Multiple Address Bar Spoofing Vulnerabilities In Mobile Browsers (Safari, Yandex for Android, Opera Touch for iOS, UC Browser for Android, Opera Mini Android, RITS Browser and Bolt Browser iOS)
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html

HID attack against PC with Android
This is HID (Human Interface Device) attack against Windows 10, using Samsung S7 (HID) that downloads and executes Metasploit payload by hijacking its keyboard. The second Android device is running meterpreter listener and once payload is launched, device is owned
https://www.instagram.com/p/CGrXqKxg41l/

New education article: all about attacks on Android implicit intents
https://blog.oversecured.com/Interception-of-Android-implicit-intents/

Android arbitrary code execution
Frida noscript that helps to identify potential ACE dynamically
https://github.com/androidmalware/android_frida_noscripts#1-file_existsjs

Samsung S20 - RCE via Samsung Galaxy Store App
https://labs.f-secure.com/blog/samsung-s20-rce-via-samsung-galaxy-store-app/

Getting remote access to PC with Android via USB
https://youtu.be/PJbqZm73MOc

Link previews in chat apps can cause serious privacy problems
There were found several cases of apps with vulnerabilities such as: leaking IP addresses, exposing links sent in end-to-end encrypted chats, and unnecessarily downloading gigabytes of data quietly in the background
https://www.mysk.blog/2020/10/25/link-previews/

On Google Play were found 21 gaming apps that were packed with hidden adware
https://blog.avast.com/new-malware-apps-on-google-play-avast
IoC: https://docs.google.com/spreadsheets/d/1Cu6KVYG6VWWCZMY0A-vXlewXyfm7yd0djQtTzc82cyY/edit#gid=0

Android banking malware grew in Q3 with its detections more than four times compared to Q2
https://www.welivesecurity.com/wp-content/uploads/2020/10/ESET_Threat_Report_Q32020.pdf

DoNot Android APT group targets India, Pakistan and the Kashmir crisis
https://blog.talosintelligence.com/2020/10/donot-firestarter.html

Trend Micro CTF 2020 — Android Keybox writeup
https://tatocaster.medium.com/trend-micro-ctf-2020-keybox-writeup-cf5a69d2d091

How to monitor Wi-Fi networks using Samsung S7 (link with tutorial, how to install NetHunter, prerequisites, wifi adapter support list, ROM)
https://www.instagram.com/reel/CHF3snlAOOa/

Lockscreen and Authentication Improvements in Android 11
https://security.googleblog.com/2020/09/lockscreen-and-authentication.html

Bypass SSL pinning on iOS 8 to iOS 14
https://github.com/evilpenguin/SSLBypass

APKProxyHelper paches an apk for proxying
https://github.com/evilpenguin/APKProxyHelper

How to identify dynamically loaded binaries in Android apps. Useful for Bug Bounty and malware analysis of dynamically loaded payloads
Commands
# ps | grep "APP_NAME"
# cat /proc/PID/maps | grep "/data/data/"
Demo: https://www.instagram.com/tv/CHXv3iBAJ5V/
Info: https://sayfer.io/blog/dynamic-loading-in-android-applications-with-proc-maps/

New Android banking trojan - Ghimob - targets 122 financial institutions mainly in Brazil
https://securelist.com/ghimob-tetrade-threat-mobile-devices/99228/

Joker’s New Tricks: Using Github To Hide Its Payload
https://www.trendmicro.com/en_us/research/20/k/an-old-jokers-new-tricks--using-github-to-hide-its-payload.html

XPCSniffer dumps XPC information to a file and the console #iOS
https://github.com/evilpenguin/XPCSniffer

VivaVideo Android app is responsible for unwanted premium subnoscription fraud and invisible ads
https://www.upstreamsystems.com/27-million-premium-subnoscription-fraud-and-invisible-ads-within-vivavideo-identified-by-secure-d/

Vulnerable Banking Application for Android
https://github.com/rewanth1997/Damn-Vulnerable-Bank