OnePlus - Elevated package privileges
https://bugs.chromium.org/p/apvi/issues/detail?id=46&q=&can=1
https://bugs.chromium.org/p/apvi/issues/detail?id=46&q=&can=1
Key aspects of secure networking on iOS
https://www.securing.pl/en/key-aspects-of-secure-networking-on-ios/
https://www.securing.pl/en/key-aspects-of-secure-networking-on-ios/
Securing
Key aspects of secure networking on iOS - Securing
More and more developers have become aware of the need for secure networking. However, we still see programs that use unencrypted HTTP on occasion. This article is all about secure networking on iOS.
Forwarded from The Bug Bounty Hunter
Getting started with Android Application Security
https://blog.cobalt.io/getting-started-with-android-application-security-6f20b76d795b
https://blog.cobalt.io/getting-started-with-android-application-security-6f20b76d795b
Two weeks of securing Samsung devices: Part 1
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/
News, Techniques & Guides
Two weeks of securing Samsung devices: Part 1
After spending two weeks looking for security bugs in the pre-installed apps on Samsung devices, we were able to find multiple dangerous vulnerabilities.
Mistune - remote exploit targeting iOS 14.2 on iPhone 11 triggered by opening a malicious link
https://blog.chichou.me/mistune/
https://blog.chichou.me/mistune/
Mistune Bug
Mistune is a remote exploit demostrated at TianfuCup 2020. It consists of two bugs that were introduced by iOS 3 and iOS 6 respectively
iOS Malicious Bit Hunter - malicious plug-in detection engine for iOS applications
https://github.com/alipay/ios-malicious-bithunter
https://github.com/alipay/ios-malicious-bithunter
GitHub
GitHub - alipay/ios-malicious-bithunter: iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications.…
iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the macho file of the injected dylib dynamic library based on runtime. If you are i...
Culpritware - apps which make profit from victims through deceiving, threatening or other criminal actions
https://arxiv.org/pdf/2106.05756.pdf
https://arxiv.org/pdf/2106.05756.pdf
Android screen lock protection thwarted by Facebook Messenger Rooms exploit
https://portswigger.net/daily-swig/android-screen-lock-protection-thwarted-by-facebook-messenger-rooms-exploit
https://portswigger.net/daily-swig/android-screen-lock-protection-thwarted-by-facebook-messenger-rooms-exploit
Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild (CVE-2021-30761, CVE-2021-30762)
https://thehackernews.com/2021/06/apple-issues-urgent-patches-for-2-zero.html
https://thehackernews.com/2021/06/apple-issues-urgent-patches-for-2-zero.html
The Hacker News
Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild
Apple releases emergency patches for two zero-day vulnerabilities found in the wild
Unpacking Android Apps via a Hardware-Assisted Approach
https://yajin.org/papers/sp21_happer.pdf
https://yajin.org/papers/sp21_happer.pdf
Analysis of bypassing Android Verified Boot process on the Peloton Bike+
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-program-for-your-peloton-whether-you-like-it-or-not/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-program-for-your-peloton-whether-you-like-it-or-not/
McAfee Blog
A New Program for Your Peloton – Whether You Like It or Not | McAfee Blog
Executive Summary The McAfee Advanced Threat Research team (ATR) is committed to uncovering security issues in both software and hardware to help
Google fixes a persistent code execution in their app
https://blog.oversecured.com/Why-dynamic-code-loading-could-be-dangerous-for-your-apps-a-Google-example/
https://blog.oversecured.com/Why-dynamic-code-loading-could-be-dangerous-for-your-apps-a-Google-example/
News, Techniques & Guides
Why dynamic code loading could be dangerous for your apps: a Google example
Almost every Android app dynamically loads code from native .so libraries or .dex files. There are also some special libraries like Google Play Core to simplify this process.
Forwarded from The Bug Bounty Hunter
iOS App Testing Through Burp on Corellium
https://defparam.medium.com/ios-app-testing-through-burp-on-corellium-fe59ed849516
https://defparam.medium.com/ios-app-testing-through-burp-on-corellium-fe59ed849516
Medium
iOS App Testing Through Burp on Corellium
Introduction
Forwarded from The Bug Bounty Hunter
Quick Analysis for the SSID Format String Bug
https://blog.chichou.me/2021/06/20/quick-analysis-wifid/
https://blog.chichou.me/2021/06/20/quick-analysis-wifid/
codecolor.ist
Quick Analysis for the SSID Format String Bug | CodeColorist
A rogue Wi-Fi hotspot can crash your phone.
Teabot : Android Banking Trojan Targets Banks in Europe
https://labs.k7computing.com/?p=22407&s=03
https://labs.k7computing.com/?p=22407&s=03
K7 Labs
Teabot : Android Banking Trojan Targets Banks in Europe
The Teabot (aka ‘Anatsa’) is a new Android Banking Trojan with an array of malicious features that aid in the […]
Android FluBot enters Switzerland
https://securityblog.switch.ch/2021/06/19/android-flubot-enters-switzerland/
https://securityblog.switch.ch/2021/06/19/android-flubot-enters-switzerland/
SWITCH Security-Blog
Android FluBot enters Switzerland
FluBot is a new Android malware first discovered in December 2020. During the first few months, FluBot has been active in Spain, Hungary and Poland. Since then, the development of the malware advan…
Check out Medusa's Flutter Certificate Pinning bypass modules:
verify_cert_chain_bypass_v7a.med
verify_cert_chain_bypass_v8a.med
verify_cert_chain_bypass_x86_64.med
https://github.com/Ch0pin/medusa
verify_cert_chain_bypass_v7a.med
verify_cert_chain_bypass_v8a.med
verify_cert_chain_bypass_x86_64.med
https://github.com/Ch0pin/medusa
GitHub
GitHub - Ch0pin/medusa: Mobile Edge-Dynamic Unified Security Analysis
Mobile Edge-Dynamic Unified Security Analysis. Contribute to Ch0pin/medusa development by creating an account on GitHub.
Google Play store applications laced with Joker malware yet again
https://blogs.quickheal.com/google-play-store-applications-laced-with-joker-malware-yet-again/
https://blogs.quickheal.com/google-play-store-applications-laced-with-joker-malware-yet-again/
Quick Heal Blog
Google Play store applications laced with Joker malware yet again
For the last three years, Joker Trojan is making its way on Google Play Store. Quick Heal Security...
DroidMorph tool generates Android Malware Clones
https://arxiv.org/pdf/2106.09218.pdf
https://arxiv.org/pdf/2106.09218.pdf
Bug Bounty on Android : setup your Genymotion environment for APK analysis
https://blog.yeswehack.com/yeswerhackers/bug-bounty-android-setup-genymotion-environment-apk-analysis/
https://blog.yeswehack.com/yeswerhackers/bug-bounty-android-setup-genymotion-environment-apk-analysis/
Yeswehack
YesWeHack - Global Bug Bounty & Vulnerability Management Platform
YesWeHack is a global Bug Bounty & Vulnerability Management Platform. With a worldwide presence, YesWeHack connects organisations to tens of thousands of bug hunters. The aim is to uncover and patch vulnerabilities in websites, mobile apps, connected devices…