Possibilities how to unlock PIN protected Android device using ADB or HID method
https://youtu.be/x5Rt93jshC8
https://youtu.be/x5Rt93jshC8
❤2
Roaming Mantis Amplifies Smishing Campaign with OS-Specific Android Malware
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/roaming-mantis-amplifies-smishing-campaign-with-os-specific-android-malware/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/roaming-mantis-amplifies-smishing-campaign-with-os-specific-android-malware/
McAfee Blog
Roaming Mantis Amplifies Smishing Campaign with OS-Specific Android Malware | McAfee Blog
The Roaming Mantis smishing campaign has been impersonating a logistics company to steal SMS messages and contact lists from Asian Android users since
Security Vulnerabilities fixed in Firefox 88.0.1, Firefox for Android 88.1.3 (CVE-2021-29953: Universal Cross-Site Scripting)
https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/
https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/
Mozilla
Security Vulnerabilities fixed in Firefox 88.0.1, Firefox for Android 88.1.3
128M customers have downloaded the 2500+ apps that were containing malware known as XCodeGhost from the App Store
https://www.vice.com/amp/en/article/n7bbmz/the-fortnite-trial-is-exposing-details-about-the-biggest-iphone-hack-of-all-time
https://www.vice.com/amp/en/article/n7bbmz/the-fortnite-trial-is-exposing-details-about-the-biggest-iphone-hack-of-all-time
Trigger custom URL in Medium Android app
https://medium.com/@Mrcyberwarrior/exploiting-activity-in-medium-android-app-e2e6f3553eef
https://medium.com/@Mrcyberwarrior/exploiting-activity-in-medium-android-app-e2e6f3553eef
Medium
Exploiting Activity in medium android app
Hello friends I am Raju Kumar A.k.a Mrcyberwarrior. Let’s come to the story, I found vulnerabilities in the web as well as android…
Technical analysis of Android banking malware called TeaBot aka Antsa aka Toddler (it is not a FluBot)
https://f.hubspotusercontent10.net/hubfs/3993512/%5BTLP_WHITE%5DCleafyLABS_TeaBot_Technical_Analysis.pdf
https://f.hubspotusercontent10.net/hubfs/3993512/%5BTLP_WHITE%5DCleafyLABS_TeaBot_Technical_Analysis.pdf
Android overlay attacks on Belgian financial applications #TeaBot
https://blog.nviso.eu/2021/05/11/android-overlay-attacks-on-belgian-financial-applications/
https://blog.nviso.eu/2021/05/11/android-overlay-attacks-on-belgian-financial-applications/
NVISO Labs
New mobile malware family now also targets Belgian financial apps
While banking trojans have been around for a very long time now, we have never seen a mobile malware family attack the applications of Belgian financial institutions. Until today… Earlier thi…
Analysis and replication of tampered Instagram story that crashes the app
https://youtu.be/4jCetFetFQA
https://youtu.be/4jCetFetFQA
Fake Android and iOS apps disguise as trading and cryptocurrency apps
https://news.sophos.com/en-us/2021/05/12/fake-android-and-ios-apps-disguise-as-trading-and-cryptocurrency-apps/
https://news.sophos.com/en-us/2021/05/12/fake-android-and-ios-apps-disguise-as-trading-and-cryptocurrency-apps/
Sophos News
Fake Android and iOS apps disguise as trading and cryptocurrency apps
Criminals have published hundreds of bogus banking, finance, and cryptocurrency apps that steal your money
👍1
Android stalkerware vulnerabilities
Manual analysis of 58 Android stalkerware apps revealed 158 security and privacy issues
https://www.welivesecurity.com/2021/05/17/android-stalkerware-threatens-victims-further-exposes-snoopers-themselves/
Manual analysis of 58 Android stalkerware apps revealed 158 security and privacy issues
https://www.welivesecurity.com/2021/05/17/android-stalkerware-threatens-victims-further-exposes-snoopers-themselves/
WeLiveSecurity
Android stalkerware threatens victims further and exposes snoopers themselves
ESET research shows that Android stalkerware apps are riddled with security flaws that may also expose the privacy and security of the stalkers themselves.
How Flubot targets Android phone users and their money
https://www.nortonlifelock.com/blogs/research-group/flubot-targets-android-phone-users
https://www.nortonlifelock.com/blogs/research-group/flubot-targets-android-phone-users
Four Android vulnerabilities patched earlier this month may be under limited, targeted exploitation (CVE-2021-1905, CVE-2021-1906, CVE-2021-28663, CVE-2021-28664)
https://therecord.media/arm-and-qualcomm-zero-days-quietly-patched-in-this-months-android-security-updates/
https://therecord.media/arm-and-qualcomm-zero-days-quietly-patched-in-this-months-android-security-updates/
therecord.media
Arm and Qualcomm zero-days quietly patched in this month\'s Android security updates
Google has updated today the May 2021 Android security bulletin to reveal that four of the bugs patched earlier this month \"may be under limited, targeted exploitation.\"
Fuzzing iOS code on macOS at native speed
https://googleprojectzero.blogspot.com/2021/05/fuzzing-ios-code-on-macos-at-native.html
https://googleprojectzero.blogspot.com/2021/05/fuzzing-ios-code-on-macos-at-native.html
Blogspot
Fuzzing iOS code on macOS at native speed
Or how iOS apps on macOS work under the hood Posted by Samuel Groß, Project Zero This short post explains how code compiled for iOS ...
UC Browser - the 4th largest mobile browser exfiltrates users’ data even in Incognito mode
https://hookgab.medium.com/ucbrowser-privacy-study-ecff96fbcee4
https://hookgab.medium.com/ucbrowser-privacy-study-ecff96fbcee4
Medium
UCBrowser privacy study
Full browser history leakage
Mockups of Popular Android Apps Spread Teabot and Flubot Malware
https://labs.bitdefender.com/2021/06/threat-actors-use-mockups-of-popular-apps-to-spread-teabot-and-flubot-malware-on-android/
https://labs.bitdefender.com/2021/06/threat-actors-use-mockups-of-popular-apps-to-spread-teabot-and-flubot-malware-on-android/
Bitdefender Labs
Daily source of cyber-threat information. Established 2001.
Persistent Arbitrary code execution in Mattermost Android app
https://hackerone.com/reports/1115864
https://hackerone.com/reports/1115864
HackerOne
Mattermost disclosed on HackerOne: Persistant Arbitrary code...
## Summary:
Activity `com.mattermost.share.ShareActivity` is is exported and is designed to allow file sharing from third party application to mattermost android app.
```
<activity...
Activity `com.mattermost.share.ShareActivity` is is exported and is designed to allow file sharing from third party application to mattermost android app.
```
<activity...
How to exploit insecure WebResourceResponse configurations + an example vulnerability in Amazon apps
https://blog.oversecured.com/Android-Exploring-vulnerabilities-in-WebResourceResponse/
https://blog.oversecured.com/Android-Exploring-vulnerabilities-in-WebResourceResponse/
News, Techniques & Guides
Android: Exploring vulnerabilities in WebResourceResponse
When it comes to vulnerabilities in WebViews, we often overlook the incorrect implementation of
OnePlus - Elevated package privileges
https://bugs.chromium.org/p/apvi/issues/detail?id=46&q=&can=1
https://bugs.chromium.org/p/apvi/issues/detail?id=46&q=&can=1
Key aspects of secure networking on iOS
https://www.securing.pl/en/key-aspects-of-secure-networking-on-ios/
https://www.securing.pl/en/key-aspects-of-secure-networking-on-ios/
Securing
Key aspects of secure networking on iOS - Securing
More and more developers have become aware of the need for secure networking. However, we still see programs that use unencrypted HTTP on occasion. This article is all about secure networking on iOS.