BRAKTOOTH: Causing Havoc on Bluetooth Link Manager
https://asset-group.github.io/disclosures/braktooth/
https://asset-group.github.io/disclosures/braktooth/
INTRODUCING IHIDE – A NEW JAILBREAK DETECTION BYPASS TOOL
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
https://www.trustedsec.com/blog/introducing-ihide-a-new-jailbreak-detection-bypass-tool/
TrustedSec
Introducing iHide: A New Jailbreak Detection Bypass Tool
Today, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. Once installed, iHide will add a new entry in the iOS…
Phishing Android Malware Targets Taxpayers in India
Demo: https://www.instagram.com/reel/CTZwQM1Dbv8/
Research: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-android-malware-targets-taxpayers-in-india
Demo: https://www.instagram.com/reel/CTZwQM1Dbv8/
Research: https://www.mcafee.com/blogs/other-blogs/mcafee-labs/phishing-android-malware-targets-taxpayers-in-india
McAfee Blog
Phishing Android Malware Targets Taxpayers in India | McAfee Blog
Authored by ChanUng Pak McAfee’s Mobile Research team recently found a new Android malware, Elibomi, targeting taxpayers in India. The
Malware found preinstalled in classic push-button phones sold in Russia
https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/
https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/
therecord.media
Malware found preinstalled in classic push-button phones sold in Russia
A security researcher has discovered malicious code inside the firmware of four low-budget push-button mobile phones sold through Russian online stores.
ThatWebInspector - Enabled Web Inspector for all iOS apps
https://github.com/evilpenguin/ThatWebInspector
https://github.com/evilpenguin/ThatWebInspector
GitHub
GitHub - evilpenguin/ThatWebInspector: Enabled Web Inspector for all iOS apps
Enabled Web Inspector for all iOS apps. Contribute to evilpenguin/ThatWebInspector development by creating an account on GitHub.
Rudroid - Writing the World's worst Android Emulator in Rust
https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
https://fuzzing.science/page/rudroid-worlds-worst-android-emulator/
Analysis of Android espionage against Kurdish ethnic group using commercial 888 RAT that was distributed via dedicated Facebook profiles
https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/
https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/
WeLiveSecurity
BladeHawk group: Android espionage against Kurdish ethnic group
ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, that has been active since at least March 2020.
Detailed report on new Android banker - S.O.V.A.
- discovered in August 2021
- includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
- discovered in August 2021
- includes a new feature - stealing session cookies
S.O.V.A in WebView displays legit targeted website for user to login and then steals account cookies
https://www.threatfabric.com/blogs/sova-new-trojan-with-fowl-intentions.html
ThreatFabric
S.O.V.A. - A new Android Banking trojan with fowl intentions
A new Android trojan was advertised on hacking forums, featuring overlays, keylogging and with intentions of adding Ransomware attacks and DDoS
👍2
FORCEDENTRY - NSO Group iMessage Zero-Click Exploit Captured in the Wild (CVE-2021-30860 - processing a maliciously crafted PDF may lead to arbitrary code execution)
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/
The Citizen Lab
FORCEDENTRY
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against…
Android malware distributed in Mexico uses Covid-19 to steal financial credentials
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/android-malware-distributed-in-mexico-uses-covid-19-to-steal-financial-credentials/
McAfee Blog
Android malware distributed in Mexico uses Covid-19 to steal financial credentials | McAfee Blog
Authored by Fernando Ruiz McAfee Mobile Malware Research Team has identified malware targeting Mexico. It poses as a security banking tool or as a bank
BRATA malware for Android devices passed off as AntiSPAM
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fcert-agid.gov.it%2Fnews%2Fbrata-malware-per-dispositivi-android-spacciato-per-antispam%2F
http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fcert-agid.gov.it%2Fnews%2Fbrata-malware-per-dispositivi-android-spacciato-per-antispam%2F
Flubot’s Smishing Campaigns under the Microscope
https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
Telekom
Flubot’s Smishing Campaigns under the Microscope
Maybe Flubot is for SMS what Emotet was for email: a spam kingpin. How does it work and how do the operators prevent infiltration?
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Trend Micro
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.
Another analysis of S.O.V.A. Android Banking Trojan
https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
iOS14.8: Patch CVE-2021-1740 again silently
https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
jhftss.github.io
iOS14.8: Patch CVE-2021-1740 again silently
As well known, iOS14.8 patched two 0 days in the wild, one of which is the pegasus 0-click vulnerability. You can get the root cause and more interesting findings by reading my analysis from here.
Joker Unleashes Itself Again on Google Play Store
https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/
https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/
K7 Labs
Joker Unleashes Itself Again on Google Play Store
Joker malware on Google Play Store continues to scare Android users. Its variants continue to find new tricks and tactics […]
Python r2pipe noscript to automatically create a Frida hook to intercept TLS traffic for Flutter based apps
https://github.com/Hamz-a/boring-flutter
https://github.com/Hamz-a/boring-flutter
GitHub
GitHub - Hamz-a/boring-flutter
Contribute to Hamz-a/boring-flutter development by creating an account on GitHub.
Google will auto-reset unused permissions for billion Android apps
https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html
https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html
Android Developers Blog
Making permissions auto-reset available to billions more devices
Posted by Peter Visontay, Software Engineer; Bessie Jiang, Software Engineer Contributors: Inara Ramji, Software Engineer; Rodrigo Farel...
Researcher discloses iPhone lock screen bypass on iOS 15 launch day
https://therecord.media/researcher-discloses-iphone-lock-screen-bypass-on-ios-15-launch-day/
https://therecord.media/researcher-discloses-iphone-lock-screen-bypass-on-ios-15-launch-day/
The Record
Researcher discloses iPhone lock screen bypass on iOS 15 launch day
On the day Apple released iOS 15, a Spanish security researcher disclosed an iPhone lock screen bypass that can be exploited to grant attackers access to a user's notes.
Burp Suite Mobile Assistant for testing iOS apps with Burp Suite
https://portswigger.net/burp/documentation/desktop/tools/mobile-assistant/installing
https://portswigger.net/burp/documentation/desktop/tools/mobile-assistant/installing
portswigger.net
Mobile testing - PortSwigger
You can use Burp Suite to perform security tests for mobile applications. To do this, you need to configure the mobile device to proxy its traffic via Burp ...