Forwarded from The Bug Bounty Hunter
Jailbreaking iOS without a Mac (1/4): The Plan
https://medium.com/bugbountywriteup/jailbreaking-ios-without-a-mac-1-4-the-plan-b49c0edc1759
https://medium.com/bugbountywriteup/jailbreaking-ios-without-a-mac-1-4-the-plan-b49c0edc1759
Medium
Jailbreaking iOS without a Mac (1/4): The Plan
Installing an unsigned iOS app (what is the prerequisite of jailbreaking) using Linux with (semi-)legitimate tools.
APT‑C‑23 group evolves its Android spyware
https://www.welivesecurity.com/2020/09/30/aptc23-group-evolves-its-android-spyware/
https://www.welivesecurity.com/2020/09/30/aptc23-group-evolves-its-android-spyware/
WeLiveSecurity
APT‑C‑23 group evolves its Android spyware
ESET research uncovers a new version of Android spyware that the APT-C-23 aka Two-tailed Scorpion threat group has used against targets in the Middle East.
Video demo how Android Spyware steals WhatsApp messages from received notifications
https://www.instagram.com/reel/CFwz9wMAwuL/
https://www.instagram.com/reel/CFwz9wMAwuL/
Instagram
Android Security & Hacking
What happens if you "Allow notification" access to malicious app. Video demo how easy it is for such malicious spyware to steal WhatsApp messages from received notifications . . . . . #hackers #hacking #hacker #cybersecurity #ethicalhacking #hack #kalilinux…
Dynamic Binary Instrumentation Techniques to Address Native Code Obfuscation
Paper: https://raw.githubusercontent.com/quarkslab/conf-presentations/master/BlackHat-Asia-20/asia-20-Thomas-Dynamic-Binary-Instrumentation-Techniques-to-Address-Native-Code-Obfuscation-wp.pdf
Slides: https://raw.githubusercontent.com/quarkslab/conf-presentations/master/BlackHat-Asia-20/asia-20-Thomas-Dynamic-Binary-Instrumentation-Techniques-to-Address-Native-Code-Obfuscation.pdf
Paper: https://raw.githubusercontent.com/quarkslab/conf-presentations/master/BlackHat-Asia-20/asia-20-Thomas-Dynamic-Binary-Instrumentation-Techniques-to-Address-Native-Code-Obfuscation-wp.pdf
Slides: https://raw.githubusercontent.com/quarkslab/conf-presentations/master/BlackHat-Asia-20/asia-20-Thomas-Dynamic-Binary-Instrumentation-Techniques-to-Address-Native-Code-Obfuscation.pdf
Mobile Threats and Incident Handling [free training]
Part I: https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational#mobile_threats
Part II: https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational/#mobile2
Part I: https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational#mobile_threats
Part II: https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational/#mobile2
Good news, Google will now search for security issues in other Android OEMs (Huawei, Meizu, ZTE, Vivo, OPPO...)
https://android-developers.googleblog.com/2020/10/announcing-launch-of-android-partner.html
https://android-developers.googleblog.com/2020/10/announcing-launch-of-android-partner.html
Android Developers Blog
Announcing the launch of the Android Partner Vulnerability Initiative
News and insights on the Android platform, developer tools, and events.
Discovered ACE vulnerability on Facebook for Android that was triaged through download file from group Files Tab
https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f
https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f
Medium
Arbitrary code execution on Facebook for Android through download feature
TL;DR
Forwarded from The Bug Bounty Hunter
Android Security Testing: Setting up burp suite with Android VM/physical device.
https://medium.com/@hacker7744/android-security-testing-setting-up-burp-suite-with-android-vm-physical-device-e8f713968eef
https://medium.com/@hacker7744/android-security-testing-setting-up-burp-suite-with-android-vm-physical-device-e8f713968eef
Medium
Android Security Testing: Setting up burp suite with Android VM/physical device.
Setting up the Burp suite with an android device is simple but a little tricky.
Demo of vulnerability discovered in Google's Camera app that allowed 3rd party apps to take pictures and video without user knowledge or CAMERA permission (CVE-2019-2234)
https://www.instagram.com/p/CF-Wm32AnhZ/
Slides: https://i.blackhat.com/asia-20/Friday/asia-20-Yalon-Hey-Google-Activate-Spyware.pdf
https://www.instagram.com/p/CF-Wm32AnhZ/
Slides: https://i.blackhat.com/asia-20/Friday/asia-20-Yalon-Hey-Google-Activate-Spyware.pdf
Instagram
Android Security & Hacking
My demo of vulnerability discovered in Google's Camera app allowed 3rd party apps to take pictures and video without user knowledge or CAMERA permission (CVE-2019-2234). This happened because of exported CameraActivity that accepted input from other apps.…
Mobile forensic analysis in action using Andriller
Andriller dumps all accessible data from device, but first you need to enabled ADB debugging. In my case, I performed it on PIN locked, but rooted Samsung S5.
https://www.instagram.com/p/CGEmcz7gv3t/
BTW, Andriller was a commercial toolkit until December 2019, however its author made it free and open-source, so now you can download full version without paying.
Download: https://github.com/den4uk/andriller
Andriller dumps all accessible data from device, but first you need to enabled ADB debugging. In my case, I performed it on PIN locked, but rooted Samsung S5.
https://www.instagram.com/p/CGEmcz7gv3t/
BTW, Andriller was a commercial toolkit until December 2019, however its author made it free and open-source, so now you can download full version without paying.
Download: https://github.com/den4uk/andriller
Sophisticated new Android malware marks the latest evolution of mobile ransomware
https://www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/
https://www.microsoft.com/security/blog/2020/10/08/sophisticated-new-android-malware-marks-the-latest-evolution-of-mobile-ransomware/
Microsoft News
Sophisticated new Android malware marks the latest evolution of mobile ransomware
We found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms.
BAHAMUT: Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps
https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-spark-bahamut.pdf
https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-spark-bahamut.pdf
Malicious Android SDK delivers unwanted out of context ads
https://www.whiteops.com/blog/somewhere-over-the-rainbowmix
https://www.whiteops.com/blog/somewhere-over-the-rainbowmix
HUMAN
Somewhere over the RAINBOW(MIX)
The White Ops Satori Threat Intelligence and Research Team found a group of more than 240 Android apps conducting ad fraud.
Forwarded from The Bug Bounty Hunter
Amazon Kindle: iOS App Reverse Engineering for eBooks Leaking
https://abjurato.github.io/stories/kindleEbooks.html
https://abjurato.github.io/stories/kindleEbooks.html
anatoly.works
Amazon Kindle: iOS App Reverse Engineering for eBooks Leaking
Vulnerability in JioChat for Android
Caller can cause callee device to send audio without user interaction
https://bugs.chromium.org/p/project-zero/issues/detail?id=2059
Caller can cause callee device to send audio without user interaction
https://bugs.chromium.org/p/project-zero/issues/detail?id=2059
Bruteforcing PIN lockscreen using Android as USB HID device
ADB and root are not required to perform this brutforce method!
Requirements:
-Custom compiled Kernel with support for /dev/hidg*
-OTG cable
-Termux
-noscript with commands
https://www.instagram.com/p/CGRmHwog5oy/
Tutorial:
https://github.com/pelya/android-keyboard-gadget
ADB and root are not required to perform this brutforce method!
Requirements:
-Custom compiled Kernel with support for /dev/hidg*
-OTG cable
-Termux
-noscript with commands
https://www.instagram.com/p/CGRmHwog5oy/
Tutorial:
https://github.com/pelya/android-keyboard-gadget
Diving Into mobile APT group DONOT's Rabbit Hole
https://community.riskiq.com/article/6f60db72
https://community.riskiq.com/article/6f60db72
Demo of Binance wallet theft using Accessibility services
Demo: https://twitter.com/LukasStefanko/status/1316275015889965056
Research: https://link.springer.com/chapter/10.1007/978-3-030-59817-4_2
Demo: https://twitter.com/LukasStefanko/status/1316275015889965056
Research: https://link.springer.com/chapter/10.1007/978-3-030-59817-4_2
Twitter
Lukas Stefanko
Demo of Binance wallet theft using Accessibility services Android PoC malware misuses accessibility to take control over device to withdraw Bitcoins without any user interaction. Binance swiftly fixed the issue. Research & video by @yonas_leguesse Paper:…
Malicious Mintegral SDK Leaks Data on Android
https://youtu.be/o79R4fr2cho
https://youtu.be/o79R4fr2cho
YouTube
Malicious Mintegral SDK Leaks Data on Android
For more information about SourMint, visit the research page (SourMint Malicious SDK Research - https://snyk.io/research/sour-mint-malicious-sdk/) and the Snyk blog page (SourMint: iOS remote code execution, Android findings, and community response - htt…
Hacking into Android in 32 seconds
https://youtu.be/aOWr6rWhsIs
https://youtu.be/aOWr6rWhsIs
👍1