Pixel 6 Bootloader: Exploitation (part 3)
https://eshard.com/posts/pixel6_bootloader_3
https://eshard.com/posts/pixel6_bootloader_3
👍9
Forwarded from The Bug Bounty Hunter
CVE-2022-32929 - Bypass iOS backup's TCC protection
https://theevilbit.github.io/posts/cve-2022-32929/
https://theevilbit.github.io/posts/cve-2022-32929/
theevilbit blog
CVE-2022-32929 - Bypass iOS backup's TCC protection
Intro Link to heading Normally, when a users backup their iOS device, the backup is saved into ~/Library/Application Support/MobileSync/Backup directory. The MobileSync directory is properly protected by TCC, as the backup can contain photos, contact information…
👍21
IT threat evolution in Q3 2022. Mobile statistics
https://securelist.com/it-threat-evolution-in-q3-2022-mobile-statistics/107978/
https://securelist.com/it-threat-evolution-in-q3-2022-mobile-statistics/107978/
Securelist
IT threat evolution in Q3 2022. Mobile statistics
In Q3 2022, a total of 5,623,670 mobile malware, adware, and riskware attacks were blocked, and 438,035 malicious installation packages were detected.
👍10🔥2
Android Malware Analysis Workshop
SLIDES:
https://drive.google.com/file/d/1Y6SFYPuYdydabxE33MaZlKTxN-_Wron4/view
SLIDES:
https://drive.google.com/file/d/1Y6SFYPuYdydabxE33MaZlKTxN-_Wron4/view
👍22🔥7
Android users risk falling victim to fraudsters during online job searches
https://news.drweb.com/show/?i=14608&lng=en
https://news.drweb.com/show/?i=14608&lng=en
Dr.Web
Android users risk falling victim to fraudsters during online job searches
Doctor Web is alerting users to the emergence of malicious Android apps that attackers have disguised as job-search software. Through these applications, fraudsters can collect their victims’ personal information and steal money from them using deceptive…
👍10👎1🐳1🍌1
Android SharkBot Droppers Found on Google Play
https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/
https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs/
Bitdefender Labs
Android SharkBot Droppers on Google Play Underline Platform's Security Needs
A common theme we've noticed in the last few months consists of malicious apps distributed directly from the Google Play Store.
👍10😱3
Bahamut cybermercenary group targets Android users with fake VPN apps
https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/
https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/
WeLiveSecurity
Bahamut cybermercenary group targets Android users with fake VPN apps
ESET researchers uncover an active campaign where the Bahamut APT targets Android users via trojanized versions of two legitimate VPN apps.
👍8😱3
Vulnerability discovered in devices with a Mali GPU
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others)
https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html
Blogspot
Mind the Gap
By Ian Beer, Project Zero Note: The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but...
👍14🔥5
Discovered ongoing Android RAT campaign that uses FIFA World Cup in Qatar as a lure and already infected over 750 devices.
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
It spreads via Facebook page linking to a website distributing the RAT
https://twitter.com/ESETresearch/status/1596222232384401408
👍15
Forwarded from The Bug Bounty Hunter
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
https://kishorbalan.medium.com/its-all-about-android-ssl-pinning-bypass-and-intercepting-proxy-unaware-applications-91689c0763d8
Medium
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
Hola H3ckers,
👍32
This Malicious App on Google Play Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
https://thehackernews.com/2022/11/this-malicious-app-abused-hacked.html
👍13❤1
Fake Security App Found Abuses Japanese Payment System
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abuses-japanese-payment-system/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abuses-japanese-payment-system/
McAfee Blog
Fake Security App Found Abuses Japanese Payment System | McAfee Blog
Authored by SangRyol Ryu and Yukihiro Okutomi McAfee’s Mobile Research team recently analyzed new malware targeting mobile payment users in Japan. The
👍9
Schoolyard Bully Android Trojan Discovered On Google Play Steals Facebook Credentials
https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/
https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/
Zimperium
Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium
Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read…
👍11
Forwarded from The Bug Bounty Hunter
Huawei Security Hypervisor Vulnerability
https://blog.impalabs.com/2212_advisory_huawei-security-hypervisor.html
https://blog.impalabs.com/2212_advisory_huawei-security-hypervisor.html
Impalabs
Huawei Security Hypervisor Vulnerability
This advisory contains information about the following vulnerabilities:
- OOB Accesses Using the Logging System
- OOB Accesses Using the Logging System
👍9
Remote code vulnerabilities discovered in three applications that enable an Android device to be used as a remote keyboard and mouse for their computers
https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/
https://www.synopsys.com/blogs/software-security/cyrc-advisory-remote-code-execution-vulnerabilities-mouse-keyboard-apps/
Blackduck
CyRC Advisory: Mouse & Keyboard App Vulnerabilities | Black Duck Blog
Discover CyRC's advisory on remote code execution vulnerabilities in popular mouse and keyboard apps and understand their potential impact.
👍10😐6
October 2022 review of virus activity on mobile devices by Doctor Web
https://news.drweb.com/show/review/?lng=en&i=14617
https://news.drweb.com/show/review/?lng=en&i=14617
Dr.Web
Dr.Web — Doctor Web’s October 2022 review of virus activity on mobile devices
Find out on Doctor Web’s site about the latest virus threats and information security issues.
👍8❤2
Roots in the Past: General Mobile E-Tab4
https://erfur.github.io/2022/12/04/roots-in-the-past-1.html
https://erfur.github.io/2022/12/04/roots-in-the-past-1.html
👍10🥰4
An upsurge of new Android Banking Trojan “Zanubis”
https://labs.k7computing.com/index.php/an-upsurge-of-new-android-banking-trojan-zanubis/
https://labs.k7computing.com/index.php/an-upsurge-of-new-android-banking-trojan-zanubis/
K7 Labs
An upsurge of new Android Banking Trojan “Zanubis”
We came across the tweet of an Android malware sample, a banking trojan that mainly targets Peru banks by […]
👍15🔥2😱2❤1👎1🖕1
Android Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
https://www.threatfabric.com/blogs/zombinder-ermac-and-desktop-stealers.html
Threatfabric
Zombinder: new obfuscation service used by Ermac, now distributed next to desktop stealers
A new campaign is targeting Android & Windows with multiple Trojans using Zombinder: a thirdparty service to infect a legitimate app with malicious payload
👍13
Android app "Web Explorer – Fast Internet" with over 5m downloads leaked user browsing history
https://cybernews.com/security/android-app-leaked-user-browsing-history/
https://cybernews.com/security/android-app-leaked-user-browsing-history/
Cybernews
Android app with over 5m downloads leaked user browsing history
Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history.
👍15🤨1
Frida noscript to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
Gist
Frida noscript to bypass common methods of sslpining Android
Frida noscript to bypass common methods of sslpining Android - mixunpin.js
👍19😨2