In iOS 15, the iPhone is findable even when “Powered off”
https://twitter.com/craiu/status/1442412803546099713
https://twitter.com/craiu/status/1442412803546099713
Twitter
Costin Raiu
In iOS 15, the phone is findable even when “Powered off”.
😁1
How malware gets into the App Store and why Apple can't stop that
https://habr.com/ru/post/580272/
https://habr.com/ru/post/580272/
PixStealer: a new wave of Android banking Trojans abusing Accessibility Services
https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/
https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/
Check Point Research
PixStealer: a new wave of Android banking Trojans abusing Accessibility Services - Check Point Research
Research by: Israel Wernik, Bohdan Melnykov Introduction By limiting physical interactions, the COVID-19 pandemic significantly accelerated the digitization of the banking industry to fulfill customer needs. To cope with the demand, improve access and awareness…
👍1
GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally
https://blog.zimperium.com/grifthorse-android-trojan-steals-millions-from-over-10-million-victims-globally/
https://blog.zimperium.com/grifthorse-android-trojan-steals-millions-from-over-10-million-victims-globally/
Apple Pay flaw risks letting hackers drain money from locked iPhones
Video demo: https://youtu.be/jznZNEslVik
Article: https://news.sky.com/story/apple-pay-users-should-not-use-visa-as-transport-payment-card-security-experts-warn-12421336
Video demo: https://youtu.be/jznZNEslVik
Article: https://news.sky.com/story/apple-pay-users-should-not-use-visa-as-transport-payment-card-security-experts-warn-12421336
YouTube
Flaw in Apple Pay allows hackers to drain credit cards while phone is locked
An Apple Pay flaw has been exposed that allows hackers to drain credit cards without a phone being unlocked
The Apple Pay lock screen can be bypassed for any iPhone with a Visa card set up in transit mode.
The contactless limit can also be bypassed.
It’s…
The Apple Pay lock screen can be bypassed for any iPhone with a Visa card set up in transit mode.
The contactless limit can also be bypassed.
It’s…
👍1
Text message scam infecting Android phones with FluBot
https://www.cert.govt.nz/individuals/news-and-events/parcel-delivery-text-message-infecting-android-phones/
https://www.cert.govt.nz/individuals/news-and-events/parcel-delivery-text-message-infecting-android-phones/
Bug found in Android Telegram: Messages that should be auto-deleted from participants in private and private group chats were only 'deleted' visually [in the messaging window], but in reality, picture messages remained on the device in the cache (CVE-2021-41861) https://arstechnica.com/information-technology/2021/10/researcher-refuses-telegrams-bounty-award-discloses-auto-delete-bug/
Ars Technica
Researcher refuses Telegram’s bounty award, discloses auto-delete bug
Telegram took months to fix “self-destruct” message bug. Then requested silence.
Waydro - Android on Linux (boot a full Android system on a regular GNU/Linux system like Ubuntu)
https://waydro.id/
https://waydro.id/
Are iPhones Really Better for Privacy? Comparative Study of iOS and Android Apps
https://arxiv.org/abs/2109.13722
https://arxiv.org/abs/2109.13722
Togo: Prominent activist targeted with Indian-made Android spyware linked to Donot Team hacker group (APT-C-35)
Article: https://www.amnesty.org/en/latest/news/2021/10/togo-activist-targeted-with-spyware-by-notorious-hacker-group/
Full report: https://www.amnesty.org/en/documents/afr57/4756/2021/en/
Article: https://www.amnesty.org/en/latest/news/2021/10/togo-activist-targeted-with-spyware-by-notorious-hacker-group/
Full report: https://www.amnesty.org/en/documents/afr57/4756/2021/en/
Amnesty International
Togo: Prominent activist targeted with Indian-made spyware linked to notorious hacker group
New research reveals activists in Togo risk being targeted by shadowy cyber-mercenaries who use covert digital attacks to steal victims’ private information
PoC for today's patched iPhone 0-day vulnerability in IOMobileFrameBuffer/AppleCLCD that has been exploited in the wild (CVE-2021-30883)
https://saaramar.github.io/IOMFB_integer_overflow_poc/
https://saaramar.github.io/IOMFB_integer_overflow_poc/
Malicious apps found on Google Play Store could steal Facebook credentials by injecting JavaScript in WebView while facebook[.]com has been displayed
https://www.bleepingcomputer.com/news/security/photo-editor-android-app-still-sitting-on-google-play-store-is-malware/
https://www.bleepingcomputer.com/news/security/photo-editor-android-app-still-sitting-on-google-play-store-is-malware/
BleepingComputer
Photo editor Android app STILL sitting on Google Play store is malware
An Android app sitting on the Google Play store touts itself to be a photo editor app. But, it contains code that steals the user's Facebook credentials to potentially run ad campaigns on the user's behalf, with their payment information. The app has scored…
Demonstration how Android malware steals recovery phrase from Trust Crypto Wallet without user interaction and restricts access to victims smartphone
https://youtu.be/cI9GbhspMYY
https://youtu.be/cI9GbhspMYY
YouTube
How Android malware steals recovery phrase from Trust Wallet without user interaction
Android malware automatically steals recovery phrase from Trust Crypto Wallet and restricts access to victims smartphone by blocking all the actions such as removing it and protecting its cryptocurrency fonds.
This malware can steal recover phrase only from…
This malware can steal recover phrase only from…
CVE-2021-30858: Use-after-free in WebKit affecting pre-Safari 14.1.2, pre-iOS 14.8
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-30858.html
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2021/CVE-2021-30858.html
A threat analysis of sideloading by Apple
There are 31 pages explaining why Apple will not allow sideloading apps on iOS
https://www.apple.com/privacy/docs/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf
There are 31 pages explaining why Apple will not allow sideloading apps on iOS
https://www.apple.com/privacy/docs/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf
Malware bypassing OTP-based authentication to target Indian Banking customers
https://blog.cyble.com/2021/10/13/malware-bypassing-otp-based-authentication-to-target-indian-banking-customers/
https://blog.cyble.com/2021/10/13/malware-bypassing-otp-based-authentication-to-target-indian-banking-customers/
Cyble
Cyble - Malware Bypassing OTP-based Authentication To Target Indian Banking Customers
A phishing campaign has been targeting the customers of an Indian bank using a Stealer app.
CryptoRomance fake iOS cryptocurrency apps hit US, European victims for at least $1.4 million
https://news.sophos.com/en-us/2021/10/13/cryptorom-fake-ios-cryptocurrency-apps/
https://news.sophos.com/en-us/2021/10/13/cryptorom-fake-ios-cryptocurrency-apps/
Sophos News
CryptoRom fake iOS cryptocurrency apps hit US, European victims for at least $1.4 million
Scammers combine romantic lures with crypto scams, abusing Apple’s ad-hoc app distribution to steal millions from people around the world.
Google's Threat Analysis Group (TAG) found an attempt to upload Android spyware to Google Play Store disguised as a VPN app. It was part of APT35 group.
https://blog.google/threat-analysis-group/countering-threats-iran/
https://blog.google/threat-analysis-group/countering-threats-iran/
Google
Countering threats from Iran
Google’s Threat Analysis Group tracks actors involved in disinformation campaigns, government backed hacking, and financially motivated abuse. We have a long-standing policy to send you a warning if we detect that your account is a target of government-backed…