“Watering Hole” is a cyber attack strategy in which the victim is a particular group (organization, industry, or region).
In this attack, the attacker typically observes which websites or apps the group uses and infects one or more of them with malware.
https://blog.zimperium.com/the-mobile-watering-hole-how-a-sip-leads-to-a-trojan-compromise/
In this attack, the attacker typically observes which websites or apps the group uses and infects one or more of them with malware.
https://blog.zimperium.com/the-mobile-watering-hole-how-a-sip-leads-to-a-trojan-compromise/
Zimperium Mobile Security Blog
How a Sip Leads to a Trojan Compromise | Mobile Watering Hole
The Watering Holes attack vector can be very effective. Once the application is on the device, we have shown how the espionage actions are easy to perform.
HiddenApp adware found again on Google Play with 100k+ installs
https://twitter.com/s_metanka/status/1146113662169563137?s=19
https://twitter.com/s_metanka/status/1146113662169563137?s=19
Twitter
smtnk
Icon-hiding #Android adware, 100,000+ installs https://t.co/GAsrSYEyhV @GooglePlay
Security of messaging apps
https://drive.google.com/file/d/1TkBq8Y8pBmNM-uBV3p5TyMF_ZAWVTyVY/view
https://drive.google.com/file/d/1TkBq8Y8pBmNM-uBV3p5TyMF_ZAWVTyVY/view
Google Docs
recon_slides_2019.pdf
Analysis of a new wave of Android malware family - BianLian
https://www.fortinet.com/blog/threat-research/new-wave-bianlian-malware.html
https://www.fortinet.com/blog/threat-research/new-wave-bianlian-malware.html
Fortinet Blog
BianLian: A New Wave Emerges
The FortiGuard Labs team has encountered a new version of the BianLian malware family with new functionalities and unseen techniques to hide its true functionality. Read more about this breaking th…
iMessage: malformed message bricks iPhone.
Vulnerability was fixed in the 12.3 update.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1826
Vulnerability was fixed in the 12.3 update.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1826
Seven HiddenApp Trojans with 550k+ installs found on Google Play
https://twitter.com/virqdroid/status/1146718450393473024
https://twitter.com/virqdroid/status/1146718450393473024
Twitter
Nikolaos Chrysaidos
Seven more adware applications in @GooglePlay - that are hiding the icon with 550k+ Installations. Similar to @s_metanka findings. @apklabio
Unpatched vulnerability in Firefox for Android
Opening an HTML or SVG attachment received via WhatsApp could allow remote attackers to steal files saved in your WhatsApp folder (other received files).
https://twitter.com/evaristegal0is/status/1146455296673538048
Opening an HTML or SVG attachment received via WhatsApp could allow remote attackers to steal files saved in your WhatsApp folder (other received files).
https://twitter.com/evaristegal0is/status/1146455296673538048
Twitter
If you use WhatsApp and Firefox (or Tor) on Android, do not open with Firefox the received HTML or SVG files via WhatsApp. An attacker can easily steal your documents sent via WhatsApp, saved in the directory "WhatsApp Documents/Sent". I hope the Mozilla…
4shared Android app triggers suspicious background activity generating fake clicks and subnoscriptions
https://www.upstreamsystems.com/secure-d-uncovers-4shared-android-app-triggers-suspicious-background-activity-generating-fake-clicks-subnoscriptions/
https://www.upstreamsystems.com/secure-d-uncovers-4shared-android-app-triggers-suspicious-background-activity-generating-fake-clicks-subnoscriptions/
Upstream
Secure-D uncovers 4shared Android app triggers suspicious background activity generating fake clicks and subnoscriptions - Upstream
Upstream’s security lab, Secure-D, has unveiled that 4shared, a popular file sharing and storage Android app hides suspicious background activity.
Android app with 10M+ installs requests $34.99 subnoscription for Samsung firmware updates. Every user can have them for free!
Payment is not via Google Play, but the app simply asks for credit card info.
https://medium.com/csis-techblog/updates-for-samsung-from-a-blog-to-an-android-advertisement-revenue-goldmine-of-10-000-000-166585e34ad0
Payment is not via Google Play, but the app simply asks for credit card info.
https://medium.com/csis-techblog/updates-for-samsung-from-a-blog-to-an-android-advertisement-revenue-goldmine-of-10-000-000-166585e34ad0
Medium
“Updates for Samsung” — from a blog to an Android advertisement revenue goldmine of 10,000,000+ users
The latest Android OS comes in countless varieties of vendor builds and versions. Are you aware of what else is countless about Android OS…
Debugging Samsung Android Kernel
Part 1: https://link.medium.com/bigUZPfr4X
Part 2: https://link.medium.com/sMzdJCpr4X
Part 3: https://link.medium.com/Eukm4Itr4X
Part 1: https://link.medium.com/bigUZPfr4X
Part 2: https://link.medium.com/sMzdJCpr4X
Part 3: https://link.medium.com/Eukm4Itr4X
MobileHunter Analysis using glorifiedgrep
This is a quick and short writeup about how the Python module glorifiedgrep can be used for fast analysis of android applications.
https://www.securisec.com/tools/python/mobile_hunter/
This is a quick and short writeup about how the Python module glorifiedgrep can be used for fast analysis of android applications.
https://www.securisec.com/tools/python/mobile_hunter/
All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
Hackers Online Club
Mobile Security Penetration Testing List 2024
Mobile Security Penetration Testing List for All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.
❤1
Coin Master game with 50M+ installs apparently tires to attract users back to the game with fake notifications.
https://www.reddit.com/r/assholedesign/comments/ca4g0o/this_app_gives_fake_notfications_saying_that_they/
https://www.reddit.com/r/assholedesign/comments/ca4g0o/this_app_gives_fake_notfications_saying_that_they/
❤1
Exploiting Same Origin Policy (SOP) bypass in iOS 12.3.1 for Safari.
Exploit code is not released yet.
https://twitter.com/itszn13/status/1147591372867821568
Exploit code is not released yet.
https://twitter.com/itszn13/status/1147591372867821568
Twitter
itszn
Decided to take @qwertyoruiopz's nday and write a full exploit for it. Here is a exploit for iOS 12.3.1 doing SOP bypass via arbitrary read/write
XPin Clip - bruteforce forensics solution for PIN, password and pattern lock.
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
X (formerly Twitter)
X
👍2