Common mistakes when using permissions in Android
https://blog.oversecured.com/Common-mistakes-when-using-permissions-in-Android/
https://blog.oversecured.com/Common-mistakes-when-using-permissions-in-Android/
News, Techniques & Guides
Common mistakes when using permissions in Android
When an Android app needs access to sensitive resources on the device, the app developers make use of the permissions model. While the model can be quite simple to use, developers often make mistakes when using permissions and this leads to security problems.
Triada Trojan in WhatsApp mod
https://securelist.com/triada-trojan-in-whatsapp-mod/103679/
https://securelist.com/triada-trojan-in-whatsapp-mod/103679/
Securelist
Triada Trojan in WhatsApp mod
We discovered that the Trojan Triada snook into one of modified versions of the WhatsApp messenger called FMWhatsapp 16.80.0 together with the advertising software development kit (SDK).
From Pearl to Pegasus Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits
https://citizenlab.ca/2021/08/bahrain-hacks-activists-with-nso-group-zero-click-iphone-exploits/
https://citizenlab.ca/2021/08/bahrain-hacks-activists-with-nso-group-zero-click-iphone-exploits/
The Citizen Lab
From Pearl to Pegasus
We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of…
Solving Android CTF with Frida - Part 6
https://cmrodriguez.me/blog/hpandro-6/
https://cmrodriguez.me/blog/hpandro-6/
cmrodriguez.me
Cesar Rodriguez | Personal blog
frida ctf challenge emulator detection
Hacking Xiaomi's android apps - Part 1
http://blog.takemyhand.xyz/2021/07/hacking-on-xiaomis-android-apps.html
http://blog.takemyhand.xyz/2021/07/hacking-on-xiaomis-android-apps.html
👍2
hpAndro Vulnerable Application Challenges
part 1 - https://nibarius.github.io/learning-frida/2021/08/26/hpandro-part1
part 2 - https://nibarius.github.io/learning-frida/2021/08/28/hpandro-part2
part 3 - https://nibarius.github.io/learning-frida/2021/08/29/hpandro-hidden-levels
part 1 - https://nibarius.github.io/learning-frida/2021/08/26/hpandro-part1
part 2 - https://nibarius.github.io/learning-frida/2021/08/28/hpandro-part2
part 3 - https://nibarius.github.io/learning-frida/2021/08/29/hpandro-hidden-levels
Learning Frida
hpAndro Vulnerable Application Challenges - part 1
hpAndro Vulnerable Application is an Android CTF with a lot of challenges (100 at the time of writing) and new challenges are added every now and then. The challenges are based on the OWASP Mobile Security Testing Guide and there are many different types…
Internal of the Android kernel backdoor vulnerability CVE-2021-28663
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fvul.360.net%2Farchives%2F263
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fvul.360.net%2Farchives%2F263
Anubis Android Malware Analysis
https://0x1c3n.tech/anubis-android-malware-analysis
https://0x1c3n.tech/anubis-android-malware-analysis
iOS Pentesting 101
https://cobalt.io/blog/ios-pentesting-101
https://cobalt.io/blog/ios-pentesting-101
www.cobalt.io
iOS Pentesting 101
Learn essential techniques for iOS application security testing, exploring architecture, jailbreaking, SSL pinning, and more in this comprehensive pentesting guide.
Summary:
The blog provides a comprehensive guide to iOS application security testing, covering…
Summary:
The blog provides a comprehensive guide to iOS application security testing, covering…
FTC Bans Stalkerware App SpyFone; Orders Company to Erase Secretly Stolen Data
https://thehackernews.com/2021/09/ftc-bans-stalkerware-app-spyfone-orders.html
https://thehackernews.com/2021/09/ftc-bans-stalkerware-app-spyfone-orders.html
Vulnerability in WhatsApp could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image [CVE-2020-1910]
https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
Check Point Research
Now Patched Vulnerability in WhatsApp could have led to data exposure of users - Check Point Research
Research by Dikla Barda & Gal Elbaz As of 2021, WhatsApp is the most popular global mobile messenger app worldwide with approximately two billion monthly active users. It allows users to send text and voice messages, make voice and video calls, and share…
BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
https://asset-group.github.io/disclosures/braktooth/
https://asset-group.github.io/disclosures/braktooth/
INTRODUCING IHIDE – A NEW JAILBREAK DETECTION BYPASS TOOL
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
TrustedSec
Introducing iHide: A New Jailbreak Detection Bypass Tool
Today, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. Once installed, iHide will add a new entry in the iOS…
Phishing Android Malware Targets Taxpayers in India
Demo: https://www.instagram.com/reel/CTZwQM1Dbv8/
Research: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-android-malware-targets-taxpayers-in-india
Demo: https://www.instagram.com/reel/CTZwQM1Dbv8/
Research: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-android-malware-targets-taxpayers-in-india
McAfee Blog
Phishing Android Malware Targets Taxpayers in India | McAfee Blog
Authored by ChanUng Pak McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The
Malware found preinstalled in classic push-button phones sold in Russia
https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/
https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/
therecord.media
Malware found preinstalled in classic push-button phones sold in Russia
A security researcher has discovered malicious code inside the firmware of four low-budget push-button mobile phones sold through Russian online stores.
ThatWebInspector - Enabled Web Inspector for all iOS apps
https://github.com/evilpenguin/ThatWebInspector
https://github.com/evilpenguin/ThatWebInspector
GitHub
GitHub - evilpenguin/ThatWebInspector: Enabled Web Inspector for all iOS apps
Enabled Web Inspector for all iOS apps. Contribute to evilpenguin/ThatWebInspector development by creating an account on GitHub.
Rudroid - Writing the World's worst Android Emulator in Rust
https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
Analysis of Android espionage against Kurdish ethnic group using commercial 888 RAT that was distributed via dedicated Facebook profiles
https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/
https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/
WeLiveSecurity
BladeHawk group: Android espionage against Kurdish ethnic group
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, that has been active since at least March 2020.
Detailed report on new Android banker - S.O.V.A.
- discovered in August 2021
- includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
- discovered in August 2021
- includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
ThreatFabric
S.O.V.A. - A new Android Banking trojan with fowl intentions
A new Android trojan was advertised on hacking forums, featuring overlays, keylogging and with intentions of adding Ransomware attacks and DDoS
👍2
FORCEDENTRY - NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860 - processing a maliciously crafted PDF may lead to arbitrary code execution)
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
The Citizen Lab
FORCEDENTRY
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against…
Android malware distributed in Mexico uses Covid-19 to steal financial credentials
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/
McAfee Blog
Android malware distributed in Mexico uses Covid-19 to steal financial credentials | McAfee Blog
Authored by Fernando Ruiz McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank