Diving Into mobile APT group DONOT's Rabbit Hole
https://community.riskiq.com/article/6f60db72

Demo of Binance wallet theft using Accessibility services
Demo: https://twitter.com/LukasStefanko/status/1316275015889965056
Research: https://link.springer.com/chapter/10.1007/978-3-030-59817-4_2

Malicious Mintegral SDK Leaks Data on Android
https://youtu.be/o79R4fr2cho

Hacking into Android in 32 seconds
https://youtu.be/aOWr6rWhsIs

Hacking Android Apps with Frida
https://youtu.be/iMNs8YAy6pk

GravityRAT: The spy returns
The cybercriminals added a spy module to Travel Mate, an Android app for travelers to India, the source code of which is available on Github
https://securelist.com/gravityrat-the-spy-returns/99097/

Android Mobile Hacking Workshop
VIDEO: https://youtu.be/PMKnPaGWxtg
SLIDES: https://docs.google.com/presentation/d/1gK2vYdvwFn8r8dSawIWRRIF4yDF4qmMY2qEelS1M7rI/edit#slide=id.p

Awesome Android Security
Books, bug bounty, courses, tools, labs, talks, write-ups, cheat sheet, blogs
https://github.com/saeidshirazi/awesome-android-security

Multiple Address Bar Spoofing Vulnerabilities In Mobile Browsers (Safari, Yandex for Android, Opera Touch for iOS, UC Browser for Android, Opera Mini Android, RITS Browser and Bolt Browser iOS)
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html

HID attack against PC with Android
This is HID (Human Interface Device) attack against Windows 10, using Samsung S7 (HID) that downloads and executes Metasploit payload by hijacking its keyboard. The second Android device is running meterpreter listener and once payload is launched, device is owned
https://www.instagram.com/p/CGrXqKxg41l/

New education article: all about attacks on Android implicit intents
https://blog.oversecured.com/Interception-of-Android-implicit-intents/

Android arbitrary code execution
Frida noscript that helps to identify potential ACE dynamically
https://github.com/androidmalware/android_frida_noscripts#1-file_existsjs

Samsung S20 - RCE via Samsung Galaxy Store App
https://labs.f-secure.com/blog/samsung-s20-rce-via-samsung-galaxy-store-app/

Getting remote access to PC with Android via USB
https://youtu.be/PJbqZm73MOc

Link previews in chat apps can cause serious privacy problems
There were found several cases of apps with vulnerabilities such as: leaking IP addresses, exposing links sent in end-to-end encrypted chats, and unnecessarily downloading gigabytes of data quietly in the background
https://www.mysk.blog/2020/10/25/link-previews/

On Google Play were found 21 gaming apps that were packed with hidden adware
https://blog.avast.com/new-malware-apps-on-google-play-avast
IoC: https://docs.google.com/spreadsheets/d/1Cu6KVYG6VWWCZMY0A-vXlewXyfm7yd0djQtTzc82cyY/edit#gid=0

Android banking malware grew in Q3 with its detections more than four times compared to Q2
https://www.welivesecurity.com/wp-content/uploads/2020/10/ESET_Threat_Report_Q32020.pdf

DoNot Android APT group targets India, Pakistan and the Kashmir crisis
https://blog.talosintelligence.com/2020/10/donot-firestarter.html

Trend Micro CTF 2020 — Android Keybox writeup
https://tatocaster.medium.com/trend-micro-ctf-2020-keybox-writeup-cf5a69d2d091

How to monitor Wi-Fi networks using Samsung S7 (link with tutorial, how to install NetHunter, prerequisites, wifi adapter support list, ROM)
https://www.instagram.com/reel/CHF3snlAOOa/

Lockscreen and Authentication Improvements in Android 11
https://security.googleblog.com/2020/09/lockscreen-and-authentication.html