RTLO Injection URI Spoofing in mobile apps (CVE-2020-20093; CVE-2020-20094; CVE-2020-20095; CVE-2020-20096)
Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15.
The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation.
https://github.com/zadewg/RIUS
Affects all recent distributions of iOS iMessage, WhatsApp, Instagram, and Facebook Messenger as of 2019.8.15.
The user interface does not properly represent critical information to the user, allowing the information to be spoofed. This is often a component in online scams, phishing and disinformation propagation.
https://github.com/zadewg/RIUS
GitHub
GitHub - zadewg/RIUS: CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing - GitHub - zadewg/RIUS: CVE-2020-20093; 20094; 20095; 20096, 2022-28345 RTLO Injection URI Spoofing
👍13🥰1
Remotely steal bearer token via maliciously crafted deep link from Basecamp Android app
https://hackerone.com/reports/1372667
https://hackerone.com/reports/1372667
HackerOne
Basecamp disclosed on HackerOne: Able to steal bearer token from...
# Pre-requisities
Prior to exploitation you would be required to know the "account id" of the user that you are attacking. Whilst this makes it difficult to attack an application in a generic way...
Prior to exploitation you would be required to know the "account id" of the user that you are attacking. Whilst this makes it difficult to attack an application in a generic way...
👍7
A deep dive inside anti-reverse & universal bypass with Frida
https://raw.githubusercontent.com/FrenchYeti/unrasp/main/Slides/Forging_golden_hammer_against_android_app_protections_INSO22_FINAL.pdf
https://raw.githubusercontent.com/FrenchYeti/unrasp/main/Slides/Forging_golden_hammer_against_android_app_protections_INSO22_FINAL.pdf
👍10
Remote Code Execution in Evernote for Android by misusing path traversal vulnerability
https://hackerone.com/reports/1377748
https://hackerone.com/reports/1377748
HackerOne
Evernote disclosed on HackerOne: 2 click Remote Code execution in...
This vulnerability is similar to my previous reported vulnerability #1362313 , in here also weakness is path transversal vulnerability which helps me to acheive code execution but the root cause...
👍9
A short history of telephone hacking: from phreaking to mobile malware
https://bit-sentinel.com/a-short-history-of-telephone-hacking-from-phreaking-to-mobile-malware
https://bit-sentinel.com/a-short-history-of-telephone-hacking-from-phreaking-to-mobile-malware
Bit Sentinel
Telephone hacking: from phreaking to mobile malware
How did telephone hacking become so dangerous? Get ready for a short history: from phreaking to mobile malware!
👍12❤1
New APT group APT-Q-43 (#VajraEleph) discovered targeting Pakistani military personnel via targeted SMS or WhatsApp messages using Android RAT #VajraSpy impersonates chat apps
https://mp.weixin.qq.com/s/B0ElRhbqLzs-wGQh79fTww
https://mp.weixin.qq.com/s/B0ElRhbqLzs-wGQh79fTww
Weixin Official Accounts Platform
来自南亚的金刚象组织VajraEleph ——针对巴基斯坦军方人员的网络间谍活动披露
自2021年6月起至今,一个来自南亚某国背景的APT组织主要针对巴基斯坦军方展开了有组织、有计划、针对性的军事间谍情报活动。经过短短9个月的攻击,该组织已影响数十名巴基斯坦军方人员。这是奇安信独立发现并率先披露的第15个APT组织-金刚象。
👍8🔥5
Here is a demo how a user can download malware on iPhone outside of App Store using configuration profile
https://youtu.be/zgDDI5RPubk
https://youtu.be/zgDDI5RPubk
YouTube
Lukas Stefanko - Demo infection and extraction of seed iOS
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
👍13🔥2🥰2
Analysis of 0-click iMessage exploit named FORCEDENTRY
Exploitation: By sending a .gif iMessage attachment (which was really a PDF) NSO were able to remotely trigger a heap buffer overflow in the ImageIO JBIG2 decoder
https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
Exploitation: By sending a .gif iMessage attachment (which was really a PDF) NSO were able to remotely trigger a heap buffer overflow in the ImageIO JBIG2 decoder
https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
Blogspot
FORCEDENTRY: Sandbox Escape
Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit ...
👍15❤2🔥1
Update your iPhone
Apple patched two vulnerabilities have been exploited in the wild
CVE-2022-22675, the issue has been described as an out-of-bounds write vulnerability in an audio and video decoding component called AppleAVD that could allow an application to execute arbitrary code with kernel privileges
https://support.apple.com/en-us/HT213219
Apple patched two vulnerabilities have been exploited in the wild
CVE-2022-22675, the issue has been described as an out-of-bounds write vulnerability in an audio and video decoding component called AppleAVD that could allow an application to execute arbitrary code with kernel privileges
https://support.apple.com/en-us/HT213219
Apple Support
About the security content of iOS 15.4.1 and iPadOS 15.4.1
This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1.
👍14❤1🔥1
Complete dissection of an APK with a suspicious C2 Server
https://lab52.io/blog/complete-dissection-of-an-apk-with-a-suspicious-c2-server/
https://lab52.io/blog/complete-dissection-of-an-apk-with-a-suspicious-c2-server/
🔥6
Fake e‑shops on the prowl for banking credentials using Android malware
https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/
https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/
WeLiveSecurity
Fake e‑shops on the prowl for banking credentials using Android malware
ESET researchers have analyzed three malicious Android apps that attempt to steal their login credentials.from the customers of eight Malaysian banks.
😱11❤1
Measurement SDK library (coelib.c.couluslibrary) implemented in various Android apps is responsible for collecting sensitive data such as Clipboard, GPS, Email, Phone Numbers, IMEI, SSID...
https://blog.appcensus.io/2022/04/06/the-curious-case-of-coulus-coelib/
https://blog.appcensus.io/2022/04/06/the-curious-case-of-coulus-coelib/
🔥6👍1
Android SharkBot Banking Trojan Discovered On Google Play Store Hidden Behind 7 New Apps
https://research.checkpoint.com/2022/google-is-on-guard-sharks-shall-not-pass/
https://research.checkpoint.com/2022/google-is-on-guard-sharks-shall-not-pass/
Check Point Research
Google is on guard: sharks shall not pass! - Check Point Research
Research by: Alex Shamshur, Raman Ladutska Introduction When you search for Anti-Virus (AV) solutions to protect your mobile devices, you don’t expect these solutions to do the opposite i.e. make devices vulnerable to malware. This what the Check Point Research…
👍2
Start Arbitrary Activity App Components as the System User Vulnerability Affecting Samsung Android Devices (CVE-2022-22292)
https://www.kryptowire.com/blog/start-arbitrary-activity-app-components-as-the-system-user-vulnerability-affecting-samsung-android-devices/
https://www.kryptowire.com/blog/start-arbitrary-activity-app-components-as-the-system-user-vulnerability-affecting-samsung-android-devices/
Quokka
Home
Strengthen your mobile security with Quokka’s mobile app risk intelligence, delivered via mobile app vetting and mobile app security testing. Identify and mitigate mobile threats and integrate seamlessly into your existing security stack and dev lifecycle.
👍9😢2
iOS ASN.1 Vulnerability analysis (CVE-2021-30737) https://googleprojectzero.blogspot.com/2022/04/cve-2021-30737-xerubs-2021-ios-asn1.html
Blogspot
CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability found by @xerub . Phrack published @xerub's...
👍8
New Android banking trojan - Octo - is capable of on-device fraud via VNC was available on Google Play Store
https://threatfabric.com/blogs/octo-new-odf-banking-trojan.html
https://threatfabric.com/blogs/octo-new-odf-banking-trojan.html
Threatfabric
Look out for Octo's tentacles! A new on-device fraud Android Banking Trojan with a rich legacy
ThreatFabric recently discovered Octo: a new Android banking malware trojan with a rich legacy.
🔥7👍1
APT-C-23 Campaign Targeting Israeli Officials via malicious Android chat apps
https://www.cybereason.com/blog/operation-bearded-barbie-apt-c-23-campaign-targeting-israeli-officials
https://www.cybereason.com/blog/operation-bearded-barbie-apt-c-23-campaign-targeting-israeli-officials
Cybereason
Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials
This APT-C-23 campaign involves of two previously undocumented malware strains dubbed Barb(ie) Downloader and BarbWire Backdoor, which use an enhanced stealth mechanism to remain undetected - in addition, Cybereason observed an upgraded version of an Android…
👍10
Forwarded from The Bug Bounty Hunter
Android Pentesting Setup On Macbook M1
https://magarajay538.medium.com/android-pentesting-setup-on-macbook-m1-d2f1f0a8db4b
https://magarajay538.medium.com/android-pentesting-setup-on-macbook-m1-d2f1f0a8db4b
Medium
Android Pentesting Setup On Macbook M1
Hello hackers,
👍15
[Beetlebug Android CTF] an open source insecure Android app with CTF challenges for Android Penetesters and Bug Bounty hunters
https://github.com/hafiz-ng/Beetlebug
https://github.com/hafiz-ng/Beetlebug
GitHub
GitHub - hafiz-ng/Beetlebug: Beetlebug is an open source insecure Android application with CTF challenges built for Android Penetration…
Beetlebug is an open source insecure Android application with CTF challenges built for Android Penetration Testers and Bug Bounty hunters. - hafiz-ng/Beetlebug
👍11👏4
Android Fakecall Banker: A Trojan that masquerades as a banking app and imitates phone conversations with bank employees
https://www.kaspersky.com/blog/fakecalls-banking-trojan/44072/
https://www.kaspersky.com/blog/fakecalls-banking-trojan/44072/
Kaspersky
The Fakecalls banking Trojan makes fake calls
A Trojan that masquerades as a banking app and imitates phone conversations with bank employees.
😱10👍1