Internal of the Android kernel backdoor vulnerability CVE-2021-28663
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fvul.360.net%2Farchives%2F263
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fvul.360.net%2Farchives%2F263
Anubis Android Malware Analysis
https://0x1c3n.tech/anubis-android-malware-analysis
https://0x1c3n.tech/anubis-android-malware-analysis
iOS Pentesting 101
https://cobalt.io/blog/ios-pentesting-101
https://cobalt.io/blog/ios-pentesting-101
www.cobalt.io
iOS Pentesting 101
Learn essential techniques for iOS application security testing, exploring architecture, jailbreaking, SSL pinning, and more in this comprehensive pentesting guide.
Summary:
The blog provides a comprehensive guide to iOS application security testing, covering…
Summary:
The blog provides a comprehensive guide to iOS application security testing, covering…
FTC Bans Stalkerware App SpyFone; Orders Company to Erase Secretly Stolen Data
https://thehackernews.com/2021/09/ftc-bans-stalkerware-app-spyfone-orders.html
https://thehackernews.com/2021/09/ftc-bans-stalkerware-app-spyfone-orders.html
Vulnerability in WhatsApp could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image [CVE-2020-1910]
https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
Check Point Research
Now Patched Vulnerability in WhatsApp could have led to data exposure of users - Check Point Research
Research by Dikla Barda & Gal Elbaz As of 2021, WhatsApp is the most popular global mobile messenger app worldwide with approximately two billion monthly active users. It allows users to send text and voice messages, make voice and video calls, and share…
BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
https://asset-group.github.io/disclosures/braktooth/
https://asset-group.github.io/disclosures/braktooth/
INTRODUCING IHIDE – A NEW JAILBREAK DETECTION BYPASS TOOL
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
TrustedSec
Introducing iHide: A New Jailbreak Detection Bypass Tool
Today, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. Once installed, iHide will add a new entry in the iOS…
Phishing Android Malware Targets Taxpayers in India
Demo: https://www.instagram.com/reel/CTZwQM1Dbv8/
Research: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-android-malware-targets-taxpayers-in-india
Demo: https://www.instagram.com/reel/CTZwQM1Dbv8/
Research: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-android-malware-targets-taxpayers-in-india
McAfee Blog
Phishing Android Malware Targets Taxpayers in India | McAfee Blog
Authored by ChanUng Pak McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The
Malware found preinstalled in classic push-button phones sold in Russia
https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/
https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/
therecord.media
Malware found preinstalled in classic push-button phones sold in Russia
A security researcher has discovered malicious code inside the firmware of four low-budget push-button mobile phones sold through Russian online stores.
ThatWebInspector - Enabled Web Inspector for all iOS apps
https://github.com/evilpenguin/ThatWebInspector
https://github.com/evilpenguin/ThatWebInspector
GitHub
GitHub - evilpenguin/ThatWebInspector: Enabled Web Inspector for all iOS apps
Enabled Web Inspector for all iOS apps. Contribute to evilpenguin/ThatWebInspector development by creating an account on GitHub.
Rudroid - Writing the World's worst Android Emulator in Rust
https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
Analysis of Android espionage against Kurdish ethnic group using commercial 888 RAT that was distributed via dedicated Facebook profiles
https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/
https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/
WeLiveSecurity
BladeHawk group: Android espionage against Kurdish ethnic group
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, that has been active since at least March 2020.
Detailed report on new Android banker - S.O.V.A.
- discovered in August 2021
- includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
- discovered in August 2021
- includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
ThreatFabric
S.O.V.A. - A new Android Banking trojan with fowl intentions
A new Android trojan was advertised on hacking forums, featuring overlays, keylogging and with intentions of adding Ransomware attacks and DDoS
👍2
FORCEDENTRY - NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860 - processing a maliciously crafted PDF may lead to arbitrary code execution)
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
The Citizen Lab
FORCEDENTRY
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against…
Android malware distributed in Mexico uses Covid-19 to steal financial credentials
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/
McAfee Blog
Android malware distributed in Mexico uses Covid-19 to steal financial credentials | McAfee Blog
Authored by Fernando Ruiz McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank
BRATA malware for Android devices passed off as AntiSPAM
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fcert-agid.gov.it%2Fnews%2Fbrata-malware-per-dispositivi-android-spacciato-per-antispam%2F
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fcert-agid.gov.it%2Fnews%2Fbrata-malware-per-dispositivi-android-spacciato-per-antispam%2F
Flubot’s Smishing Campaigns under the Microscope
https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
Telekom
Flubot’s Smishing Campaigns under the Microscope
Maybe Flubot is for SMS what Emotet was for email: a spam kingpin. How does it work and how do the operators prevent infiltration?
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Trend Micro
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.
Another analysis of S.O.V.A. Android Banking Trojan
https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
iOS14.8: Patch CVE-2021-1740 again silently
https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
jhftss.github.io
iOS14.8: Patch CVE-2021-1740 again silently
As well known, iOS14.8 patched two 0 days in the wild, one of which is the pegasus 0-click vulnerability. You can get the root cause and more interesting findings by reading my analysis from here.