Pwn2Own 2023 hacking contest resulted in hacking Samsung Galaxy S23 twice, Xiaomi's 13 Pro smartphone, as well as printers, smart speakers, Network Attached Storage (NAS) devices, and surveillance cameras from Western Digital, QNAP, Synology, Canon, Lexmark, and Sonos
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s23-hacked-twice-on-first-day-of-pwn2own-toronto/
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s23-hacked-twice-on-first-day-of-pwn2own-toronto/
BleepingComputer
Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto
Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada.
❤10🔥2👍1👏1🤣1
Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
https://unit42.paloaltonetworks.com/hooking-framework-in-sandbox-to-analyze-android-apk/
https://unit42.paloaltonetworks.com/hooking-framework-in-sandbox-to-analyze-android-apk/
Unit 42
Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
We employ static and dynamic analysis to dissect two case studies using obfuscation in Android malware: a Cerberus banking trojan and HiddenAd adware.
👍13🤔3🔥1
Forwarded from The Bug Bounty Hunter
Bypass Android Applications Debug and Root Detection via debugger.
https://medium.com/@shubhamsonani/hacking-with-precision-bypass-techniques-via-debugger-in-android-apps-27fd562b2cc0
https://medium.com/@shubhamsonani/hacking-with-precision-bypass-techniques-via-debugger-in-android-apps-27fd562b2cc0
Medium
Bypass Android Applications Debug and Root Detection via debugger.
Hi Everyone,
🔥9👍4❤2🥱1
Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I
https://devco.re/blog/2023/10/05/your-printer-is-not-your-printer-hacking-printers-pwn2own-part1-en/
https://devco.re/blog/2023/10/05/your-printer-is-not-your-printer-hacking-printers-pwn2own-part1-en/
DEVCORE 戴夫寇爾
Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I | DEVCORE 戴夫寇爾
In 2021, we found Pre-auth RCE vulnerabilities(CVE-2022-24673 and CVE-2022-3942) in Canon and HP printers, and vulnerability(CVE-2021-44734) in Lexmark. We used these vulnerabilities to exploit Canon ImageCLASS MF644Cdw, HP Color LaserJet Pro MFP M283fdw…
🤔6👍4
Discovered XMPP (Jabber) instant messaging protocol encrypted TLS connection wiretapping (Man-in-the-Middle attack) of jabber.ru (aka xmpp.ru) service’s servers on Hetzner and Linode hosting providers in Germany
https://notes.valdikss.org.ru/jabber.ru-mitm/
https://notes.valdikss.org.ru/jabber.ru-mitm/
👍8❤2👏1
Android adware discovered on Google Play with over 2,000,000 installs
https://news.drweb.com/show/review/?lng=en&i=14767
https://news.drweb.com/show/review/?lng=en&i=14767
Drweb
Dr.Web — Doctor Web’s September 2023 review of virus activity on mobile devices
In early September, Doctor Web <a href=
❤7😁1😱1
How to get Wi-Fi password via WPS Button attack using NetHunter
https://www.mobile-hacker.com/2023/10/31/nethunter-hacker-x-wps-attacks/
https://www.mobile-hacker.com/2023/10/31/nethunter-hacker-x-wps-attacks/
Mobile Hacker
NetHunter Hacker X: WPS attacks Mobile Hacker
Ever wanted to hack your Wi-Fi network, but your internal adapter doesn’t support monitor mode and you don’t have external adapter? Without switching your Wi-Fi adapter in to monitor mode, WPS attacks allows you to perform various attacks on wireless access…
👍12🔥2🤔1
Arid Viper (APT-C-23) disguising mobile spyware as updates for non-malicious Android applications
https://blog.talosintelligence.com/arid-viper-mobile-spyware/
https://blog.talosintelligence.com/arid-viper-mobile-spyware/
Cisco Talos Blog
Arid Viper disguising mobile spyware as updates for non-malicious Android applications
Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users.
👍9
Car Hacking using Flipper Zero and HackRF
Both blogs present in depth research and testing of common methods of hacking fixed-code and rolling codes of radio frequency locks using replay attacks, brute-force, signal jamming, RollJAM, Rolling-PWN and Keeloq Decryption
part1: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking.html
part2: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking_31.html
Both blogs present in depth research and testing of common methods of hacking fixed-code and rolling codes of radio frequency locks using replay attacks, brute-force, signal jamming, RollJAM, Rolling-PWN and Keeloq Decryption
part1: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking.html
part2: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking_31.html
👍15
Mobile Malware Analysis Part 3 – Pegasus
https://8ksec.io/mobile-malware-analysis-part-3-pegasus/
https://8ksec.io/mobile-malware-analysis-part-3-pegasus/
👍16👎1
Media is too big
VIEW IN TELEGRAM
Bluetooth LE spam attack is now ported to dedicated Android app to push notifications for Android and Windows
For Android, is can advertise over 170 devices
https://github.com/simondankelmann/Bluetooth-LE-Spam
For Android, is can advertise over 170 devices
https://github.com/simondankelmann/Bluetooth-LE-Spam
👍24🔥6❤3🤔3🥰1👏1😱1
WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users
https://securelist.com/spyware-whatsapp-mod/110984/
https://securelist.com/spyware-whatsapp-mod/110984/
Securelist
Analysis of a spy module inside a WhatsApp mod
A WhatsApp mod with a built-in spy module has been spreading through Arabic and Azeri Telegram channels since August 2023.
👍12👏4
Vulnerability (CVE-2023-36620) in Boomerang Parental Control Android app (100,000+ installs) allowed an attacker with physical access to device to take over admin control panel and spy on a kid
https://seclists.org/fulldisclosure/2023/Jul/12
https://seclists.org/fulldisclosure/2023/Jul/12
seclists.org
Full Disclosure: SEC Consult SA-20230628-0 :: Stored XSS & Privilege Escalation in Boomerang Parental Control App
👍13❤2
A curated list of modern Android exploitation conference talks
https://github.com/actuator/Android-Security-Exploits-YouTube-Curriculum
https://github.com/actuator/Android-Security-Exploits-YouTube-Curriculum
GitHub
GitHub - actuator/Android-Security-Exploits-YouTube-Curriculum: 🔓A Curated List Of Modern Android Exploitation Conference Talks.
🔓A Curated List Of Modern Android Exploitation Conference Talks. - actuator/Android-Security-Exploits-YouTube-Curriculum
👍16❤1
Bypassing Android 13 Restrictions with SecuriDropper
https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions
https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions
ThreatFabric
Bypassing Android 13 Restrictions with SecuriDropper
ThreatFabric discovers new droppers that drop Spyware and Banker malware variants Bypassing Android 13 restrictions.
👍9😱3
Usage of ispw, the Swiss Army Knife for iOS/MacOS security research
https://8ksec.io/ipsw-walkthrough-part-1-the-swiss-army-knife-for-ios-macos-security-research/
https://8ksec.io/ipsw-walkthrough-part-1-the-swiss-army-knife-for-ios-macos-security-research/
👍5👏1
Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices
https://www.sentinelone.com/labs/arid-viper-apts-nest-of-spyc23-malware-continues-to-target-android-devices/
https://www.sentinelone.com/labs/arid-viper-apts-nest-of-spyc23-malware-continues-to-target-android-devices/
SentinelOne
Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices
Hamas-aligned threat actor delivers spyware through weaponized apps posing as Telegram or Skipped messenger.
👍6🤔1
Pandora's box is now open: the well-known Mirai trojan arrives in a new disguise to Android-based TV sets and TV boxes (Tanix TX6 TV Box, MX10 Pro 6K, H96 MAX X3 and others)
https://news.drweb.com/show/?lng=en&i=14743https://news.drweb.com/show/?lng=en&i=14743
https://news.drweb.com/show/?lng=en&i=14743https://news.drweb.com/show/?lng=en&i=14743
Dr.Web
Dr.Web — innovative anti-virus technologies. Comprehensive protection from Internet threats.
Doctor Web is a Russian IT-security solutions vendor developing Dr.Web anti-virus for businesses and personal use, as well as anti-virus as a service since 1992.
👍4❤1😱1
Video tutorial on how to install rootless Kali NetHunter in 8 minutes on Android 13 and Android 14
https://www.youtube.com/watch?v=GmfM8VCAu-I
https://www.youtube.com/watch?v=GmfM8VCAu-I
YouTube
Kali Linux NetHunter install in 8 minutes (rootless) and includes Android 14
It's easy to install Kali Linux on your Android phone without rooting it. This is a rootless install that allows you to run Kali NetHunter as an app on your phone - I'll show you how to do this in 8 minutes.
IMPORTANT - if you have issues, please read the…
IMPORTANT - if you have issues, please read the…
❤13👍7
How to bypass root detection in Android flutter apps
https://shobi.dev/blog/2023-28-10-bypassing-root-detection-in-flutter-with-frida
https://shobi.dev/blog/2023-28-10-bypassing-root-detection-in-flutter-with-frida
shobi.dev
Bypassing Root detection in android flutter apps
As part of the security research I was doing for an app, I had to run it in the emulator which is by default rooted. The app of course had root detection enabled. Before I proceed further I had to figure out how to bypass the root detection from the app.…
👍13❤3
Run Kitchen Sink from Android app using 219 devices at once targeting iOS, Windows and Android & signal range comparison of BLE spam messages for Flipper Zero, Bluetooth LE Spam and nRF Connect apps
https://www.mobile-hacker.com/2023/11/08/android-kitchen-sink-send-ble-spam-to-ios-android-and-windows-at-once-using-android-app/
https://www.mobile-hacker.com/2023/11/08/android-kitchen-sink-send-ble-spam-to-ios-android-and-windows-at-once-using-android-app/
Mobile Hacker
Android Kitchen Sink: Send BLE spam to iOS, Android and Windows at once using Android app Mobile Hacker
The Kitchen Sink is a name of Bluetooth Low Energy (BLE) attack that sends random advertisement packets that targets iOS, Android, and Windows devices the same time in the vicinity. The attack is called “Kitchen Sink” because it tries to send every possible…
👍15❤3🔥2