GhostTouch: Targeted Attacks on Touchscreens without Physical Touch
The core idea is to take advantage of the electromagnetic signals to inject fake touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device
https://www.usenix.org/conference/usenixsecurity22/presentation/wang-kai
The core idea is to take advantage of the electromagnetic signals to inject fake touch events such as taps and swipes into targeted locations of the touchscreen with the goal of taking over remote control and manipulating the underlying device
https://www.usenix.org/conference/usenixsecurity22/presentation/wang-kai
👍11🔥4
Android apps with millions of downloads exposed to high-severity vulnerabilities
http://www.microsoft.com/security/blog/2022/05/27/android-apps-with-millions-of-downloads-exposed-to-high-severity-vulnerabilities/
http://www.microsoft.com/security/blog/2022/05/27/android-apps-with-millions-of-downloads-exposed-to-high-severity-vulnerabilities/
Microsoft News
Android apps with millions of downloads exposed to high-severity vulnerabilities
Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.
👍14
The Bridge between Web Applications and Mobile Platforms is Still Broken
https://minimalblue.com/data/papers/SECWEB22_broken_bridge.pdf
https://minimalblue.com/data/papers/SECWEB22_broken_bridge.pdf
👍5
Sophisticated RAT spying on Mobile Devices
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
https://blog.cyble.com/2022/05/26/new-malware-campaign-delivers-android-rat/
👍8
IoT malware EnemyBot: In case an Android device is connected through USB, or Android emulator running on the machine, EnemyBot will try to infect it by executing shell command
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
LevelBlue
Rapidly evolving IoT malware EnemyBot now targeting Content…
Executive summary LevelBlue Labs™ has been tracking a new IoT botnet dubbed “EnemyBot”, which is believed to be distributed by threat actor Keksec. During our investigations, LevelBlue Labs has discovered that EnemyBot is expanding its capabilities, exploiting…
👍13
A Deep Dive into iOS Code Signing
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
https://blog.umangis.me/a-deep-dive-into-ios-code-signing/
Umang's Blog
A Deep Dive into iOS Code Signing
Apple's code signing is a complex beast, consisting of several different
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
components, each serving its own unique purpose. When I first started working on
Meteorite
[https://www.reddit.com/r/jailbreak/comments/877y53/discussion_announcing_meteorite_an_opensource/]…
🔥7👍3
Takedown of SMS-based FluBot spyware infecting Android phones
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
Europol
Takedown of SMS-based FluBot spyware infecting Android phones | Europol
This technical achievement follows a complex investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity…
👍11
WhatsApp accounts hijacked by call forwarding
https://blog.malwarebytes.com/social-engineering/2022/06/whatsapp-accounts-hijacked-by-call-forwarding/
https://blog.malwarebytes.com/social-engineering/2022/06/whatsapp-accounts-hijacked-by-call-forwarding/
Malwarebytes
WhatsApp accounts hijacked by call forwarding
Threat actors are using a new method to take over WhatsApp accounts. The trick starts with tricking the victim into forwarding their calls
🔥8👍2😱2🥰1
Android spyware connected to SideWinder APT group has been distributed via Google Play
https://blog.group-ib.com/sidewinder-antibot
https://blog.group-ib.com/sidewinder-antibot
Group-IB
SideWinder.AntiBot.Script
Group-IB Threat Intelligence researchers have discovered a new malicious infrastructure and a custom tool of the APT group SideWinder. Check!
👍10🔥2
SMSFactory Android Trojan producing high costs for victims
https://blog.avast.com/smsfactory-android-trojan
https://blog.avast.com/smsfactory-android-trojan
Avast
SMSFactory Android Trojan producing high costs for victims
Avast protected more than 165,000 people across the globe from TrojanSMS malware SMSFactory within a year.
🔥7
Malicious App spread through Phishing and Google Play and Huawei's AppGallery App Store
https://www.d3lab.net/malicious-app-spread-through-italian-phishing-and-official-app-store/
https://www.d3lab.net/malicious-app-spread-through-italian-phishing-and-official-app-store/
D3Lab
🇬🇧 Malicious App spread through Italian Phishing and official App Store
Since the end of 2019 there has been a change in bank phishing campaigns against Italian users who have introduced the combined use in a massive manner of methods until then used exclusively for targeted attacks, such as:
Vishing (telephone phishing);Smishing…
Vishing (telephone phishing);Smishing…
🔥6
Mobile Banking Heists: The Emerging Threats and How to Respond
https://storage.pardot.com/66612/1654181473nzPs3Zrz/Zimperium_Mobile_Bank_Heists_Report_0622.pdf
https://storage.pardot.com/66612/1654181473nzPs3Zrz/Zimperium_Mobile_Bank_Heists_Report_0622.pdf
🔥4❤1👍1
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks (CVE-2022-20210)
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
Check Point Research
Vulnerability within the UNISOC baseband opens mobile phones communications to remote hacker attacks - Check Point Research
Introduction Do you remember push-button telephones? Many of them were based on chips from Spreadtrum Communications Inc., a Chinese chip manufacturer founded in 2001. In 2011, over half of all phones in China were powered by Spreadtrum chips. In 2018, Spreadtrum…
👍7
Mobile forensic & network analysis
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting Android, iOS and IoT devices
https://piroguetoolsuite.github.io/
PiRogue tool suite (PTS) is an open-source tool suite that provides a comprehensive mobile forensic and network traffic analysis platform targeting Android, iOS and IoT devices
https://piroguetoolsuite.github.io/
PiRogue Tool Suite
Mobile forensic & digital investigation
PiRogue tool suite (PTS) provides a platform combining analysis tools, knowledge management, incident response management and artifact management, which allows NGOs with limited resources to equip themselves at a low cost. The project consists of an open…
🔥5👍2
New “Developer Mode” in iOS 16!
In order to install self-signed apps into your iOS device, you can now enable developer mode
https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device
In order to install self-signed apps into your iOS device, you can now enable developer mode
https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device
🔥3
Apple blocked 1.6 million risky and untrustworthy apps and app updates in 2021
- over 835,000 problematic new apps, and an additional 805,000 app updates
- more than 34,500 apps were rejected for containing hidden or undocumented features
- 157,000 apps were rejected because they were found to be spam, copycats, or misleading to users, such as manipulating them into making a purchase
- over 343,000 apps for requesting more user data than necessary or mishandling data they already collected
https://www.apple.com/newsroom/2022/06/app-store-stopped-nearly-one-point-five-billion-in-fraudulent-transactions-in-2021/
- over 835,000 problematic new apps, and an additional 805,000 app updates
- more than 34,500 apps were rejected for containing hidden or undocumented features
- 157,000 apps were rejected because they were found to be spam, copycats, or misleading to users, such as manipulating them into making a purchase
- over 343,000 apps for requesting more user data than necessary or mishandling data they already collected
https://www.apple.com/newsroom/2022/06/app-store-stopped-nearly-one-point-five-billion-in-fraudulent-transactions-in-2021/
Apple Newsroom
App Store stopped nearly $1.5 billion in fraudulent transactions in 2021
App Store prevented over 1.6 million risky and untrustworthy apps and app updates from defrauding users throughout the year.
👍14🥰2
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
https://www.inversecos.com/2022/06/how-to-reverse-engineer-and-patch-ios.html
https://www.inversecos.com/2022/06/how-to-reverse-engineer-and-patch-ios.html
Inversecos
How to Reverse Engineer and Patch an iOS Application for Beginners: Part I
👍17❤1🥰1
Instagram credentials Stealers: Free Followers or Free Likes https://www.mcafee.com/blogs/other-blogs/mcafee-labs/instagram-credentials-stealers-free-followers-or-free-likes/
McAfee Blog
Instagram credentials Stealers: Free Followers or Free Likes | McAfee Blog
Authored by Dexter Shin Instagram has become a platform with over a billion monthly active users. Many of Instagram's users are looking to increase their
👍6🔥1
Android Malware Analysis 4: Spyware
https://www.purpl3f0xsecur1ty.tech/2022/06/02/OceanLotus_backdoor.html
https://www.purpl3f0xsecur1ty.tech/2022/06/02/OceanLotus_backdoor.html
Purpl3 F0x Secur1ty
Real-world Android Malware Analysis 4: thisisme.thisapp.inspxctor
Intro In previous blog posts, I’ve covered a couple of phishing apps that were pretty simple to reverse engineer because they weren’t very complex or heavily obfuscated. Today, we’re going to look at a backdoor with spyware capabilities that is also fairly…
👍5