My other ClassLoader is your ClassLoader: Creating evil twin instances of a class
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
π₯12
WiFi Calling: Revealing Downgrade Attacks and Not-so-private private Keys
https://i.blackhat.com/EU-24/Presentations/EU-24-DabrowskiGegenhuber-WiFi-Calling-Revealing-Downgrade-Attacks.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-DabrowskiGegenhuber-WiFi-Calling-Revealing-Downgrade-Attacks.pdf
π₯12
How to detect ARP spoofing attack using Android app
https://www.mobile-hacker.com/2024/12/16/detect-arp-spoofing-attack-using-android-app/
https://www.mobile-hacker.com/2024/12/16/detect-arp-spoofing-attack-using-android-app/
Mobile Hacker
Detect ARP spoofing attack using Android app
ARP spoofing attacks are often used in combination with other types of attacks, such as DNS spoofing, SSL stripping, and more. These attacks can be used to steal sensitive information, launch phishing attacks.
π13π₯3π1
Discovery of 6 vulnerabilities in one Qualcomm driver and one of the used as In-the-Wild exploit
https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html
https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html
Blogspot
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
Posted by Seth Jenkins, Google Project Zero This blog post provides a technical analysis of exploit artifacts provided to us by Google's Thr...
π₯10π2β€1
Authorities in Serbia used Cellebrite to unlock mobile phones so they could then infect them with NoviSpy Android malware
https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/
https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/
Amnesty International Security Lab
βA Digital Prisonβ: Surveillance and the suppression of civil society in Serbia - Amnesty International Security Lab
This is the Executive Summary of Amnesty Internationalβs report on surveillance and the suppression of civil society in Serbia. Please click here for the full report in PDF format. You can read the Executive Summary in Serbian, French or Spanish. In Februaryβ¦
π₯11π5π3
Diving into ADB protocol internals (2/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-22.html
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-22.html
Synacktiv
Diving into ADB protocol internals (2/2)
π10π₯6π5π4β€1
Screen recording Android spyware distributed through Amazon Appstore
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/
McAfee Blog
Spyware distributed through Amazon Appstore | McAfee Blog
Authored by Wenfeng Yu and ZePeng Chen As smartphones have become an integral part of our daily lives, malicious apps have grown increasingly deceptive
π€13π7π₯2
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
https://www.mobile-hacker.com/2024/12/23/exploring-marauder-bruce-and-ghost-esp-on-cheap-yellow-device/
https://www.mobile-hacker.com/2024/12/23/exploring-marauder-bruce-and-ghost-esp-on-cheap-yellow-device/
Mobile Hacker
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Display
In this blog, I will focus on the most popular offensive security projects such as Marauder, Bruce and Ghost ESP to get most of this device and compare them in the end.
π13π₯8
Android BADBOX Botnet Is Back
https://www.bitsight.com/blog/badbox-botnet-back
https://www.bitsight.com/blog/badbox-botnet-back
Bitsight
BADBOX Botnet Is Back | Bitsight
The TRACE team investigated BADBOX, which is a large-scale cybercriminal operation selling off-brand Android TV boxes, smartphones, and other Android electronics with preinstalled malware.
π16π₯5π2
Install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
Mobile Hacker
Run Firmware Anywhere: Flexibility of M5Stick Launcher
Launcher tool that is able to switch between all of the three firmware without a need of a computer, and even while on the go.
π15π2
This media is not supported in your browser
VIEW IN TELEGRAM
How to install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
π₯21π4β€1
Ultimate iOS (iPhone & iPad) Hardening Guide
https://github.com/martinholovsky/Security-Blueprints/blob/main/iOS-Hardening-Guide.md
https://github.com/martinholovsky/Security-Blueprints/blob/main/iOS-Hardening-Guide.md
GitHub
Security-Blueprints/iOS-Hardening-Guide.md at main Β· martinholovsky/Security-Blueprints
Collection of my Security Blueprints & Guides. Contribute to martinholovsky/Security-Blueprints development by creating an account on GitHub.
π12π₯5π€‘3
FireScam: Android information stealing malware with spyware capabilities
https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/
https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/
CYFIRMA
Inside FireScam : An Information Stealer with Spyware Capabilities - CYFIRMA
This report has been revised to remove references to the obfuscation tool previously mentioned, as the obfuscation techniques in the...
π12π6β€1
Emulating Android native libraries using unidbg
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
Hamzaβs blog posts, notes and thoughts.
Emulating Android native libraries using unidbg
Introduction Unidbg is an open-source framework to emulate Android native libraries (and to a certain extent has experimental iOS emulation capabilities). There are a few use cases where emulating Android libraries is beneficial. I will cover a single useβ¦
π₯11π4π3π3
Unidbg to production
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html
Hamzaβs blog posts, notes and thoughts.
Unidbg to production
Introduction In the last blogpost, we covered how to use unidbg from scratch to emulate an Android native library. As some might have noticed, the Proof of Concept code is not production ready as it does not allow for a way to call the signing functionalityβ¦
π11π₯6π1
Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/
Mobile Hacker
Boost Your Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
I am excited to introduce you to FEBERIS, an expansion 3-in-1 development board for the Flipper Zero. This custom board utilizes external Wi-Fi, NRF24, and CC1101 modules, enhancing the capabilities of your Flipper Zero device.
π17β€12π2
Fully-remote (0-click) bug on the Samsung S24 if Google Messages is configured for RCS (the default configuration on this device), as the transcription service decodes incoming audio before a user interacts with the message for transcription purposes. Issue is fixed now.
https://project-zero.issues.chromium.org/issues/368695689
https://project-zero.issues.chromium.org/issues/368695689
π₯34π3β‘1
Analysis of Autel MaxiCharger Android app to reviewing the attack surface
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two
Zero Day Initiative
Zero Day Initiative β Reviewing the Attack Surface of the Autel MaxiCharger: Part Two
Previously , we covered the internals of the Autel MaxiCharger where we highlighted each of the main components. In this post, we aim to outline the attack surface of the MaxiCharger in the hopes of providing inspiration for vulnerability research. All informationβ¦
π7π1
Android malware in DoNot APT operations
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/
CYFIRMA
ANDROID MALWARE IN DONOT APT OPERATIONS - CYFIRMA
EXECUTIVE SUMMARY The research team at CYFIRMA collected a sample attributed to the Indian APT group known as βDONOTβ, which...
β€12π6π€2π1
USB Army Knife: Close Access Penetest Tool
It is capable of: remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/
It is capable of: remote keystroke injection, VNC, USB network adapter, EvilAP, Marauder, record microphone, controlled over web interface with fancy LCD screen
https://www.mobile-hacker.com/2025/01/24/usb-army-knife-the-ultimate-close-access-penetest-tool/
Mobile Hacker
USB Army Knife: The Ultimate Close Access Penetest Tool
Whether you want to transform into a USB Ethernet adapter and capture network traffic, create custom user interface for your attacks, or use covert storage devices, the USB Army Knife has you covered.
π29π₯3π2