability is it? Who is impacted?_
An open redirect vulnerability exist in MobSF authentication view.
PoC
1. Go to https://127.0.0.1:8000/login/?next=//afine.co...
_What kind of vulnerability is it? Who is impacted?_
An open redirect vulnerability exist in MobSF authentication view.
PoC
1. Go to https://127.0.0.1:8000/login/?next=//afine.co...
๐ฅ8
BingoMod: The new android RAT that steals money and wipes data
https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data
https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data
Cleafy
BingoMod: The new android RAT that steals money and wipes data | Cleafy Labs
Discover the new android RAT BingoMod, identified by the Cleafy TIR team in May 2024. BingoMod targets money transfers via Account Takeover and On-Device Fraud, bypassing bank security measures. It exploits permissions to steal credentials, conduct overlayโฆ
๐คฉ9๐3
Introducing the new Mobile App Security Weakness Enumeration (MASWE).
This brand new OWASP MAS resource bridges the gap between MASVS high-level controls and MASTG low-level testing, using a similar approach to CWEs.
https://mas.owasp.org/news/2024/07/30/new-maswe/
This brand new OWASP MAS resource bridges the gap between MASVS high-level controls and MASTG low-level testing, using a similar approach to CWEs.
https://mas.owasp.org/news/2024/07/30/new-maswe/
๐5๐3
New Fileless Malware Framework "GhostHook" Targets Android Devices
https://iverify.io/post/new-fileless-malware-framework-ghosthook-targets-android-devices
https://iverify.io/post/new-fileless-malware-framework-ghosthook-targets-android-devices
iverify.io
New Fileless Malware Framework "GhostHook" Targets Android Devices
iVerify have detected a new fileless malware spreading framework, GhostHook, being shared across cybercrime forums and networks.
๐8๐3๐ป3๐ฅ2โค1
BlankBot - a new Android banking trojan with screen recording, keylogging and remote control capabilities
https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities
https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities
๐10โค3๐3
Heap overflow in JPEG loading in Samsung's Little Kernel in bootloader allows a privileged attacker to execute persistent arbitrary code (it survives reboots and factory reset) CVE-2024-20832
Paper: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Article-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Slides: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Slides-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Paper: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Article-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Slides: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Slides-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
๐ฟ9๐3๐2โค1
LianSpy: new Android spyware targeting Russian users
https://securelist.com/lianspy-android-spyware/113253/
https://securelist.com/lianspy-android-spyware/113253/
Securelist
LianSpy: Android spyware leveraging Yandex Disk as C2
Previously unknown spyware LianSpy targets Android devices by exploiting root privileges to steal data and leveraging Yandex Disk cloud service as C2.
๐ฉ8๐5๐3๐ฅฑ3
Google fixed Kernel RCE vulnerability in Android (CVE-2024-36971) that was most-likely used for targeted exploitation
https://source.android.com/docs/security/bulletin/2024-08-01
https://source.android.com/docs/security/bulletin/2024-08-01
๐คก13๐4โค1
5GBaseChecker: a security analysis framework that helps to hunt for 5G vulnerabilities
https://github.com/SyNSec-den/5GBaseChecker
https://github.com/SyNSec-den/5GBaseChecker
GitHub
GitHub - SyNSec-den/5GBaseChecker
Contribute to SyNSec-den/5GBaseChecker development by creating an account on GitHub.
๐10๐3โค2๐2๐1
The Way to Android Root: Exploiting Your GPU On Smartphone (CVE-2024-23380)
[slides] https://i.blackhat.com/BH-US-24/Presentations/REVISED_US24-Gong-The-Way-to-Android-Root-Wednesday.pdf
[slides] https://i.blackhat.com/BH-US-24/Presentations/REVISED_US24-Gong-The-Way-to-Android-Root-Wednesday.pdf
๐11๐ฑ2๐ฅ1๐1๐1
Dynamic Analysis Technique of Android Malware by Injecting Smali Gadgets
Patch APK with logcat output as alternative to using Frida
https://blogs.jpcert.or.jp/en/2024/08/smaligadget.html
Patch APK with logcat output as alternative to using Frida
https://blogs.jpcert.or.jp/en/2024/08/smaligadget.html
JPCERT/CC Eyes
Dynamic Analysis Technique of Android Malware by Injecting Smali Gadgets - JPCERT/CC Eyes
When dynamically analyzing Android malware, it is currently difficult to follow its code using debuggers unlike Windows malware. Although there is a technique [1] to hook a method dynamically by Frida [2], obtaining the in-progress state of the method is...
๐คก11๐คฃ9โค8๐6๐ฉ6๐2
Android Game Hacking: Increase money in Dude Theft Wars Shooting
https://8ksec.io/hacking-android-games/
https://8ksec.io/hacking-android-games/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Hacking Android Games - 8kSec
Learn the process involved in hacking Android games and learn how to distinguish between app hacking and game hacking within the Android ecosystem.
๐ฅ17๐2
Android Vulnerability Impacting Millions of Pixel Devices Around the World
https://iverify.io/blog/iverify-discovers-android-vulnerability-impacting-millions-of-pixel-devices-around-the-world
https://iverify.io/blog/iverify-discovers-android-vulnerability-impacting-millions-of-pixel-devices-around-the-world
iverify.io
iVerify Discovers Android Vulnerability Impacting Millions of Pixel Devices Around the World
iVerify discovered an Android package, with excessive system privileges on a very large percentage of Pixel devices shipped worldwide.
๐คฎ7๐3๐1
Exploiting Androidโs Hardened Memory Allocator
PoC: https://github.com/HexHive/scudo-exploitation
Paper: https://nebelwelt.net/publications/files/24WOOT.pdf
PoC: https://github.com/HexHive/scudo-exploitation
Paper: https://nebelwelt.net/publications/files/24WOOT.pdf
GitHub
GitHub - HexHive/scudo-exploitation
Contribute to HexHive/scudo-exploitation development by creating an account on GitHub.
๐8๐ฅ5