A simple frida noscript for iOS apps that spits out API request URLs, headers and body even if SSL pinning is enabled
https://github.com/bhavukjain1/frida_helper/blob/7eb165d23980c84eb9aab5b975738bee296b6ac2/spit_ios.js
https://github.com/bhavukjain1/frida_helper/blob/7eb165d23980c84eb9aab5b975738bee296b6ac2/spit_ios.js
GitHub
frida_helper/spit_ios.js at 7eb165d23980c84eb9aab5b975738bee296b6ac2 · bhavukjain1/frida_helper
Contribute to bhavukjain1/frida_helper development by creating an account on GitHub.
👍2
Bluetooth-using home COVID test was cracked to fake results
https://labs.f-secure.com/blog/faking-a-positive-covid-test
https://labs.f-secure.com/blog/faking-a-positive-covid-test
IP address leak (Android), and denial of service (DoS) dubbed Message of Death (Android) found in Android Microsoft Teams app https://positive.security/blog/ms-teams-1-feature-4-vulns
positive.security
MS Teams: 1 feature, 4 vulnerabilities | Positive Security
Microsoft Team's link preview feature is susceptible to spoofing and vulnerable to Server-Side Request Forgery. Team's Android users can be DoS'ed and, in the past, their IP address could be leaked.
👍1
Malicious App Targets Major Brazilian Bank Itaú Unibanco
https://blog.cyble.com/2021/12/23/malicious-app-targets-major-brazilian-bank-itau-unibanco/
https://blog.cyble.com/2021/12/23/malicious-app-targets-major-brazilian-bank-itau-unibanco/
Cyble
Malicious App Targets Major Brazilian Bank Itaú Unibanco
Cyble's research on an Android Malware that has been targeting a major banking company in Brazil.
👍2
Samsung's Galaxy Store is distributing apps that could infect phones with malware
https://www.androidpolice.com/samsung-galaxy-store-malware-movie-piracy-showbox/
https://www.androidpolice.com/samsung-galaxy-store-malware-movie-piracy-showbox/
Android Police
Samsung's Galaxy Store is distributing apps that could infect phones with malware
Potentially fake 'Showbox' movie piracy apps trigger a Play Protect warning, and an investigation indicates they could download malware
Android Tor Browser Thumbnails. What?
https://abrignoni.blogspot.com/2021/12/tor-thumbnails-what.html
https://abrignoni.blogspot.com/2021/12/tor-thumbnails-what.html
Android Component Security
https://www.hebunilhanli.com/wonderland/mobile-security/android-component-security/
https://www.hebunilhanli.com/wonderland/mobile-security/android-component-security/
A Memory Visualiser Tool for iOS Security Research
https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
Medium
A Memory Visualiser Tool for iOS Security Research
Happy New Year!🥳
ReDroid - Android in Docker without QEMU/emulator https://github.com/remote-android/redroid-doc
GitHub
GitHub - remote-android/redroid-doc: redroid (Remote-Android) is a multi-arch, GPU enabled, Android in Cloud solution. Track issues…
redroid (Remote-Android) is a multi-arch, GPU enabled, Android in Cloud solution. Track issues / docs here - remote-android/redroid-doc
Facebook android webview vulnerability: Execute arbitrary javanoscript (xss) and load arbitrary website
https://servicenger.com/mobile/facebook-android-webview-vulnerability/
https://servicenger.com/mobile/facebook-android-webview-vulnerability/
👍2🥰1
Meet “NoReboot”: The iOS Ultimate Persistence Bug
https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
Jamf
Jamf Threat Labs | Blog
Detailed analysis of Android FluBot malware version 5.0
https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond
https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond
F5 Labs
FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond | F5 Labs
A deconstruction of FluBot 5.0’s new communication protocol and other capabilities FluBot uses to hide, making it difficult for researchers and security solutions to detect.
Real-world Android Malware Analysis 1: SMS spy
https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html
https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html
Purpl3 F0x Secur1ty
Real-world Android Malware Analysis 1: eblagh.apk
Intro
Building userDebug Android images with root access and debug capabilities for a Google Pixel (sailfish)
https://www.linkedin.com/pulse/building-userdebug-android-images-google-pixel-sailfish-basanta
https://www.linkedin.com/pulse/building-userdebug-android-images-google-pixel-sailfish-basanta
Linkedin
Building userDebug Android images for a Google Pixel (sailfish).
Beforehand, i'm sorry for my english writing. I'm in practice for improve it.
👍1
Poland: Use of Pegasus spyware to hack politicians highlights threat to civil society
https://www.amnesty.org/en/latest/news/2022/01/poland-use-of-pegasus-spyware-to-hack-politicians-highlights-threat-to-civil-society/
https://www.amnesty.org/en/latest/news/2022/01/poland-use-of-pegasus-spyware-to-hack-politicians-highlights-threat-to-civil-society/
Amnesty International
Poland: Use of Pegasus spyware to hack politicians highlights threat to civil society
Confirming that Amnesty International has independently confirmed that Pegasus spyware was used to hack Polish senator, Krzysztof Brejza, when he was running the opposition’s 2019 parliamentary election campaign, Amnesty International Poland’s Director Anna…
👍1
Project Torogoz - Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware
https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-civil-society-el-salvador-pegasus-spyware/
https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-civil-society-el-salvador-pegasus-spyware/
The Citizen Lab
Project Torogoz
Journalists and members of civil society had their phones successfully infected with NSO’s Pegasus spyware between July 2020 - November 2021.
👍1
RCE in Adobe Acrobat Reader for Android (CVE-2021-40724)
analysis: https://hulkvision.github.io/blog/post1/
analysis: https://hulkvision.github.io/blog/post1/
hulkvision.github.io
RCE in Adobe Acrobat Reader for android(CVE-2021-40724)
# Summary
While testing Adobe Acrobat reader app , the app has a feature which allows user to open pdfs directly from http/https url. This feature was vulnerable to path traversal vulnerability.
Abode reader was also using Google play core library for dynamic…
While testing Adobe Acrobat reader app , the app has a feature which allows user to open pdfs directly from http/https url. This feature was vulnerable to path traversal vulnerability.
Abode reader was also using Google play core library for dynamic…
Multidex trick to unpack Android BianLian malware family
https://cryptax.medium.com/multidex-trick-to-unpack-android-bianlian-ed52eb791e56
https://cryptax.medium.com/multidex-trick-to-unpack-android-bianlian-ed52eb791e56
Medium
Multidex trick to unpack Android/BianLian
This article explains how to unpack sample sha256 5b9049c392eaf83b12b98419f14ece1b00042592b003a17e4e6f0fb466281368 which was served from…
AERoot - command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs
https://github.com/quarkslab/AERoot
https://github.com/quarkslab/AERoot
GitHub
GitHub - quarkslab/AERoot: AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running…
AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs. - quarkslab/AERoot
👍1👏1