How Anubis uses Telegram (and Chinese characters) to phone home https://news.sophos.com/en-us/2019/05/01/how-anubis-uses-telegram-and-chinese-characters-to-phone-home/
Sophos News
How Anubis uses Telegram (and Chinese characters) to phone home
The ubiquitous Android bank credential thief tries new methods to conceal where it gets its instructions from
Chinese authorities are using a mobile app to carry out illegal mass surveillance and arbitrary detention of Muslims https://www.hrw.org/video-photos/interactive/2019/05/02/china-how-mass-surveillance-works-xinjiang
Human Rights Watch
How Mass Surveillance Works in Xinjiang, China
‘Reverse Engineering’ Police App Reveals Profiling and Monitoring Strategies
👎1
This blog post is about examining an Android security patch and understanding how it mitigates the vulnerability https://blog.quarkslab.com/android-application-diffing-cve-2019-10875-inspection.html
Quarkslab's blog
Android Application Diffing: CVE-2019-10875 Inspection
This blog post is about examining an Android security patch and understanding how it mitigates the vulnerability.
Chrome on Android: Phishing attackers can now trick you with fake address bar https://jameshfisher.com/2019/04/27/the-inception-bar-a-new-phishing-method/
jameshfisher.com
The inception bar: a new phishing method
A new phishing technique that displays a fake URL bar in Chrome for mobile. A key innovation is the "scroll jail" that traps the user in a fake browser.
Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition) https://link.medium.com/zgBpttKSmW
Medium
Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition)
If you read through the disclosed bug bounty reports on platforms such as hackerone.com it is clear that most bug bounty hunters are…
Android App Reverse Engineering 101 https://maddiestone.github.io/AndroidAppRE/
From third-party Android store to SMS Trojan
https://www.zscaler.com/blogs/research/third-party-android-store-sms-trojan
https://www.zscaler.com/blogs/research/third-party-android-store-sms-trojan
Zscaler
Third-party Android App Store to SMS Trojan | Security Blog
Third-party Android app store "Smart Content Store" leads to the download of an SMS Trojan. Zscaler advises Android users to download apps only from official app stores. Using third-party stores may lead to the installation of apps that have hidden, malicious…
There are currently 14 distinct categories of Potentially Harmful Applications (PHAs) designed by Google https://developers.google.com/android/play-protect/phacategories
Google for Developers
Malware | Play Protect | Google for Developers
AndroidProjectCreator converts the APK to an Android Studio project. https://maxkersten.nl/projects/androidprojectcreator/
3 things you should be doing when you pentest an Android application https://link.medium.com/4vYR1UbsoW
Two vulnerabilities in Android-based smart-TVs from Sony, including the flagship Bravia line, could allow attackers to access WiFi passwords and images stored on the devices. https://threatpost.com/android-sony-smart-tvs/144133/
Threat Post
Android-Based Sony Smart-TVs Open to Image Pilfering
A pair of bugs would allow attackers to compromise the WiFi password of a TV and the multimedia stored inside it.
Twitter lite(Android): Vulnerable to local file steal, Javanoscript injection, Open redirect. https://hackerone.com/reports/499348
HackerOne
X / xAI disclosed on HackerOne: Twitter lite(Android): Vulnerable...
**Summary:** com.twitter.android.lite.TwitterLiteActivity is set to exported and doesn't validate data pass to intent due to which this activity vulnerable to steal users local files, javanoscript...
Security Steps You Should Take After Buying a Second-Hand Phone https://www.android.gs/possible-security-threats-you-might-face-when-using-a-second-hand-smartphone
Dynamic binary instrumentation tool designed for Android application and powered by Frida. It desassemble DEX, analyze, can generate hook, stored intercepted data automatically and do new things from it... https://github.com/FrenchYeti/dexcalibur
GitHub
GitHub - FrenchYeti/dexcalibur: [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging…
[Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods...
Google announces a new way for delivering Android security updates for core OS components. https://www.zdnet.com/google-amp/article/google-io-14-android-os-modules-to-get-over-the-air-security-updates-in-real-time/
ZDNet
Google I/O: 14 Android OS modules to get over-the-air security updates in real-time
Google announces a new way for delivering Android security updates for core OS components.
These are all the majoor security features Google added in Android over the years.
Today, at I/O, it said it added 50 new features and improvements to privacy and security settings, which it described as "the main focus of this release." via @campuscodi
Today, at I/O, it said it added 50 new features and improvements to privacy and security settings, which it described as "the main focus of this release." via @campuscodi
How my bug bounty hunt turned into Android malware analysis https://daddycocoaman.dev/posts/bug-bounty-adventures-this-is-the-wrong-porn/
daddycocoaman
Bug Bounty Adventures: This Is the Wrong Porn!
I haven’t had much luck with bug bounties. At the time of writing, all of my submissions except one have been duplicates, which can be really demotivating. But instead of giving up, I decided to shift my focus over to learning how to analyze mobile applications…
This media is not supported in your browser
VIEW IN TELEGRAM
UC Browser for Android is Vulnerable to URL Spoofing Attack
▪️UC Browsers have 600M+ installs on Google Play
▪️This vulnerability can be explained by phishing attack
▪️PoC: google.com.evil.com/?q=www.paypal.com
▪️Not fixed yet
▪️Discovered by @payloadartist
Details: https://www.andmp.com/2019/05/advisory-unpatched-url-address-bar-vulnerability-in-latest-versions-of-UC-browers.html
▪️UC Browsers have 600M+ installs on Google Play
▪️This vulnerability can be explained by phishing attack
▪️PoC: google.com.evil.com/?q=www.paypal.com
▪️Not fixed yet
▪️Discovered by @payloadartist
Details: https://www.andmp.com/2019/05/advisory-unpatched-url-address-bar-vulnerability-in-latest-versions-of-UC-browers.html
❤1👍1