Enter WAPDropper – Subscribe Users To Premium Services By Telecom Companies
https://research.checkpoint.com/2020/enter-wapdropper-subscribe-users-to-premium-services-by-telecom-companies/
https://research.checkpoint.com/2020/enter-wapdropper-subscribe-users-to-premium-services-by-telecom-companies/
Check Point Research
Enter WAPDropper – An Android Malware Subscribing Victims To Premium Services By Telecom Companies - Check Point Research
Research by: Aviran Hazum, Danil Golubenko, Ohad Mana Overview Check Point researchers recently encountered WAPDropper, a new malware which downloads and executes an additional payload. In the current campaign, it drops a WAP premium dialer which subscribes…
Noia: Simple Android and iOS (newly added feature) application sandbox file browser tool #Frida
https://github.com/0x742/noia
https://github.com/0x742/noia
GitHub
GitHub - 0x742/noia: [WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re).
[WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re). - 0x742/noia
This media is not supported in your browser
VIEW IN TELEGRAM
Run Hydra on Android to bruteforce passwords in Termux
How to crack a password of HTTP, SSH, VNC services using Hydra
Full video: https://www.instagram.com/tv/CIN7bDFghz9/
How to crack a password of HTTP, SSH, VNC services using Hydra
Full video: https://www.instagram.com/tv/CIN7bDFghz9/
iOS 1-day hunting: uncovering and exploiting CVE-2020-27950 kernel memory leak
https://www.synacktiv.com/publications/ios-1-day-hunting-uncovering-and-exploiting-cve-2020-27950-kernel-memory-leak.html
https://www.synacktiv.com/publications/ios-1-day-hunting-uncovering-and-exploiting-cve-2020-27950-kernel-memory-leak.html
Synacktiv
iOS 1-day hunting: uncovering and exploiting CVE-2020-27950 kernel
Android AdFraud found on Google Play Store
Within the interval of several seconds it loads list of websites inside the invisible WebView
https://vms.drweb.com/virus/?i=22891890
Within the interval of several seconds it loads list of websites inside the invisible WebView
https://vms.drweb.com/virus/?i=22891890
Dr.Web
Android.Mixi.44.origin — Dr.Web Malware denoscription library
A malicious program which main purpose is to open web links as well as to load and display websites on-top of other apps windows. It was originally found in the app called Eye Care - Your close Eye Care Assistant (its another name is Eye Care Mini —— 急速护眼)…
Google discovered iOS zero-click Wi-Fi wormable exploit
Remotely triggered an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proximity to reboot, with no user interaction.
Exploiting this vulnerability it is possible to run arbitrary code on any nearby iOS device and steal all the user data.
This security issue is fixed now.
https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html
Remotely triggered an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proximity to reboot, with no user interaction.
Exploiting this vulnerability it is possible to run arbitrary code on any nearby iOS device and steal all the user data.
This security issue is fixed now.
https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html
Blogspot
An iOS zero-click radio proximity exploit odyssey
Posted by Ian Beer, Project Zero NOTE: This specific issue was fixed before the launch of Privacy-Preserving Contact Tracing in iOS 13.5 in...
Vulnerability in Google Play Core Library Remains Unpatched in Google Play Applications
If an attacker uses file traversal, the payload is written to the verified folder, and is automatically loaded into the vulnerable application and executed within its scope.
https://research.checkpoint.com/2020/vulnerability-in-google-play-core-library-remains-unpatched-in-google-play-applications/
If an attacker uses file traversal, the payload is written to the verified folder, and is automatically loaded into the vulnerable application and executed within its scope.
https://research.checkpoint.com/2020/vulnerability-in-google-play-core-library-remains-unpatched-in-google-play-applications/
Check Point Research
Vulnerability in Google Play Core Library Remains Unpatched in Google Play Applications - Check Point Research
Research by: Aviran Hazum, Jonathan Shimonovich Overview: A new vulnerability for the Google Play Core Library was published in late August, which allows Local-Code-Execution (LCE) within the scope of any application that has the vulnerable version of the…
👍1
The Facebook Messenger Leaking Access Token Of Million Users to third party site
https://medium.com/bugbountywriteup/how-i-found-the-facebook-messenger-leaking-access-token-of-million-users-8ee4b3f1e5e3
https://medium.com/bugbountywriteup/how-i-found-the-facebook-messenger-leaking-access-token-of-million-users-8ee4b3f1e5e3
Medium
How I Found The Facebook Messenger Leaking Access Token Of Million Users
Hi everyone,
ASLR & the iOS Kernel — How virtual address spaces are randomised
https://bellis1000.medium.com/aslr-the-ios-kernel-how-virtual-address-spaces-are-randomised-d76d14dc7ebb
https://bellis1000.medium.com/aslr-the-ios-kernel-how-virtual-address-spaces-are-randomised-d76d14dc7ebb
Medium
ASLR & the iOS Kernel — How virtual address spaces are randomised
In this blog post I wanted to take a look at ASLR and how the iOS kernel implements it for user-space processes.
Deep Dive into an Obfuscation-as-a-Service for Android Malware
https://www.stratosphereips.org/blog/2020/12/03/deep-dive-into-an-obfuscation-as-a-service-for-android-malware
https://www.stratosphereips.org/blog/2020/12/03/deep-dive-into-an-obfuscation-as-a-service-for-android-malware
Stratosphere Laboratory
Deep Dive into an Obfuscation-as-a-Service for Android Malware — Stratosphere Laboratory
While confined in our homes studying the interactions of individuals involved in the spread of the Android banking Trojan botnet (known as Geost), we encountered a unique opportunity: investigate an automated obfuscation-as-a-service platform for Android…
More than 20 million Gionee phones secretly implanted with Trojan Horses to make money
https://www.gizmochina.com/2020/12/05/more-than-20-million-gionee-phones-secretly-implanted-with-trojan-horses-to-make-money/
https://www.gizmochina.com/2020/12/05/more-than-20-million-gionee-phones-secretly-implanted-with-trojan-horses-to-make-money/
Gizmochina
More than 20 million Gionee phones secretly implanted with Trojan Horses to make money
Recently, the China Judgment Document Network published a verdict on the illegal control of computer information systems found to have been executed on Gionee phones. According to the court details, more than 20 million Gionee phones were intentionally inflicted…
Rana Android malware family, attributed by the US government to the Iran-linked APT39 group (also known as Chafer, Cadelspy, Remexi, and ITG07)
https://blog.reversinglabs.com/blog/rana-android-malware
https://blog.reversinglabs.com/blog/rana-android-malware
ReversingLabs
Rana Android Malware
Your past catches up, sooner or later...
Microsoft Edge for Android Spoofing Vulnerability (CVE-2020-17153)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17153
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17153
Cellebrite’s New Solution for Decrypting the Signal App
http://web.archive.org/web/20201210150311/https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/
http://web.archive.org/web/20201210150311/https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/
Bypass antiroot detection for Xamarin apps using Frida
https://codeshare.frida.re/@Gand3lf/xamarin-antiroot/
https://codeshare.frida.re/@Gand3lf/xamarin-antiroot/
Decrypting File encrypted by Monaca Plugin
http://blog.rz.my/2020/12/decrypting-monaca-encrypt-plugin.html
http://blog.rz.my/2020/12/decrypting-monaca-encrypt-plugin.html
blog.rz.my
Decrypting File encrypted by Monaca Plugin
New Spyware Used by Sextortionists to Blackmail iOS and Android Users
https://blog.lookout.com/lookout-discovers-new-spyware-goontact-used-by-sextortionists-for-blackmail
https://blog.lookout.com/lookout-discovers-new-spyware-goontact-used-by-sextortionists-for-blackmail
Lookout
New Spyware Used by Sextortionists | iOS/Android Blackmail | Threat Intel
The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.
Exploiting new-era of Request forgery on mobile applications
http://dphoeniixx.com/2020/12/13-2/
http://dphoeniixx.com/2020/12/13-2/