Flubot’s Smishing Campaigns under the Microscope
https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
https://www.telekom.com/en/blog/group/article/flubot-under-the-microscope-636368
Telekom
Flubot’s Smishing Campaigns under the Microscope
Maybe Flubot is for SMS what Emotet was for email: a spam kingpin. How does it work and how do the operators prevent infiltration?
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Trend Micro
Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus
Citizen Lab has released a report on a new iPhone threat dubbed ForcedEntry. This zero-click exploit seems to be able to circumvent Apple's BlastDoor security, and allow attackers access to a device without user interaction.
Another analysis of S.O.V.A. Android Banking Trojan
https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
https://blog.cyble.com/2021/09/14/deep-dive-analysis-of-s-o-v-a-android-banking-trojan/
iOS14.8: Patch CVE-2021-1740 again silently
https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/
jhftss.github.io
iOS14.8: Patch CVE-2021-1740 again silently
As well known, iOS14.8 patched two 0 days in the wild, one of which is the pegasus 0-click vulnerability. You can get the root cause and more interesting findings by reading my analysis from here.
Joker Unleashes Itself Again on Google Play Store
https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/
https://labs.k7computing.com/index.php/joker-unleashes-itself-again-on-google-play-store/
K7 Labs
Joker Unleashes Itself Again on Google Play Store
Joker malware on Google Play Store continues to scare Android users. Its variants continue to find new tricks and tactics […]
Python r2pipe noscript to automatically create a Frida hook to intercept TLS traffic for Flutter based apps
https://github.com/Hamz-a/boring-flutter
https://github.com/Hamz-a/boring-flutter
GitHub
GitHub - Hamz-a/boring-flutter
Contribute to Hamz-a/boring-flutter development by creating an account on GitHub.
Google will auto-reset unused permissions for billion Android apps
https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html
https://android-developers.googleblog.com/2021/09/making-permissions-auto-reset-available.html
Android Developers Blog
Making permissions auto-reset available to billions more devices
Posted by Peter Visontay, Software Engineer; Bessie Jiang, Software Engineer Contributors: Inara Ramji, Software Engineer; Rodrigo Farel...
Researcher discloses iPhone lock screen bypass on iOS 15 launch day
https://therecord.media/researcher-discloses-iphone-lock-screen-bypass-on-ios-15-launch-day/
https://therecord.media/researcher-discloses-iphone-lock-screen-bypass-on-ios-15-launch-day/
The Record
Researcher discloses iPhone lock screen bypass on iOS 15 launch day
On the day Apple released iOS 15, a Spanish security researcher disclosed an iPhone lock screen bypass that can be exploited to grant attackers access to a user's notes.
Burp Suite Mobile Assistant for testing iOS apps with Burp Suite
https://portswigger.net/burp/documentation/desktop/tools/mobile-assistant/installing
https://portswigger.net/burp/documentation/desktop/tools/mobile-assistant/installing
portswigger.net
Mobile testing - PortSwigger
You can use Burp Suite to perform security tests for mobile applications. To do this, you need to configure the mobile device to proxy its traffic via Burp ...
A Stalkerware Firm Is Leaking Real-Time Screenshots of People's Phones Online
https://www.vice.com/en/article/m7ezj8/stalkerware-leaking-phone-screenshots-pctattletale
https://www.vice.com/en/article/m7ezj8/stalkerware-leaking-phone-screenshots-pctattletale
VICE
A Stalkerware Firm Is Leaking Real-Time Screenshots of People's Phones Online
pcTattleTale, which markets itself for monitoring spouses without their consent, lets anyone view screenshots of infected devices by just visiting specific URLs.
TangleBot aka Medusa: New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures
https://www.cloudmark.com/en/blog/mobile/tanglebot-new-advanced-sms-malware-targets-mobile-users-across-us-and-canada-covid-19
https://www.cloudmark.com/en/blog/mobile/tanglebot-new-advanced-sms-malware-targets-mobile-users-across-us-and-canada-covid-19
Cloudmark
TangleBot: New Advanced SMS Malware Targets Mobile Users Across U.S. and Canada with COVID-19 Lures | Cloudmark EN
Key Takeaways
A clever and complicated new SMS malware attack has been discovered in the United States and Canada.
This malware, coined TangleBot, can directly obtainpersonal information, control device interaction with apps and overlay screens, and steal account…
A clever and complicated new SMS malware attack has been discovered in the United States and Canada.
This malware, coined TangleBot, can directly obtainpersonal information, control device interaction with apps and overlay screens, and steal account…
Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program
https://habr.com/ru/post/579714/
https://habr.com/ru/post/579714/
ERMAC - another Android banking trojan based on Cerberus leaked code
https://www.threatfabric.com/blogs/ermac-another-cerberus-reborn.html
https://www.threatfabric.com/blogs/ermac-another-cerberus-reborn.html
ThreatFabric
ERMAC - another Cerberus reborn
A new Android trojan, named ERMAC, was advertised on hacking forums by the BlackRock actor, ERMAC is based on Cerberus
Waydroid - a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu
https://github.com/waydroid/waydroid
https://github.com/waydroid/waydroid
GitHub
GitHub - waydroid/waydroid: Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system…
Waydroid uses a container-based approach to boot a full Android system on a regular GNU/Linux system like Ubuntu. - waydroid/waydroid
Assessing the Effectiveness of the Shared Responsibility Model for Cloud Databases: the Case of Google’s Firebase
https://drive.google.com/file/d/1QkuRusjw82pQVJOJXiosYMe-x742SR-M/view
https://drive.google.com/file/d/1QkuRusjw82pQVJOJXiosYMe-x742SR-M/view
In iOS 15, the iPhone is findable even when “Powered off”
https://twitter.com/craiu/status/1442412803546099713
https://twitter.com/craiu/status/1442412803546099713
Twitter
Costin Raiu
In iOS 15, the phone is findable even when “Powered off”.
😁1
How malware gets into the App Store and why Apple can't stop that
https://habr.com/ru/post/580272/
https://habr.com/ru/post/580272/
PixStealer: a new wave of Android banking Trojans abusing Accessibility Services
https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/
https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/
Check Point Research
PixStealer: a new wave of Android banking Trojans abusing Accessibility Services - Check Point Research
Research by: Israel Wernik, Bohdan Melnykov Introduction By limiting physical interactions, the COVID-19 pandemic significantly accelerated the digitization of the banking industry to fulfill customer needs. To cope with the demand, improve access and awareness…
👍1
GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally
https://blog.zimperium.com/grifthorse-android-trojan-steals-millions-from-over-10-million-victims-globally/
https://blog.zimperium.com/grifthorse-android-trojan-steals-millions-from-over-10-million-victims-globally/
Apple Pay flaw risks letting hackers drain money from locked iPhones
Video demo: https://youtu.be/jznZNEslVik
Article: https://news.sky.com/story/apple-pay-users-should-not-use-visa-as-transport-payment-card-security-experts-warn-12421336
Video demo: https://youtu.be/jznZNEslVik
Article: https://news.sky.com/story/apple-pay-users-should-not-use-visa-as-transport-payment-card-security-experts-warn-12421336
YouTube
Flaw in Apple Pay allows hackers to drain credit cards while phone is locked
An Apple Pay flaw has been exposed that allows hackers to drain credit cards without a phone being unlocked
The Apple Pay lock screen can be bypassed for any iPhone with a Visa card set up in transit mode.
The contactless limit can also be bypassed.
It’s…
The Apple Pay lock screen can be bypassed for any iPhone with a Visa card set up in transit mode.
The contactless limit can also be bypassed.
It’s…
👍1