Forwarded from The Bug Bounty Hunter
Meta iOS Hacking talk from BountyCon by @phwd_
https://docs.google.com/presentation/d/1PPsyLhTxMAk1IyIp6p5ls0dhnqm3xVQKb8rE9z-N548/
https://docs.google.com/presentation/d/1PPsyLhTxMAk1IyIp6p5ls0dhnqm3xVQKb8rE9z-N548/
Google Docs
Meta iOS Hunting
👍16❤2
Banking trojans disguised as shopping apps attack Malaysian Android users
https://news.drweb.com/show/?i=14585&lng=en
https://news.drweb.com/show/?i=14585&lng=en
Dr.Web
Banking trojans disguised as shopping apps attack Malaysian Android users
Doctor Web reports on the discovery of banking trojan apps that target Malaysian users. Malicious actors distribute them as mobile shopping apps. Unlike many other bankers, these not only have icons and basic store names, but also work just like such apps…
👍8
New Malicious Clicker found in apps installed by 20M+ users
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-malicious-clicker-found-in-apps-installed-by-20m-users/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-malicious-clicker-found-in-apps-installed-by-20m-users/
McAfee Blog
New Malicious Clicker found in apps installed by 20M+ users | McAfee Blog
Authored by SangRyol Ryu Cybercriminals are always after illegal advertising revenue. As we have previously reported, we have seen many mobile malwares
👍7
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware (APT-C-50)
https://www.welivesecurity.com/2022/10/20/domestic-kitten-campaign-spying-iranian-citizens-furball-malware/
https://www.welivesecurity.com/2022/10/20/domestic-kitten-campaign-spying-iranian-citizens-furball-malware/
WeLiveSecurity
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware
APT-C-50’s Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware posing as an Android translation app.
👍8🤔2
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
https://medium.com/s2wblog/unveil-the-evolution-of-kimsuky-targeting-android-devices-with-newly-discovered-mobile-malware-280dae5a650f
https://medium.com/s2wblog/unveil-the-evolution-of-kimsuky-targeting-android-devices-with-newly-discovered-mobile-malware-280dae5a650f
Medium
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware
Author: Sebin, Lee & Yeongjae, Shin | S2W TALON
👍8
SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri (CVE-2022-32946 - $7000 bounty)
"Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets."
https://rambo.codes/posts/2022-10-25-sirispy-ios-bug-allowed-apps-to-eavesdrop
"Any app with access to Bluetooth could record your conversations with Siri and audio from the iOS keyboard dictation feature when using AirPods or Beats headsets."
https://rambo.codes/posts/2022-10-25-sirispy-ios-bug-allowed-apps-to-eavesdrop
Rambo Codes
SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri | Rambo Codes
Gui Rambo writes about his coding and reverse engineering adventures.
👍11❤1
In Android Authority poll, 19.72% out of 3,300 voters stated their Android is rooted
https://www.androidauthority.com/android-phone-rooted-poll-results-3225345/
https://www.androidauthority.com/android-phone-rooted-poll-results-3225345/
Android Authority
We asked, you told us: Your Android phone definitely isn't rooted
There are many reasons to root your Android phone, but it turns out that most polled readers don't have a rooted daily driver.
👍6🥰3
🤡49👌8👍2
Analysis of ERMAC 2.0: Evades MFA to Steal Banking Credentials of Over 400 Android Apps
https://quointelligence.eu/2022/10/new-ermac-2-0/
https://quointelligence.eu/2022/10/new-ermac-2-0/
QuoIntelligence
ERMAC 2.0 Evades MFA to Steal Banking Credentials of Over 400 Android Apps
New ERMAC (2.0) Evades MFA to Steal Banking Credentials of Over 400 Android Apps, Android trojans continue to proliferate and evolve.
👍11👌4❤1
Malware wars: the attack of the droppers (Sharkbot, Vultur)
https://www.threatfabric.com/blogs/the-attack-of-the-droppers.html
https://www.threatfabric.com/blogs/the-attack-of-the-droppers.html
Threatfabric
Malware wars: the attack of the droppers
ThreatFabric’s analysts discovered multiple new droppers on Google Play Store distributing banking Trojans.
👍10🕊5
A TECHNICAL ANALYSIS OF PEGASUS FOR ANDROID – PART 3
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
👍8
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and launch an application
https://ssd-disclosure.com/ssd-advisory-galaxy-store-applications-installation-launching-without-user-interaction/
https://ssd-disclosure.com/ssd-advisory-galaxy-store-applications-installation-launching-without-user-interaction/
SSD Secure Disclosure
SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction - SSD Secure Disclosure
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing remote attackers to trigger a remote command execution in the phone.
👍18
Drinik Android Malware Returns With Advanced Capabilities Targeting Indian Taxpayers
https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
👍9🔥3
New SandStrike spyware infects Android devices via malicious VPN app
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
BleepingComputer
New SandStrike spyware infects Android devices via malicious VPN app
Threat actors are using a newly discovered spyware known as SandStrike and delivered via a malicious VPN application to target Persian-speaking Android users.
👍11😢3
Malware on the Google Play store leads to harmful phishing sites
https://www.malwarebytes.com/blog/news/2022/11/malware-on-the-google-play-store-leads-to-harmful-phishing-sites
https://www.malwarebytes.com/blog/news/2022/11/malware-on-the-google-play-store-leads-to-harmful-phishing-sites
Malwarebytes
Malware on the Google Play store leads to harmful phishing sites
A family of malicious apps from developer Mobile apps Group are on Google Play infected with HiddenAds.
👍17
Pixel 6 bootloader: Emulation, ROP (part 2)
https://eshard.com/posts/pixel6bootloader-2
https://eshard.com/posts/pixel6bootloader-2
👍10😁1
Analysis of SOVA Android Banking Trojan
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
👍11👎1
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
Blogspot
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
Posted by Maddie Stone, Project Zero Note : The three vulnerabilities discussed in this blog were all fixed in Samsung’s March 2021 re...
❤18👍4
Massive Phishing Campaigns Target India Banks’ Clients
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
Trend Micro
Massive Phishing Campaigns Target India Banks’ Clients
👍11
Vulnerability affecting seemingly all Google Pixel phones allows to bypass lock screen protection (Bounty: $70K, CVE-2022-20465)
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
bugs.xdavidhu.me
Accidental $70k Google Pixel Lock Screen Bypass
David Schütz's bug bounty writeups
👍21🤯7😐7