🤡49👌8👍2
Analysis of ERMAC 2.0: Evades MFA to Steal Banking Credentials of Over 400 Android Apps
https://quointelligence.eu/2022/10/new-ermac-2-0/
https://quointelligence.eu/2022/10/new-ermac-2-0/
QuoIntelligence
ERMAC 2.0 Evades MFA to Steal Banking Credentials of Over 400 Android Apps
New ERMAC (2.0) Evades MFA to Steal Banking Credentials of Over 400 Android Apps, Android trojans continue to proliferate and evolve.
👍11👌4❤1
Malware wars: the attack of the droppers (Sharkbot, Vultur)
https://www.threatfabric.com/blogs/the-attack-of-the-droppers.html
https://www.threatfabric.com/blogs/the-attack-of-the-droppers.html
Threatfabric
Malware wars: the attack of the droppers
ThreatFabric’s analysts discovered multiple new droppers on Google Play Store distributing banking Trojans.
👍10🕊5
A TECHNICAL ANALYSIS OF PEGASUS FOR ANDROID – PART 3
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-3/
👍8
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and launch an application
https://ssd-disclosure.com/ssd-advisory-galaxy-store-applications-installation-launching-without-user-interaction/
https://ssd-disclosure.com/ssd-advisory-galaxy-store-applications-installation-launching-without-user-interaction/
SSD Secure Disclosure
SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction - SSD Secure Disclosure
A vulnerability in the Galaxy Store allows attackers through an XSS to cause the store to install and/or launch an application, allowing remote attackers to trigger a remote command execution in the phone.
👍18
Drinik Android Malware Returns With Advanced Capabilities Targeting Indian Taxpayers
https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
https://blog.cyble.com/2022/10/27/drinik-malware-returns-with-advanced-capabilities-targeting-indian-taxpayers/
👍9🔥3
New SandStrike spyware infects Android devices via malicious VPN app
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
BleepingComputer
New SandStrike spyware infects Android devices via malicious VPN app
Threat actors are using a newly discovered spyware known as SandStrike and delivered via a malicious VPN application to target Persian-speaking Android users.
👍11😢3
Malware on the Google Play store leads to harmful phishing sites
https://www.malwarebytes.com/blog/news/2022/11/malware-on-the-google-play-store-leads-to-harmful-phishing-sites
https://www.malwarebytes.com/blog/news/2022/11/malware-on-the-google-play-store-leads-to-harmful-phishing-sites
Malwarebytes
Malware on the Google Play store leads to harmful phishing sites
A family of malicious apps from developer Mobile apps Group are on Google Play infected with HiddenAds.
👍17
Pixel 6 bootloader: Emulation, ROP (part 2)
https://eshard.com/posts/pixel6bootloader-2
https://eshard.com/posts/pixel6bootloader-2
👍10😁1
Analysis of SOVA Android Banking Trojan
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
https://kratikal.com/blog/sova-a-new-android-banking-trojan/
👍11👎1
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
Blogspot
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
Posted by Maddie Stone, Project Zero Note : The three vulnerabilities discussed in this blog were all fixed in Samsung’s March 2021 re...
❤18👍4
Massive Phishing Campaigns Target India Banks’ Clients
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
https://www.trendmicro.com/en_us/research/22/k/massive-phishing-campaigns-target-india-banks-clients.html
Trend Micro
Massive Phishing Campaigns Target India Banks’ Clients
👍11
Vulnerability affecting seemingly all Google Pixel phones allows to bypass lock screen protection (Bounty: $70K, CVE-2022-20465)
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
bugs.xdavidhu.me
Accidental $70k Google Pixel Lock Screen Bypass
David Schütz's bug bounty writeups
👍21🤯7😐7
Lookout Discovers Long-running Surveillance Campaigns Targeting Uyghurs
https://www.lookout.com/blog/uyghur-surveillance-campaign-badbazaar-moonshine
https://www.lookout.com/blog/uyghur-surveillance-campaign-badbazaar-moonshine
Lookout
Lookout Discovers Surveillance Campaigns Targeting Uyghurs | Threat Intel
Researchers from Lookout have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.
😐8👍4😢4🌭1
Discovering vendor-specific vulnerabilities in Android
https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/
https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/
News, Techniques & Guides
Discovering vendor-specific vulnerabilities in Android
For several years, Oversecured has been the best way to discover vulnerabilities in Android and iOS mobile apps.
👍13
Appshark - static analysis platform to scan vulnerabilities in an Android app
https://github.com/bytedance/appshark
https://github.com/bytedance/appshark
GitHub
GitHub - bytedance/appshark: Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. - bytedance/appshark
👍16
Can you exploit the app? New Android uncrackable challenge
https://github.com/Ch0pin/uncrackable
https://github.com/Ch0pin/uncrackable
GitHub
GitHub - Ch0pin/uncrackable: A list of bizarre crackmes
A list of bizarre crackmes. Contribute to Ch0pin/uncrackable development by creating an account on GitHub.
👍12
Xenomorph Android banking malware found on Google Play with over 1,000 installs
https://www.zscaler.com/blogs/security-research/rise-banking-trojan-dropper-google-play-0
https://www.zscaler.com/blogs/security-research/rise-banking-trojan-dropper-google-play-0
Zscaler
Rise of Banking Trojan Dropper in Google Play | Zscaler
The Zscaler ThreatLabz team has recently discovered the Xenomorph banking trojan embedded in a Lifestyle app in the Google Play store. Read more.
👍8🤯1
Phishing Campaign Targeting Indonesian BRI Bank Using SMS Stealer
https://blog.cyble.com/2022/11/15/phishing-campaign-targeting-indonesian-bri-bank-using-sms-stealer
https://blog.cyble.com/2022/11/15/phishing-campaign-targeting-indonesian-bri-bank-using-sms-stealer
Cyble
SMS Stealer Phishing Campaign Hits Indonesia's BRI Bank
Cyble Research & Intelligence Labs analyzes an active phishing campaign targeting Indonesian BRI bank using Android SMS Stealer.
👍13😱1
Pixel 6 Bootloader: Exploitation (part 3)
https://eshard.com/posts/pixel6_bootloader_3
https://eshard.com/posts/pixel6_bootloader_3
👍9
Forwarded from The Bug Bounty Hunter
CVE-2022-32929 - Bypass iOS backup's TCC protection
https://theevilbit.github.io/posts/cve-2022-32929/
https://theevilbit.github.io/posts/cve-2022-32929/
theevilbit blog
CVE-2022-32929 - Bypass iOS backup's TCC protection
Intro Link to heading Normally, when a users backup their iOS device, the backup is saved into ~/Library/Application Support/MobileSync/Backup directory. The MobileSync directory is properly protected by TCC, as the backup can contain photos, contact information…
👍21