Forwarded from The Bug Bounty Hunter
XSS Blind Stored at Asset Domain Android Apps TikTok
https://aidilarf.medium.com/xss-blind-stored-at-asset-domain-android-apps-tiktok-ae2f4c2dbc07
https://aidilarf.medium.com/xss-blind-stored-at-asset-domain-android-apps-tiktok-ae2f4c2dbc07
Medium
XSS Blind Stored at Asset Domain Android Apps TikTok
Hi everyone
🤔6👍3👏3
Lookout Uncovers Android Spyware Deployed in Kazakhstan #Hermit
https://www.lookout.com/blog/hermit-spyware-discovery
https://www.lookout.com/blog/hermit-spyware-discovery
Lookout
Lookout Uncovers Hermit Spyware Deployed in Kazakhstan | Threat Intel
Lookout researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.
🔥13👍3
BRATA is evolving into an Advanced Persistent Threat
https://www.cleafy.com/cleafy-labs/brata-is-evolving-into-an-advanced-persistent-threat
https://www.cleafy.com/cleafy-labs/brata-is-evolving-into-an-advanced-persistent-threat
Cleafy
BRATA is evolving into an APT | Cleafy Labs
The mobile banking malware BRATA keeps evolving into an APT. Read here the new Technical Report, which explains in detail how it monitors banks' account and how to prevent it.
👍14
Android 101 (Android operating system and its internals)
https://secrary.com/android-reversing/android101/
https://secrary.com/android-reversing/android101/
👍13😁1
Tracking Android/Joker payloads with Medusa, static analysis (and patience)
https://cryptax.medium.com/tracking-android-joker-payloads-with-medusa-static-analysis-and-patience-672348b81ac2
https://cryptax.medium.com/tracking-android-joker-payloads-with-medusa-static-analysis-and-patience-672348b81ac2
Medium
Tracking Android/Joker payloads with Medusa, static analysis (and patience)
I am looking into a new sample of Android/Joker, reported on June 19, 2022 by @ReBensk:
👍20
Lab Setup for Android Pentesting on Android Emulator (M1 Macbook)
https://guptashubham.com/blog/lab-setup-for-android-pentesting-on-android-emulator-m1-macbook
https://guptashubham.com/blog/lab-setup-for-android-pentesting-on-android-emulator-m1-macbook
👍1
ARM 64 Assembly Series— Basic definitions and registers
https://valsamaras.medium.com/arm-64-assembly-series-basic-definitions-and-registers-ec8cc1334e40
https://valsamaras.medium.com/arm-64-assembly-series-basic-definitions-and-registers-ec8cc1334e40
Medium
ARM 64 Assembly Series— Basic definitions and registers
Main Definitions
👍18
Exploiting vulnerabilities in iOS Application
https://lonewolf-raj.medium.com/exploiting-vulnerabilities-in-ios-application-cf5718910c47
https://lonewolf-raj.medium.com/exploiting-vulnerabilities-in-ios-application-cf5718910c47
Medium
Exploiting vulnerabilities in iOS Application
Hello Everyone, Here I’m going to share one of my findings which I got while enumerating iOS application, below are my findings and the…
🤔10❤5💩5👍2
Spyware vendor targets users in Italy and Kazakhstan #Android #iOS #Hermit
https://blog.google/threat-analysis-group/italian-spyware-vendor-targets-users-in-italy-and-kazakhstan/
https://blog.google/threat-analysis-group/italian-spyware-vendor-targets-users-in-italy-and-kazakhstan/
Google
Spyware vendor targets users in Italy and Kazakhstan
Today, alongside Google’s Project Zero, we are detailing capabilities provided by RCS Labs, an Italian vendor that uses a combination of tactics, including atypical drive-by downloads as initial infection vectors to target mobile users on both iOS and Android.
👍14
Androscope is a collaborative Android malware encyclopedia
You can search for malware based on what they do, and if you are a reverse engineer you can contribute and add new entries to the encyclopedia. https://androscope.fortinet-cse.com/
You can search for malware based on what they do, and if you are a reverse engineer you can contribute and add new entries to the encyclopedia. https://androscope.fortinet-cse.com/
👍19
Revive: from spyware to Android banking trojan
https://www.cleafy.com/cleafy-labs/revive-from-spyware-to-android-banking-trojan
https://www.cleafy.com/cleafy-labs/revive-from-spyware-to-android-banking-trojan
Cleafy
Revive: from spyware to android banking trojan | Cleafy Labs
A new banking trojan targeting Europe has been discovered by Cleafy's Threat Intelligence Team. We dubbed it Revive and it is an evolution of simple spyware into a banking trojan, with the key capability of conducting Account Takeover attacks: here's the…
👍15
Flubot: the evolution of a notorious Android Banking Malware
https://blog.fox-it.com/2022/06/29/flubot-the-evolution-of-a-notorious-android-banking-malware/
https://blog.fox-it.com/2022/06/29/flubot-the-evolution-of-a-notorious-android-banking-malware/
Fox-IT International blog
Flubot: the evolution of a notorious Android Banking Malware
Authored by Alberto Segura (main author) and Rolf Govers (co-author) Summary Flubot is an Android based malware that has been distributed in the past 1.5 years inEurope, Asia and Oceania affecting …
👍19
AMAZON FIXED A VULNERABILITY OF BROKEN AUTHENTICATION IN AMAZON PHOTOS ANDROID APP
https://checkmarx.com/blog/amazon-confirmed-and-fixed-a-high-severity-vulnerability-of-broken-authentication-in-amazon-photos-android-app/
https://checkmarx.com/blog/amazon-confirmed-and-fixed-a-high-severity-vulnerability-of-broken-authentication-in-amazon-photos-android-app/
Checkmarx.com
Amazon Confirmed and Fixed a High Severity Vulnerability of Broken Authentication in Amazon Photos Android App
Our research team at Checkmarx found that the Amazon Photos Android app could have allowed a malicious application, installed on the user’s phone, to steal their Amazon access token. The Android app has over 50 million downloads.
👍21
Google patched security issues in Chrome for Android, one of the exploit exists in the wild (CVE-2022-2294, CVE-2022-2295)
https://chromereleases.googleblog.com/2022/07/chrome-for-android-update.html
https://chromereleases.googleblog.com/2022/07/chrome-for-android-update.html
Chrome Releases
Chrome for Android Update
Hi, everyone! We've just released Chrome 103 (103.0.5060.71) for Android: it'll become available on Google Play over the next few days. Th...
👍13
Toll fraud malware: How an Android application can drain your wallet
https://www.microsoft.com/security/blog/2022/06/30/toll-fraud-malware-how-an-android-application-can-drain-your-wallet/
https://www.microsoft.com/security/blog/2022/06/30/toll-fraud-malware-how-an-android-application-can-drain-your-wallet/
Microsoft News
Toll fraud malware: How an Android application can drain your wallet
Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.
👍11🤬1
Apple implemented "Lockdown Mode" in their devices from version 16 to protects users against spyware
"Hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware."
https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/
"Hardens device defenses and strictly limits certain functionalities, sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware."
https://www.apple.com/newsroom/2022/07/apple-expands-commitment-to-protect-users-from-mercenary-spyware/
Apple Newsroom
Apple expands commitment to protect users from mercenary spyware
Apple today detailed two initiatives to help protect users who may be personally targeted by sophisticated digital threats.
👍17
New malware detected on Google Play, 100.000+ users affected
https://blog.pradeo.com/pradeo-identifies-app-joker-malware-google-play
https://blog.pradeo.com/pradeo-identifies-app-joker-malware-google-play
Pradeo
New malware detected on Google Play, 100.000+ users affected
Joker is a malware that silently exfiltrates data and subscribes users to unwanted premium subnoscription. The malware was found in 24 apps on Google Play.
👍13🤔5💩3
Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains
https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html
https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html
Inversecos
Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains
👍15
Heap Overflows on iOS ARM64: Heap Grooming, Use-After-Free (Part 3)
https://www.inversecos.com/2022/07/heap-overflows-on-ios-arm64-heap.html
https://www.inversecos.com/2022/07/heap-overflows-on-ios-arm64-heap.html
Inversecos
Heap Overflows on iOS ARM64: Heap Spraying, Use-After-Free (Part 3)
👍9
Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006)
https://medium.com/maverislabs/lock-screen-bypass-exploit-of-android-devices-cve-2022-20006-604958fcee3a
https://medium.com/maverislabs/lock-screen-bypass-exploit-of-android-devices-cve-2022-20006-604958fcee3a
Medium
Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006)
Background on Lock Screen Bypass Exploits
👍37👎1👏1
Session On Android – An App Wrapped in Signal
https://thebinaryhick.blog/2022/07/14/session-on-android-an-app-wrapped-in-signal/
https://thebinaryhick.blog/2022/07/14/session-on-android-an-app-wrapped-in-signal/
The Binary Hick
Session On Android – An App Wrapped in Signal
NOTE: parts of this article describe steps by which the order of encryption methods are reversed to render encrypted data in clear-text. This was done in order to investigate the app being discusse…
👍8🔥6