[Beetlebug Android CTF] an open source insecure Android app with CTF challenges for Android Penetesters and Bug Bounty hunters
https://github.com/hafiz-ng/Beetlebug
https://github.com/hafiz-ng/Beetlebug
GitHub
GitHub - hafiz-ng/Beetlebug: Beetlebug is an open source insecure Android application with CTF challenges built for Android Penetration…
Beetlebug is an open source insecure Android application with CTF challenges built for Android Penetration Testers and Bug Bounty hunters. - hafiz-ng/Beetlebug
👍11👏4
Android Fakecall Banker: A Trojan that masquerades as a banking app and imitates phone conversations with bank employees
https://www.kaspersky.com/blog/fakecalls-banking-trojan/44072/
https://www.kaspersky.com/blog/fakecalls-banking-trojan/44072/
Kaspersky
The Fakecalls banking Trojan makes fake calls
A Trojan that masquerades as a banking app and imitates phone conversations with bank employees.
😱10👍1
Lol, I am running Kali NetHunter on smartwatches TicWatch Pro
No wifi support so far, but HID and nmap works fine 😁
https://www.instagram.com/p/CcP1r1mF_RJ/
No wifi support so far, but HID and nmap works fine 😁
https://www.instagram.com/p/CcP1r1mF_RJ/
🔥23💩4👍3😢3🤮3😁1
Step-by-step guide to reverse an APK protected with DexGuard using Jadx
https://blog.lexfo.fr/dexguard.html
https://blog.lexfo.fr/dexguard.html
👍8❤1
Forwarded from The Bug Bounty Hunter
CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers
https://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html
https://googleprojectzero.blogspot.com/2022/04/cve-2021-1782-ios-in-wild-vulnerability.html
Blogspot
CVE-2021-1782, an iOS in-the-wild vulnerability in vouchers
Posted by Ian Beer, Google Project Zero This blog post is my analysis of a vulnerability exploited in the wild and patched in early 20...
👍8👏5❤3
Spyware Operation infected 63 targets with Pegasus (iOS), and four others with Candiru (Windows) spyware
-To compromise victims devices was used a previously-undisclosed iOS zero-click vulnerability called HOMAGE used by NSO Group
-Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations. Family members were also infected in some cases
https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/
-To compromise victims devices was used a previously-undisclosed iOS zero-click vulnerability called HOMAGE used by NSO Group
-Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations. Family members were also infected in some cases
https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/
The Citizen Lab
CatalanGate
The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of…
👍9❤1
Windows 11 ToolBox noscript used to add the Google Play Store to the Android Subsystem has secretly infected users with malicious noscripts
https://www.bleepingcomputer.com/news/security/windows-11-tool-to-add-google-play-secretly-installed-malware/
https://www.bleepingcomputer.com/news/security/windows-11-tool-to-add-google-play-secretly-installed-malware/
BleepingComputer
Windows 11 tool to add Google Play secretly installed malware
A popular Windows 11 ToolBox noscript used to add the Google Play Store to the Android Subsystem has secretly infected users with malicious noscripts, Chrome extensions, and potentially other malware.
👍8🥰1
Forwarded from The Bug Bounty Hunter
Mobile MitM: Intercepting your Android App Traffic On the Go
https://www.eff.org/deeplinks/2022/04/mobile-mitm-intercepting-your-android-app-traffic-go
https://www.eff.org/deeplinks/2022/04/mobile-mitm-intercepting-your-android-app-traffic-go
Electronic Frontier Foundation
Mobile MitM: Intercepting Your Android App Traffic On the Go
In order to audit the privacy and security practices of the apps we use on a daily basis, we need to be able to inspect the network traffic they are sending. An app asking for permission to your
🔥4❤1
A Year in Review of 0-days Used In-the-Wild in 2021 by Google
In 2021 there were 7 #Android in-the-wild 0-days detected and disclosed:
- Qualcomm Adreno GPU driver (CVE-2020-11261, CVE-2021-1905, CVE-2021-1906)
- ARM Mali GPU driver (CVE-2021-28663, CVE-2021-28664)
- Upstream Linux kernel (CVE-2021-1048, CVE-2021-0920)
For the 5 total #iOS and macOS in-the-wild 0-days, they targeted 3 different attack surfaces:
- IOMobileFrameBuffer (CVE-2021-30807, CVE-2021-30883)
- XNU Kernel (CVE-2021-1782 & CVE-2021-30869)
- CoreGraphics (CVE-2021-30860)
- CommCenter (FORCEDENTRY sandbox escape - CVE requested, not yet assigned)
https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html
In 2021 there were 7 #Android in-the-wild 0-days detected and disclosed:
- Qualcomm Adreno GPU driver (CVE-2020-11261, CVE-2021-1905, CVE-2021-1906)
- ARM Mali GPU driver (CVE-2021-28663, CVE-2021-28664)
- Upstream Linux kernel (CVE-2021-1048, CVE-2021-0920)
For the 5 total #iOS and macOS in-the-wild 0-days, they targeted 3 different attack surfaces:
- IOMobileFrameBuffer (CVE-2021-30807, CVE-2021-30883)
- XNU Kernel (CVE-2021-1782 & CVE-2021-30869)
- CoreGraphics (CVE-2021-30860)
- CommCenter (FORCEDENTRY sandbox escape - CVE requested, not yet assigned)
https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html
Blogspot
The More You Know, The More You Know You Don’t Know
A Year in Review of 0-days Used In-the-Wild in 2021 Posted by Maddie Stone, Google Project Zero This is our third annual year in rev...
🔥7👍3❤1🥰1👏1
RCE vulnerability found in Qualcomm/MediaTek chips would allow attacker to gain control over a user's multimedia data, including streaming from a compromised machine's camera (CVE-2021-0674, CVE-2021-0675, CVE-2021-30351)
Exploitation: A threat actor could have sent a song (media file) and when played by a potential victim, it could have injected code in the privileged media service. The threat actor could have seen what the mobile phone user sees on their phone.
https://blog.checkpoint.com/2022/04/21/largest-mobile-chipset-manufacturers-used-vulnerable-audio-decoder-2-3-of-android-users-privacy-around-the-world-were-at-risk/
Exploitation: A threat actor could have sent a song (media file) and when played by a potential victim, it could have injected code in the privileged media service. The threat actor could have seen what the mobile phone user sees on their phone.
https://blog.checkpoint.com/2022/04/21/largest-mobile-chipset-manufacturers-used-vulnerable-audio-decoder-2-3-of-android-users-privacy-around-the-world-were-at-risk/
Check Point Blog
Vulnerabilities In The ALAC Format - Check Point Blog
Check Point Research discovered vulnerabilities in the ALAC format that could have led an attacker to remotely get access to its media and audio conversations
👍16👏2
Android Bianlian Botnet (AKA Hydra) Trying to Bypass Photo TAN Used for Mobile Banking
https://www.fortinet.com/blog/threat-research/android-bianlian-botnet-mobile-banking
https://www.fortinet.com/blog/threat-research/android-bianlian-botnet-mobile-banking
Fortinet Blog
Android/Bianlian Botnet Trying to Bypass Photo TAN Used for Mobile Banking
FortiGuard Labs has been closely investigating the Android BianLian botnet (also known as Hydra). Although it emerged in 2018, it is still alive in 2022. Our blog provides a brief analysis as well …
👍6
Google Play developers must declare what data their software collects from users of their app.
(Developers can begin declaring how collected data is used starting today, with the deadline to complete their submissions being July 20th, 2022) https://www.bleepingcomputer.com/news/security/google-play-store-now-forces-apps-to-disclose-what-data-is-collected/
(Developers can begin declaring how collected data is used starting today, with the deadline to complete their submissions being July 20th, 2022) https://www.bleepingcomputer.com/news/security/google-play-store-now-forces-apps-to-disclose-what-data-is-collected/
BleepingComputer
Google Play Store now forces apps to disclose what data is collected
Google is rolling out a new Data Safety section on the Play Store, Android's official app repository, where developers must declare what data their software collects from users of their apps.
👍27👎2❤1🤔1
PoC kernel r/w exploit for iOS 15.0 - 15.1.1 that was patched in iOS 15.2 (CVE-2021-30937) https://github.com/potmdehex/multicast_bytecopy
GitHub
GitHub - potmdehex/multicast_bytecopy: kernel r/w exploit for iOS 15.0 - 15.1.1
kernel r/w exploit for iOS 15.0 - 15.1.1. Contribute to potmdehex/multicast_bytecopy development by creating an account on GitHub.
👍5😁4
In 2021 Google blocked 1.2 million policy violating apps from being published on Google Play
- banned 190k malicious and spammy developer accounts in 2021
- closed around 500k developer accounts that are inactive or abandoned
https://security.googleblog.com/2022/04/how-we-fought-bad-apps-and-developers.html
- banned 190k malicious and spammy developer accounts in 2021
- closed around 500k developer accounts that are inactive or abandoned
https://security.googleblog.com/2022/04/how-we-fought-bad-apps-and-developers.html
Google Online Security Blog
How we fought bad apps and developers in 2021
Posted by Steve Kafka and Khawaja Shams, Android Security and Privacy Team Providing a safe experience to billions of users continues to ...
👍16
Reverse engineering and analysis of a Android fiscal printer
https://www.shielder.com/blog/2022/04/printing-fake-fiscal-receipts-an-italian-job-p.1/
https://www.shielder.com/blog/2022/04/printing-fake-fiscal-receipts-an-italian-job-p.1/
Shielder
Shielder - Printing Fake Fiscal Receipts - An Italian Job p.1
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
👏13👍3❤1🥰1
Android 13 adds a security feature that BLOCKS users from enabling accessibility services for apps they sideloaded outside of an app store. This is designed to combat banking trojans and spyware that misuse Accessibility APIs
https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
https://blog.esper.io/android-13-sideloading-restriction-harder-malware-abuse-accessibility-apis/
👍23
NetHunter Wi-Fi packet capturing on Android and Rubber Ducky running on smartwatches mobile combo
https://youtube.com/shorts/mepZZu78hSI
https://youtube.com/shorts/mepZZu78hSI
👍16👏1
Instagram Credentials Stealer: Disguised as Mod App
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealer-disguised-as-mod-app/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealer-disguised-as-mod-app/
McAfee Blog
Instagram credentials Stealer: Disguised as Mod App | McAfee Blog
Authored by Dexter Shin McAfee’s Mobile Research Team introduced a new Android malware targeting Instagram users who want to increase their followers or
Instagram Credentials Stealers: Free Followers or Free Likes
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealers-free-followers-or-free-likes/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealers-free-followers-or-free-likes/
McAfee Blog
Instagram credentials Stealers: Free Followers or Free Likes | McAfee Blog
Authored by Dexter Shin Instagram has become a platform with over a billion monthly active users. Many of Instagram's users are looking to increase their
🔥6😱1