IOMobileFrameBuffer vulnerability in iPhone 6s and later (until iOS 15.3) has been actively exploited (CVE-2022-22587)
Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited
https://support.apple.com/en-us/HT213053
Impact: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited
https://support.apple.com/en-us/HT213053
Apple Support
About the security content of iOS 15.3 and iPadOS 15.3
This document describes the security content of iOS 15.3 and iPadOS 15.3.
New FluBot and TeaBot Global Malware Campaigns Discovered
https://www.bitdefender.com/blog/labs/new-flubot-and-teabot-global-malware-campaigns-discovered
https://www.bitdefender.com/blog/labs/new-flubot-and-teabot-global-malware-campaigns-discovered
Bitdefender Labs
New FluBot and TeaBot Global Malware Campaigns Discovered
Some malware and phishing campaigns have short lives, tending to dissipate after
they're identified by security solutions.
they're identified by security solutions.
👍2
Facestealer – The Rise of Facebook Credential Stealer Malware
https://labs.k7computing.com/index.php/facestealer-the-rise-of-facebook-credential-stealer-malware/
https://labs.k7computing.com/index.php/facestealer-the-rise-of-facebook-credential-stealer-malware/
K7 Labs
Facestealer – The Rise of Facebook Credential Stealer Malware
Threat actors are constantly employing new tricks while also maintaining their old tried-and-tested tactics. One such evergreen tactic, is to deploy […]
Malicious app on Google Play drops banking malware on users’ devices
https://blog.pradeo.com/vultur-malware-dropper-google-play
https://blog.pradeo.com/vultur-malware-dropper-google-play
Pradeo
Malicious app on Google Play drops banking malware on users’ devices
Pradeo’s researchers discovered a malicious mobile application called 2FA Authenticator distributed on Google Play and installed by 10K+ users.
🥰2
How Android updates work: A peek behind the curtains from an insider
https://medium.com/@Za_Raczke/how-android-updates-work-a-peek-behind-the-curtains-from-an-insider-1d8e1a48ec0b
https://medium.com/@Za_Raczke/how-android-updates-work-a-peek-behind-the-curtains-from-an-insider-1d8e1a48ec0b
Medium
How Android updates work: A peek behind the curtains from an insider
Updates on Android were always a topic of discussion in the tech communities. Even though they are a crazily complicated topic and very few…
How to bypass root detection and SSL pinning on Android and iOS using Frida and Objection
https://securitycafe.ro/2022/02/01/root-detection-and-ssl-pinning-bypass/
https://securitycafe.ro/2022/02/01/root-detection-and-ssl-pinning-bypass/
Security Café
Root detection and SSL pinning bypass
There are multiple methods to circumvent the client-side security that blocks the usage of the tested application in an unsafe environment such as Rooted or Jailbroken devices. Next, I will give yo…
A Primer On Android Forensics
https://nex.sx/tech/2022/01/28/a-primer-on-android-forensics.html
https://nex.sx/tech/2022/01/28/a-primer-on-android-forensics.html
nex.sx
A Primer On Android Forensics - Nex
A lot has already been said on iOS forensics for the purpose of discovering traces of compromise and spyware execution. And although a lot more is left to ex...
👍1
Abusing Facebooks
https://www.ash-king.co.uk/blog/abusing-Facebooks-call-to-action-to-launch-internal-deeplinks
Call To Action to launch internal deeplinkshttps://www.ash-king.co.uk/blog/abusing-Facebooks-call-to-action-to-launch-internal-deeplinks
www.ash-king.co.uk
Abusing Facebooks Call To Action to launch internal deeplinks
Ever noticed that big blue button on the top of every Facebook page? This feature, known as Call to action or CTA is designed for user engagement and allows a page to redirect their visitors to a website, an app, inbox etc. I found it was possible for a page…
👍1
Diving Deeper in Android System Diagnostics and Remote Forensics
https://nex.sx/tech/2022/02/04/diving-deeper-in-android-system-diagnostics.html
https://nex.sx/tech/2022/02/04/diving-deeper-in-android-system-diagnostics.html
nex.sx
Diving Deeper in Android System Diagnostics and Remote Forensics - Nex
Following up from last week’s Primer on Android Forensics, today we are going to dive a little deeper into Android system diagnostics, have a look at some ne...
👍7
How to build a Cellphone IMSI Catcher (Stingray)
https://www.hackers-arise.com/post/software-defined-radio-part-6-building-a-imsi-catcher-stingray
https://www.hackers-arise.com/post/software-defined-radio-part-6-building-a-imsi-catcher-stingray
👍18❤1
FluBot and Medusa Android banking Trojans attack banks side-by-side via SMiShing
https://www.threatfabric.com/blogs/partners-in-crime-medusa-cabassous.html#medusa-turkish-delight-with-dangerous-filling
https://www.threatfabric.com/blogs/partners-in-crime-medusa-cabassous.html#medusa-turkish-delight-with-dangerous-filling
Threatfabric
Partners-in-crime: Medusa and Cabassous attack banks side-by-side
Two advanced banking Trojans, Medusa and Cabassous (Flubot), are distributed side-by-side using the same SMiShing service.
👍9❤1
Malicious campaign Roaming Mantis (Wroba.o, Moqhao, XLoader) reaches Europe via SMiShing targeting Android and iOS
https://securelist.com/roaming-mantis-reaches-europe/105596/
https://securelist.com/roaming-mantis-reaches-europe/105596/
Securelist
Roaming Mantis reaches Europe
We’ve observed some new activities by Roaming Mantis in 2021, and some changes in the Wroba malware that’s mainly used in this campaign.
👍9🥰1
Zero-Click RCE Exploit for the Peloton Bike (And Also Every Other Unpatched Android Device)
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device/
https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device/
Nowsecure
Zero-Click RCE Exploit for the Peloton Bike Identified and Patched
The Peloton Bike ran an unpatched version of Android 7 which led to it being vulnerable to a number of known issues, most significantly CVE-2021-0326, which could allow an attacker within WiFi range to execute arbitrary code on the device with no user interaction.
👍15🔥3❤1
SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking/
https://sensepost.com/blog/2022/sim-hijacking/
👍20
Google awarded $8.7 million to 696 security researchers in 2021
Highest reward - $157,000 by discovering critical exploitation chain in Android (CVE-2021-39698)
- $3 million went to Android vulnerabilities
- $3.3 million went to Chrome browser bugs
- $0.5 million went to Google Play Store vulnerabilities
- $0.313 million went to Google Cloud bugs.
https://security.googleblog.com/2022/02/vulnerability-reward-program-2021-year.html
Highest reward - $157,000 by discovering critical exploitation chain in Android (CVE-2021-39698)
- $3 million went to Android vulnerabilities
- $3.3 million went to Chrome browser bugs
- $0.5 million went to Google Play Store vulnerabilities
- $0.313 million went to Google Cloud bugs.
https://security.googleblog.com/2022/02/vulnerability-reward-program-2021-year.html
Google Online Security Blog
Vulnerability Reward Program: 2021 Year in Review
Posted by Sarah Jacobus, Vulnerability Rewards Team Last year was another record setter for our Vulnerability Reward Programs (VRPs). Throu...
👍22🔥16🤯3❤2
apkingo - get detailed information about apk files
I retrieves: package name, target SDK, permissions, metadata, certificate serial and issuer, info from Google Play Store and detect if it is malicious using Koodous
https://github.com/andpalmier/apkingo
I retrieves: package name, target SDK, permissions, metadata, certificate serial and issuer, info from Google Play Store and detect if it is malicious using Koodous
https://github.com/andpalmier/apkingo
GitHub
GitHub - andpalmier/apkingo: extract info from apk files
extract info from apk files. Contribute to andpalmier/apkingo development by creating an account on GitHub.
👍19🔥8❤2👏1
How to Bypass Jailbreak Detection On iOS Apps & Games (iOS 11 - iOS 14)
https://idevicecentral.com/jailbreak-guide/how-to-bypass-jailbreak-detection-on-ios-applications-and-games-ios-11-ios-14/
https://idevicecentral.com/jailbreak-guide/how-to-bypass-jailbreak-detection-on-ios-applications-and-games-ios-11-ios-14/
iDevice Central - iOS Jailbreak News, Tutorials and Tools!
How to Bypass Jailbreak Detection On iOS Applications and Games (iOS 11 – iOS 14) - iDevice Central
Jailbreaking allows users to do more with their devices, to get past Apple's unnecessary walled garden approach. Sideloading, theming, tweaks to customize UI elements or to add functionality that is simply not there on stock iOS, all of these are done through…
👍9👏1
WiFi Zero Click RCE Trigger PoC CVE-2021-1965
https://github.com/parsdefense/CVE-2021-1965
https://github.com/parsdefense/CVE-2021-1965
🔥14👍5
Collection of Android (Samsung) Security Related Resources https://github.com/NetKingJ/android-security-awesome
GitHub
GitHub - NetKingJ/awesome-android-security: A Collection of Android (Samsung) Security Research References
A Collection of Android (Samsung) Security Research References - NetKingJ/awesome-android-security
👍17❤2🔥1
SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification
https://www.trendmicro.com/en_us/research/22/b/sms-pva-services-use-of-infected-android-phones-reveals-flaws-in-sms-verification.html
https://www.trendmicro.com/en_us/research/22/b/sms-pva-services-use-of-infected-android-phones-reveals-flaws-in-sms-verification.html
Trend Micro
SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification
👍8
Mobile malware evolution 2021 by Kaspersky
https://securelist.com/mobile-malware-evolution-2021/105876/
https://securelist.com/mobile-malware-evolution-2021/105876/
Securelist
Mobile malware evolution 2021
In 2021, cybercriminal activity gradually decreased, and attempts to exploit the pandemic topic became less common. However, mobile malware became more advanced, and attacks more complex.
👍10🥰2👏2