The idea of the new system is to turn Apple’s existing network of iPhones into a massive crowdsourced location tracking system. Every active iPhone will continuously monitor for BLE beacon messages that might be coming from a lost device. When it picks up one of these signals, the participating phone tags the data with its own current GPS location; then it sends the whole package up to Apple’s servers.
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
https://blog.cryptographyengineering.com/2019/06/05/how-does-apple-privately-find-your-offline-devices/amp/
A Few Thoughts on Cryptographic Engineering
How does Apple (privately) find your offline devices?
At Monday’s WWDC conference, Apple announced a cool new feature called “Find My”. Unlike Apple’s “Find my iPhone”, which uses cellular communication and the lost…
Don't install these apps, they are still available on Google Play. These apps display unwanted after user unlocks device and hide from home menu.
These apps mostly impersonate Camera/Photo editor applications.
Source: https://twitter.com/LukasStefanko/status/1136568939239137280?s=19
These apps mostly impersonate Camera/Photo editor applications.
Source: https://twitter.com/LukasStefanko/status/1136568939239137280?s=19
Talk about 10 different Android malware families discovered on Google Play + analysis on Anubis Banking Trojan
https://youtu.be/4oSuv-kXWJI
https://youtu.be/4oSuv-kXWJI
YouTube
CONFidence 2019: "Latest Android threats and their techniques" - Lukas Štefanko
The number of Android devices, developers and applications is growing, making our lives even more convenient and connected. But there is also a dark side to the number of apps: malicious actors developing apps capable of stealing mobile banking credentials…
PHONES INFECTED WITH BACKDOOR TROJAN
Impacted models include the Doogee BL7000, the M-Horse Pure 1, the Keecoo P11, and the VKworld Mix Plus.
https://www.zdnet.com/article/germany-backdoor-found-in-four-smartphone-models-20000-users-infected/
Impacted models include the Doogee BL7000, the M-Horse Pure 1, the Keecoo P11, and the VKworld Mix Plus.
https://www.zdnet.com/article/germany-backdoor-found-in-four-smartphone-models-20000-users-infected/
ZDNet
Germany: Backdoor found in four smartphone models; 20,000 users infected
German cyber-security agency warns against buying or using four low-end smartphone models.
Preinstalled backdoor - Triada - found in Android devices.
Triada infects device system images through a third-party during the production process. Sometimes OEMs want to include features that aren’t part of the Android Open Source Project, such as face unlock. The OEM might partner with a third-party that can develop the desired feature and send the whole system image to that vendor for development.
https://security.googleblog.com/2019/06/pha-family-highlights-triada.html
Triada infects device system images through a third-party during the production process. Sometimes OEMs want to include features that aren’t part of the Android Open Source Project, such as face unlock. The OEM might partner with a third-party that can develop the desired feature and send the whole system image to that vendor for development.
https://security.googleblog.com/2019/06/pha-family-highlights-triada.html
Google Online Security Blog
PHA Family Highlights: Triada
Posted by Lukasz Siewierski, Android Security & Privacy Team We continue our PHA family highlights series with the Triada family, whi...
“Digging Android Applications — Part 1 — Drozer + Burp” by Yasho https://link.medium.com/gVswDFdKlX
Medium
Digging into Android Applications — Part 1 — Drozer + Burp
Hello, in this post I’m going to solve the first section of Andrill:
Anubis Android Bank Trojan technical analysis and recent activities summary (Chinese)
https://ti.qianxin.com/blog/articles/anubis-android-bank-trojan-technical-analysis-and-recent-activities-summary/
https://ti.qianxin.com/blog/articles/anubis-android-bank-trojan-technical-analysis-and-recent-activities-summary/
Qianxin
奇安信威胁情报中心
Nuxt.js project
Many unofficial Telegram apps could be remotely controlled
https://link.medium.com/FfLwZsvrnX
https://link.medium.com/FfLwZsvrnX
Medium
Unofficial telegrams and privacy in iran
For more than a few years, Telegram is the main and most popular messenger among Iranians, After many events, the Iranian government…
Mobile phishing toolkit remotely controlled by an app
https://github.com/UndeadSec/SocialFishMobile
https://github.com/UndeadSec/SocialFishMobile
GitHub
GitHub - UndeadSec/SocialFishMobile: :iphone: An app to remote control SocialFish.
:iphone: :fish: An app to remote control SocialFish. - GitHub - UndeadSec/SocialFishMobile: :iphone: An app to remote control SocialFish.
🥰1
Anubis downloader found on Google Play with 1,000+ installs.
Info: https://twitter.com/0xabc0/status/1137988063244763136?s=19 via @0xabc0
Info: https://twitter.com/0xabc0/status/1137988063244763136?s=19 via @0xabc0
Overview of 4 techniques used by Android malware to detect name of launched app.
+ how developers can protect their apps against one of these technique.
https://eybisi.run/Mobile-Malware-Analysis-Overlay-and-How-to-Counter-it/
+ how developers can protect their apps against one of these technique.
https://eybisi.run/Mobile-Malware-Analysis-Overlay-and-How-to-Counter-it/
hedgehog's cave
Mobile Malware Analysis : Overlay and How to Counter It (Partly)
Defeating OverlayIn my last anubis post I touched on overlay and how malware use process scanning to get top process. If somehow we can bypass those techniques, in a way overlay can be defeated. In th
How to get payload of obfuscated Gustuff malware using Frida & Strace
http://skptr.me/dealing_with_obfuscated_malware_like_gustuff.html
http://skptr.me/dealing_with_obfuscated_malware_like_gustuff.html
👍1
PhoneSploit - ADB tools in one place + additional features
https://github.com/Zucccs/PhoneSploit/blob/master/README.md
https://github.com/Zucccs/PhoneSploit/blob/master/README.md
Trojan downloader found on Google Play by @Maler360
-once launched, hides itself icon
-downloads additional app over HTTP
-makes user install it
-second app can then download additional apps & make user install them as "Update Alert" + display ads
-100,000+ installs
-reported
Video demo: https://twitter.com/LukasStefanko/status/1138764352411131905
-once launched, hides itself icon
-downloads additional app over HTTP
-makes user install it
-second app can then download additional apps & make user install them as "Update Alert" + display ads
-100,000+ installs
-reported
Video demo: https://twitter.com/LukasStefanko/status/1138764352411131905
Twitter
Lukas Stefanko
Trojan downloader found on Google Play by @Maler360 -once launched, hides itself icon -downloads additional app over HTTP -makes user install it -second app can then download additional apps & make user install them as "Update Alert" + display ads -100,000+…
iOS Kernel Fuzzing - Finding Bugs/Vulnerabilities in iOS via IOKit Fuzzing https://youtu.be/Psm_mCJXH-8
YouTube
iOS Kernel Fuzzing - Finding Bugs/Vulnerabilities in iOS via IOKit Fuzzing
Get my books here - https://zygosec.com
Hey guys! Today in this video we're taking a look at a method used to fuzz the iOS kernel and discover bugs/vulnerabilities. This particular method involves mutating input data to IOConnectCallMethod() calls in order…
Hey guys! Today in this video we're taking a look at a method used to fuzz the iOS kernel and discover bugs/vulnerabilities. This particular method involves mutating input data to IOConnectCallMethod() calls in order…
Forwarded from The Bug Bounty Hunter
Yaazhini - Free Android APK & API Vulnerability Scanner https://www.vegabird.com/yaazhini/
Vegabird
Vooki - Free Android APK & API Vulnerability Scanner | Vooki Infosec
Free Android Application APK & API Vulnerability Scanner tool. Available for Windows & Mac. Get the android app security scanner.
Android app - La Liga - spied on football fans
According to reports, audio recorded through the Android smartphone’s microphone was combined with GPS location data in an attempt to determine if bars and restaurants were airing live matches without a license.
https://hotforsecurity.bitdefender.com/blog/la-liga-fined-e250000-after-android-app-spied-on-football-fans-21332.html
According to reports, audio recorded through the Android smartphone’s microphone was combined with GPS location data in an attempt to determine if bars and restaurants were airing live matches without a license.
https://hotforsecurity.bitdefender.com/blog/la-liga-fined-e250000-after-android-app-spied-on-football-fans-21332.html
Hot for Security
La Liga fined €250,000 after Android app spied on football fans
The Spanish football league La Liga has been hit with a fine of 250,000 euros
(approximately US $280,000) after its official Android app was found
[https://elpais.
(approximately US $280,000) after its official Android app was found
[https://elpais.
👍1
Four more apps with 220,000+ installs were lately available on Google Play with the functionality to download and make victim install additional apps + display unwanted ads.
This one is still there, found by @m0br3v
This one is still there, found by @m0br3v
6 MUST HAVE TOOLS FOR YOUR IOS PENTESTING TOOLKIT
https://payatu.com/6-must-tools-ios-pentesting-toolkit/
https://payatu.com/6-must-tools-ios-pentesting-toolkit/
Payatu
6 Must Have Tools For Your IOS Pentesting Toolkit | Payatu
Performing a pentesting requires pentesting tools. We have brought you 6 essential iOS Pentesting Toolkit. Check out our toolkit.
Methodology for penetration testing and security assessment.
https://github.com/aungthurhahein/Red-Team-Curation-List/blob/master/README.md
https://github.com/aungthurhahein/Red-Team-Curation-List/blob/master/README.md
Operation Android : Android Pentesting is out.
https://www.peerlyst.com/posts/operation-android-android-pentesting-is-out-benedict-charles
https://www.peerlyst.com/posts/operation-android-android-pentesting-is-out-benedict-charles