New version of Android banking trojan ERMAC 2.0 is available on the underground market and already has an active campaign https://blog.cyble.com/2022/05/25/ermac-back-in-action/
Cyble
ERMAC Malware Back In Action: New Threats And Attack Methods
ERMAC malware is back with improved capabilities, targeting Android devices with enhanced threat techniques. Learn about its actions, impact, and how to defend against this evolving mobile malware
🔥7👍6
Notification implicit PendingIntent in Android NextCloud app allows to access contacts (CVE-2022-24886) https://hackerone.com/reports/1161401
HackerOne
Nextcloud disclosed on HackerOne: Notification implicit...
Advisory at https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5cj3-v98r-2wmq
👍5
Mobile threat evolution in Q1 2022 by Kaspersky
https://securelist.com/it-threat-evolution-in-q1-2022-mobile-statistics/106589/
https://securelist.com/it-threat-evolution-in-q1-2022-mobile-statistics/106589/
Securelist
IT threat evolution in Q1 2022. Mobile statistics
According to Kaspersky Security Network, in Q1 2022 516,617 mobile malware installation packages were detected, of which 53,947 packages were related to mobile banking trojans, and 1,942 packages were mobile ransomware trojans.
👍2
GhostTouch: Targeted Attacks on Touchscreens without Physical Touch
The core idea is to take advantage of the electromagnetic signals to inject fake touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device
https://www.usenix.org/conference/usenixsecurity22/presentation/wang-kai
The core idea is to take advantage of the electromagnetic signals to inject fake touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device
https://www.usenix.org/conference/usenixsecurity22/presentation/wang-kai
👍11🔥4
Android apps with millions of downloads exposed to high-severity vulnerabilities
http://www.microsoft.com/security/blog/2022/05/27/android-apps-with-millions-of-downloads-exposed-to-high-severity-vulnerabilities/
http://www.microsoft.com/security/blog/2022/05/27/android-apps-with-millions-of-downloads-exposed-to-high-severity-vulnerabilities/
Microsoft News
Android apps with millions of downloads exposed to high-severity vulnerabilities
Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.
👍14
The Bridge between Web Applications and Mobile Platforms is Still Broken
https://minimalblue.com/data/papers/SECWEB22_broken_bridge.pdf
https://minimalblue.com/data/papers/SECWEB22_broken_bridge.pdf
👍5
Sophisticated RAT spying on Mobile Devices
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
👍8
IoT malware EnemyBot: In case an Android device is connected through USB, or Android emulator running on the machine, EnemyBot will try to infect it by executing shell command
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
LevelBlue
Rapidly evolving IoT malware EnemyBot now targeting Content…
Executive summary LevelBlue Labs™ has been tracking a new IoT botnet dubbed “EnemyBot”, which is believed to be distributed by threat actor Keksec. During our investigations, LevelBlue Labs has discovered that EnemyBot is expanding its capabilities, exploiting…
👍13
A Deep Dive into iOS Code Signing
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
Umang's Blog
A Deep Dive into iOS Code Signing
Apple's code signing is a complex beast, consisting of several different
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
🔥7👍3
Takedown of SMS-based FluBot spyware infecting Android phones
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
Europol
Takedown of SMS-based FluBot spyware infecting Android phones | Europol
This technical achievement follows a complex investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity…
👍11
WhatsApp accounts hijacked by call forwarding
https://blog.malwarebytes.com/social-engineering/2022/06/whatsapp-accounts-hijacked-by-call-forwarding/
https://blog.malwarebytes.com/social-engineering/2022/06/whatsapp-accounts-hijacked-by-call-forwarding/
Malwarebytes
WhatsApp accounts hijacked by call forwarding
Threat actors are using a new method to take over WhatsApp accounts. The trick starts with tricking the victim into forwarding their calls
🔥8👍2😱2🥰1
Android spyware connected to SideWinder APT group has been distributed via Google Play
https://blog.group-ib.com/sidewinder-antibot
https://blog.group-ib.com/sidewinder-antibot
Group-IB
SideWinder.AntiBot.Script
Group-IB Threat Intelligence researchers have discovered a new malicious infrastructure and a custom tool of the APT group SideWinder. Check!
👍10🔥2
SMSFactory Android Trojan producing high costs for victims
https://blog.avast.com/smsfactory-android-trojan
https://blog.avast.com/smsfactory-android-trojan
Avast
SMSFactory Android Trojan producing high costs for victims
Avast protected more than 165,000 people across the globe from TrojanSMS malware SMSFactory within a year.
🔥7
Malicious App spread through Phishing and Google Play and Huawei's AppGallery App Store
https://www.d3lab.net/malicious-app-spread-through-italian-phishing-and-official-app-store/
https://www.d3lab.net/malicious-app-spread-through-italian-phishing-and-official-app-store/
D3Lab
🇬🇧 Malicious App spread through Italian Phishing and official App Store
Since the end of 2019 there has been a change in bank phishing campaigns against Italian users who have introduced the combined use in a massive manner of methods until then used exclusively for targeted attacks, such as:
Vishing (telephone phishing);Smishing…
Vishing (telephone phishing);Smishing…
🔥6
Mobile Banking Heists: The Emerging Threats and How to Respond
https://storage.pardot.com/66612/1654181473nzPs3Zrz/Zimperium_Mobile_Bank_Heists_Report_0622.pdf
https://storage.pardot.com/66612/1654181473nzPs3Zrz/Zimperium_Mobile_Bank_Heists_Report_0622.pdf
🔥4❤1👍1
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks (CVE-2022-20210)
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
Check Point Research
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks - Check Point Research
Introduction Do you remember push-button telephones? Many of them were based on chips from Spreadtrum Communications Inc., a Chinese chip manufacturer founded in 2001. In 2011, over half of all phones in China were powered by Spreadtrum chips. In 2018, Spreadtrum…
👍7
Mobile forensic & network analysis
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting Android, iOS and IoT devices
https://piroguetoolsuite.github.io/
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting Android, iOS and IoT devices
https://piroguetoolsuite.github.io/
PiRogue Tool Suite
Mobile forensic & digital investigation
PiRogue tool suite (PTS) provides a platform combining analysis tools, knowledge management, incident response management and artifact management, which allows NGOs with limited resources to equip themselves at a low cost. The project consists of an open…
🔥5👍2
New “Developer Mode” in iOS 16!
In order to install self-signed apps into your iOS device, you can now enable developer mode
https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device
In order to install self-signed apps into your iOS device, you can now enable developer mode
https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device
🔥3
Apple blocked 1.6 million risky and untrustworthy apps and app updates in 2021
- over 835,000 problematic new apps, and an additional 805,000 app updates
- more than 34,500 apps were rejected for containing hidden or undocumented features
- 157,000 apps were rejected because they were found to be spam, copycats, or misleading to users, such as manipulating them into making a purchase
- over 343,000 apps for requesting more user data than necessary or mishandling data they already collected
https://www.apple.com/newsroom/2022/06/app-store-stopped-nearly-one-point-five-billion-in-fraudulent-transactions-in-2021/
- over 835,000 problematic new apps, and an additional 805,000 app updates
- more than 34,500 apps were rejected for containing hidden or undocumented features
- 157,000 apps were rejected because they were found to be spam, copycats, or misleading to users, such as manipulating them into making a purchase
- over 343,000 apps for requesting more user data than necessary or mishandling data they already collected
https://www.apple.com/newsroom/2022/06/app-store-stopped-nearly-one-point-five-billion-in-fraudulent-transactions-in-2021/
Apple Newsroom
App Store stopped nearly $1.5 billion in fraudulent transactions in 2021
App Store prevented over 1.6 million risky and untrustworthy apps and app updates from defrauding users throughout the year.
👍14🥰2