How to monitor Wi-Fi networks using Samsung S7 (link with tutorial, how to install NetHunter, prerequisites, wifi adapter support list, ROM)
https://www.instagram.com/reel/CHF3snlAOOa/
https://www.instagram.com/reel/CHF3snlAOOa/
👏1
Lockscreen and Authentication Improvements in Android 11
https://security.googleblog.com/2020/09/lockscreen-and-authentication.html
https://security.googleblog.com/2020/09/lockscreen-and-authentication.html
Google Online Security Blog
Lockscreen and Authentication Improvements in Android 11
Posted by Haining Chen, Vishwath Mohan, Kevin Chyn and Liz Louis, Android Security Team [Cross-posted from the Android Developers Blog ] ...
How to identify dynamically loaded binaries in Android apps. Useful for Bug Bounty and malware analysis of dynamically loaded payloads
Commands
# ps | grep "APP_NAME"
# cat /proc/PID/maps | grep "/data/data/"
Demo: https://www.instagram.com/tv/CHXv3iBAJ5V/
Info: https://sayfer.io/blog/dynamic-loading-in-android-applications-with-proc-maps/
Commands
# ps | grep "APP_NAME"
# cat /proc/PID/maps | grep "/data/data/"
Demo: https://www.instagram.com/tv/CHXv3iBAJ5V/
Info: https://sayfer.io/blog/dynamic-loading-in-android-applications-with-proc-maps/
Sayfer
Detecting Dynamic Loading in Android Applications With /proc/maps - Sayfer
Through dynamic loading malware authors can covertly load malicious code into their application in order to avoid detection. We can detect such loading...
New Android banking trojan - Ghimob - targets 122 financial institutions mainly in Brazil
https://securelist.com/ghimob-tetrade-threat-mobile-devices/99228/
https://securelist.com/ghimob-tetrade-threat-mobile-devices/99228/
Securelist
Ghimob: a Tétrade threat actor moves to infect mobile devices
Guildma's new creation, the Ghimob banking trojan, has been a move toward infecting mobile devices, targeting financial apps from banks, fintechs, exchanges and cryptocurrencies.
Joker’s New Tricks: Using Github To Hide Its Payload
https://www.trendmicro.com/en_us/research/20/k/an-old-jokers-new-tricks--using-github-to-hide-its-payload.html
https://www.trendmicro.com/en_us/research/20/k/an-old-jokers-new-tricks--using-github-to-hide-its-payload.html
Trend Micro
An Old Joker’s New Tricks: Using Github To Hide Its Payload
We recently detected a new version of the Joker mobile malware on a sample on Google Play. This update utilizes Github pages and repositories in an attempt to evade detection.
👍1
XPCSniffer dumps XPC information to a file and the console #iOS
https://github.com/evilpenguin/XPCSniffer
https://github.com/evilpenguin/XPCSniffer
GitHub
GitHub - evilpenguin/XPCSniffer: Sniff XPC goodies on your iOS device.
Sniff XPC goodies on your iOS device. Contribute to evilpenguin/XPCSniffer development by creating an account on GitHub.
VivaVideo Android app is responsible for unwanted premium subnoscription fraud and invisible ads
https://www.upstreamsystems.com/27-million-premium-subnoscription-fraud-and-invisible-ads-within-vivavideo-identified-by-secure-d/
https://www.upstreamsystems.com/27-million-premium-subnoscription-fraud-and-invisible-ads-within-vivavideo-identified-by-secure-d/
Upstream
$27 million Premium Subnoscription Fraud and Invisible Ads within VivaVideo Identified by Secure-D - Upstream
Upstream’s mobile security platform Secure-D identified that a popular Android app was responsible for over 20 million fraudulent transaction attempts.
Vulnerable Banking Application for Android
https://github.com/rewanth1997/Damn-Vulnerable-Bank
https://github.com/rewanth1997/Damn-Vulnerable-Bank
GitHub
GitHub - rewanthtammana/Damn-Vulnerable-Bank: Damn Vulnerable Bank is designed to be an intentionally vulnerable android application.…
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills. - rewanthtammana/Damn-...
Evernote: Universal-XSS, theft of all cookies from all sites, and more
https://blog.oversecured.com/Evernote-Universal-XSS-theft-of-all-cookies-from-all-sites-and-more/
https://blog.oversecured.com/Evernote-Universal-XSS-theft-of-all-cookies-from-all-sites-and-more/
Remotely stealing cookies from Firefox for Android by visiting an exploit website (CVE-2020-15647)
PoC: https://gist.github.com/kanytu/7fe0640c87b0f3e57bda51e784a7255d
Research: https://medium.com/bugbountywriteup/firefox-and-how-a-website-could-steal-all-of-your-cookies-581fe4648e8d
PoC: https://gist.github.com/kanytu/7fe0640c87b0f3e57bda51e784a7255d
Research: https://medium.com/bugbountywriteup/firefox-and-how-a-website-could-steal-all-of-your-cookies-581fe4648e8d
Gist
CVE-2020-15647 PoC
CVE-2020-15647 PoC. GitHub Gist: instantly share code, notes, and snippets.
Unpatched vulnerability found in GO SMS Pro app allows unauthorized users to see shared media attachments
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/go-sms-pro-vulnerable-to-media-file-theft/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/go-sms-pro-vulnerable-to-media-file-theft/
Running code in the context of iOS Kernel: Part I + LPE POC on iOS 13.7
https://blog.zecops.com/vulnerabilities/running-code-in-the-context-of-ios-kernel-part-i-lpe-poc-on-ios-13-7/
https://blog.zecops.com/vulnerabilities/running-code-in-the-context-of-ios-kernel-part-i-lpe-poc-on-ios-13-7/
Mobile threat evolution Q3 2020
https://securelist.com/it-threat-evolution-q3-2020-mobile-statistics/99461/
https://securelist.com/it-threat-evolution-q3-2020-mobile-statistics/99461/
Securelist
IT threat evolution Q3 2020 Mobile statistics
The statistics presented here draw on detection verdicts returned by Kaspersky products and received from users who consented to providing statistical data. Quarterly figures According to Kaspersky Security Network, the third quarter saw: 1,189 797 detected…
Vulnerability found in Facebook Messenger for Android that causes audio call to connect before callee has answered the call (bounty $60,000)
https://bugs.chromium.org/p/project-zero/issues/detail?id=2098&s=03
https://bugs.chromium.org/p/project-zero/issues/detail?id=2098&s=03
More than 20 fake Minecraft mods discovered on Google Play (adware)
https://www.kaspersky.com/blog/minecraft-mod-adware-google-play/37717/
https://www.kaspersky.com/blog/minecraft-mod-adware-google-play/37717/
Kaspersky
Malware disguised as Minecraft mods on Google Play
More than 20 apps on Google Play that promised cool Minecraft mods turned out to be malicious.
Enter WAPDropper – Subscribe Users To Premium Services By Telecom Companies
https://research.checkpoint.com/2020/enter-wapdropper-subscribe-users-to-premium-services-by-telecom-companies/
https://research.checkpoint.com/2020/enter-wapdropper-subscribe-users-to-premium-services-by-telecom-companies/
Check Point Research
Enter WAPDropper – An Android Malware Subscribing Victims To Premium Services By Telecom Companies - Check Point Research
Research by: Aviran Hazum, Danil Golubenko, Ohad Mana Overview Check Point researchers recently encountered WAPDropper, a new malware which downloads and executes an additional payload. In the current campaign, it drops a WAP premium dialer which subscribes…
Noia: Simple Android and iOS (newly added feature) application sandbox file browser tool #Frida
https://github.com/0x742/noia
https://github.com/0x742/noia
GitHub
GitHub - 0x742/noia: [WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re).
[WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re). - 0x742/noia
This media is not supported in your browser
VIEW IN TELEGRAM
Run Hydra on Android to bruteforce passwords in Termux
How to crack a password of HTTP, SSH, VNC services using Hydra
Full video: https://www.instagram.com/tv/CIN7bDFghz9/
How to crack a password of HTTP, SSH, VNC services using Hydra
Full video: https://www.instagram.com/tv/CIN7bDFghz9/