XPin Clip - bruteforce forensics solution for PIN, password and pattern lock.
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
Works for: iOS Passcode 7.x.x, 8.0-8.1 & Android 4.x, 5.x, 6.x with OTG.
https://twitter.com/PiratePartyINT/status/1147978049498935296?s=19
Details: https://xpinclip.com/
X (formerly Twitter)
X
👍2
myMail – Android email client could launch any protected activity in MyMail app. #vulnerability
https://hackerone.com/reports/376618
https://hackerone.com/reports/376618
HackerOne
Mail.ru disclosed on HackerOne: Launch Any Activity in MyMail App
An exported activity in My.Com Mail application could be used to launch protected activities.
Fake copycat of popular app "ES File Explorer" found on Google Play with 10K+ installs
App is without any functionality and displays ads + requests 5 star rating.
Don't install it!
https://twitter.com/LukasStefanko/status/1148115343455469568
App is without any functionality and displays ads + requests 5 star rating.
Don't install it!
https://twitter.com/LukasStefanko/status/1148115343455469568
Twitter
Lukas Stefanko
Fake ES File Explorer with 10K+ installs found on Google Play App has no functionality and within 2 minutes displayed 9 fullscreen ads while "setting up" the app. To look trustworthy, it requests registration. Original ES File Explorer was removed from Play…
Trojan that drops + makes user install fake adware app Google Play discovered on Google Play
Fullscreen ads are displayed once user unlocks device on behalf of "Google Play" app.
https://twitter.com/0xabc0/status/1148147733485821953
Fullscreen ads are displayed once user unlocks device on behalf of "Google Play" app.
https://twitter.com/0xabc0/status/1148147733485821953
Twitter
Ahmet Bilal Can
#adware 1.000+ installs https://t.co/HnKx0fEOsR https://t.co/v5Mt1ZYFXV Drops app for ads. https://t.co/nQpNZ3AOBm Second app's name is "Google Play" and hides itself after launch.
Anubis Android Malware Returns with Over 17,000 Samples
https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/
https://blog.trendmicro.com/trendlabs-security-intelligence/anubis-android-malware-returns-with-over-17000-samples/
Trend Micro
Research, News, and Perspectives
Over 1,000 Android apps harvest data even after you deny permissions.
Apps used workarounds that would take personal data from sources like Wi-Fi connections and metadata stored in photos.
Fix won’t come until Android Q.
https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/
PDF: www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_serge_egelman.pdf
Apps used workarounds that would take personal data from sources like Wi-Fi connections and metadata stored in photos.
Fix won’t come until Android Q.
https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/
PDF: www.ftc.gov/system/files/documents/public_events/1415032/privacycon2019_serge_egelman.pdf
CNET
More than 1,000 Android apps harvest data even after you deny permissions
The apps gather information such as location, even after owners explicitly say no. Google says a fix won’t come until Android Q.
iOS 13 beta 3 available only for developers already exploited and got root shell #JailBreak
Exploit code is not released.
https://twitter.com/iBSparkes/status/1147830471440633858
Exploit code is not released.
https://twitter.com/iBSparkes/status/1147830471440633858
Twitter
sparkey
got shell btw
Android malware hidden inside VirtualApp sandbox. #chinese
http://blog.avlsec.com/2019/07/5393/virtualapp%e6%8a%80%e6%9c%af%e5%ba%94%e7%94%a8%e5%8f%8a%e5%ae%89%e5%85%a8%e5%88%86%e6%9e%90%e6%8a%a5%e5%91%8a/
http://blog.avlsec.com/2019/07/5393/virtualapp%e6%8a%80%e6%9c%af%e5%ba%94%e7%94%a8%e5%8f%8a%e5%ae%89%e5%85%a8%e5%88%86%e6%9e%90%e6%8a%a5%e5%91%8a/
Hackers exploit 7-Eleven mobile app's poorly designed password reset function to make unwanted charges on 900 customers' accounts.
https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
https://www.zdnet.com/article/7-eleven-japanese-customers-lose-500000-due-to-mobile-app-flaw/
ZDNet
7-Eleven Japanese customers lose $500,000 due to mobile app flaw
Hackers exploit 7-Eleven's poorly designed password reset function to make unwanted charges on 900 customers' accounts.
Australian Federal Police admits to spying on journalists
The authorities used a 2015 amendment to espionage legislation that forces telecommunications companies to keep phone and Internet records, as well as other metadata, of users for up to two years.
https://www.theguardian.com/australia-news/2019/jun/04/federal-police-raid-home-of-news-corp-journalist-annika-smethurst
The authorities used a 2015 amendment to espionage legislation that forces telecommunications companies to keep phone and Internet records, as well as other metadata, of users for up to two years.
https://www.theguardian.com/australia-news/2019/jun/04/federal-police-raid-home-of-news-corp-journalist-annika-smethurst
the Guardian
Federal police raid home of News Corp journalist Annika Smethurst
AFP officers execute search warrant over 2018 report about new powers for intelligence agencies to spy on Australians
Analysis of subnoscription scam iOS apps found on App Store.
These are apps that are free to download and then ask you to subscribe right on launch. https://ivrodriguez.com/investigating-some-subnoscription-scam-ios-apps/
These are apps that are free to download and then ask you to subscribe right on launch. https://ivrodriguez.com/investigating-some-subnoscription-scam-ios-apps/
Ivan R Blog
Investigating some subnoscription scam iOS apps
For some reason Apple allows "subnoscription scam" apps on the App Store. These are apps that are free to download and then ask you to subscribe right on launch. It's called the freemium business model, except these apps ask you to subscribe for "X" feature(s)…
Four Ways The Bad Guys Attack Mobile Devices
▪️Network based attacks
▪️Device exploits
▪️Phishing attacks
▪️Malicious apps
https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/
▪️Network based attacks
▪️Device exploits
▪️Phishing attacks
▪️Malicious apps
https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/
Zimperium
It’s Not Your Father’s Endpoint - Four Ways The Bad Guys Attack Mobile Devices - Zimperium
In our second blog, I discussed why a mobile device needs to be protected. Exactly what are we talking about here? What are the ways an attacker can hack
QCSuper: open-source tool that enables you to passively capture raw 2G/3G/4G frames by rooted Qualcomm-based Android phone or dongle
https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/
https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/
iOS13 beta 2 notifies user when apps report excessive location tracking
https://www.reddit.com/r/ios/comments/cb4769/ios_13_public_beta_2_notifies_when_apps_report/
https://www.reddit.com/r/ios/comments/cb4769/ios_13_public_beta_2_notifies_when_apps_report/
Reddit
From the ios community on Reddit: iOS 13 Public Beta 2 notifies when apps report excessive tracking. Idk if this is new or has…
Explore this post and more from the ios community
Towards Understanding Android System Vulnerabilities: Techniques and Insights
https://daoyuan14.github.io/slides/AsiaCCS19_slides_Daoyuan.pdf
https://daoyuan14.github.io/slides/AsiaCCS19_slides_Daoyuan.pdf
New FinFisher spy infects iOS (jailbreak) and Android devices.
FinFisher has been sold to governments all over the world. For iOS it doesn't use any exploit but manual installation is required.
Targets popular messaging apps.
https://securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/
FinFisher has been sold to governments all over the world. For iOS it doesn't use any exploit but manual installation is required.
Targets popular messaging apps.
https://securelist.com/new-finspy-ios-and-android-implants-revealed-itw/91685/
Securelist
New FinSpy iOS and Android implants revealed ITW
Since 2011 Kaspersky has continuously monitored the development of FinSpy and the emergence of new versions in the wild. According to our telemetry, several dozen unique mobile devices have been infected over the past year, with recent activity recorded in…
New Android malware replaces legitimate apps with ad-infested doppelgangers.
The vast majority of victims are located in India (15.2 million), Bangladesh (2.5 million), and Pakistan (1.7 million).
The Agent Smith malware uses the Janus technique to inject malicious code inside a legitimate app, but without affecting its MD5 file hash.
https://www.zdnet.com/article/new-android-malware-replaces-legitimate-apps-with-ad-infested-doppelgangers/
The vast majority of victims are located in India (15.2 million), Bangladesh (2.5 million), and Pakistan (1.7 million).
The Agent Smith malware uses the Janus technique to inject malicious code inside a legitimate app, but without affecting its MD5 file hash.
https://www.zdnet.com/article/new-android-malware-replaces-legitimate-apps-with-ad-infested-doppelgangers/
ZDNet
New Android malware replaces legitimate apps with ad-infested doppelgangers | ZDNet
New "Agent Smith" malware operation is preparing to invade the Google Play Store.
Analysis of Agent Smith: A New Species of Mobile Malware
https://research.checkpoint.com/agent-smith-a-new-species-of-mobile-malware/
https://research.checkpoint.com/agent-smith-a-new-species-of-mobile-malware/
Check Point Research
Agent Smith: A New Species of Mobile Malware - Check Point Research
Research by: Aviran Hazum, Feixiang He, Inbal Marom, Bogdan Melnykov, Andrey Polkovnichenko Check Point Researchers recently discovered a new variant of mobile malware that quietly infected around 25 million devices, while the user remains completely…
How to set up quick Android malware or bug bounty analysis lab1.0) Install Android 8.1 Oreo in Virtual Machine: https://techsviewer.com/install-android-in-virtual-machine-vmware-and-virtualbox
1.1) Android 8.1 in qemu and Burp Suite SSL interception: https://astr0baby.wordpress.com/2019/07/09/android-8-1-in-qemu-and-burp-suite-ssl-interception/
2) Set up SSL PINNING IN 10 MINUTES WITH FRIDA: https://omespino.com/tutorial-universal-android-ssl-pinning-in-10-minutes-with-frida/
3) Download apps or malware to test: https://koodous.com/apks
Techsviewer - Offering Simple Solutions for Tech Problems
Install Android 8.1 Oreo in Virtual Machine: VMware and VirtualBox
An Android virtual machine can be created using various virtualization software solutions available. There are many of them but only two have the very best features. These are VirtualBox and VMware. Their free versions are feature-laden while their paid versions…
The first Bluetooth hair straighteners can be easily hacked #IoT
As there is no pairing or bonding established over BLE when connecting a phone, anyone in range with the app can take control of the straighteners.
https://www.pentestpartners.com/security-blog/burning-down-the-house-with-iot/
As there is no pairing or bonding established over BLE when connecting a phone, anyone in range with the app can take control of the straighteners.
https://www.pentestpartners.com/security-blog/burning-down-the-house-with-iot/
Pentestpartners
Burning down the house with IoT | Pen Test Partners
For years we’ve been trying to set fire to ‘smart’ things by hacking them. We got some charring on the iKettle, but nothing more. Then we found some smart hair […]