NetHunter Hacker XII: Master Social Engineering using SET
Explained SET attack vectors such as create e-mail template, site clone, credential harvester, mass mailer, Arduino attacks, web jacking attack.
Also how to fix common errors and attack prevention tips
https://www.mobile-hacker.com/2024/02/02/nethunter-hacker-xii-master-social-engineering-using-set/
Explained SET attack vectors such as create e-mail template, site clone, credential harvester, mass mailer, Arduino attacks, web jacking attack.
Also how to fix common errors and attack prevention tips
https://www.mobile-hacker.com/2024/02/02/nethunter-hacker-xii-master-social-engineering-using-set/
Mobile Hacker
NetHunter Hacker XII: Master Social Engineering using SET Mobile Hacker
Social engineering is a technique used by attackers to trick people into disclosing private information or doing activities that affect the security of a system or network. The Social-Engineer Toolkit (SET) is one of the most popular tools used in social…
👍19❤1
Hacking a Smart Home Device
Reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant
https://jmswrnr.com/blog/hacking-a-smart-home-device
Reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant
https://jmswrnr.com/blog/hacking-a-smart-home-device
James Warner
Hacking a Smart Home Device
How I reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant.
👍17
Analysis of Android settings during a forensic investigation
https://blog.digital-forensics.it/2024/01/analysis-of-android-settings-during.html
https://blog.digital-forensics.it/2024/01/analysis-of-android-settings-during.html
blog.digital-forensics.it
Analysis of Android settings during a forensic investigation
DFIR research
👍14❤3
MobSF Remote code execution (via CVE-2024-21633)
https://github.com/0x33c0unt/CVE-2024-21633
https://github.com/0x33c0unt/CVE-2024-21633
GitHub
GitHub - 0x33c0unt/CVE-2024-21633: MobSF Remote code execution (via CVE-2024-21633)
MobSF Remote code execution (via CVE-2024-21633). Contribute to 0x33c0unt/CVE-2024-21633 development by creating an account on GitHub.
👍16🤯8👻1
Commercial spyware companies are behind most zero-day exploits - discovered by Google
Blog: https://blog.google/threat-analysis-group/commercial-surveillance-vendors-google-tag-report/
PDF: https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf
Blog: https://blog.google/threat-analysis-group/commercial-surveillance-vendors-google-tag-report/
PDF: https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Buying_Spying_-_Insights_into_Commercial_Surveillance_Vendors_-_TAG_report.pdf
Google
Buying Spying: How the commercial surveillance industry works and what can be done about it
The latest report from Threat Analysis Group documents the rise of commercial surveillance vendors and the industry that threatens free speech, the free press and the op…
🔥7❤3👍2👻1
Android Content Providers 101
https://www.pentestpartners.com/security-blog/android-content-providers-101/
https://www.pentestpartners.com/security-blog/android-content-providers-101/
Pentestpartners
Android Content Providers 101 | Pen Test Partners
Introduction Android has a number of different types of components that a program or app can instantiate to interact with the user or other programs. Recently I've been looking at exported as an interesting way to manipulate information that other apps have…
👍9👻1
Operation triangulation - Keychain module analysis
https://shindan.io/posts/keychain_module_analysis/
https://shindan.io/posts/keychain_module_analysis/
shindan.io
Operation triangulation - Keychain module analysis.
Operation Triangulation is the name of an attack that has been targeting Kaspersky employees among others.
Kaspersky has published a lot of really interesting blogposts detailing the exploit chain and how they caught all the samples.
https://securelist.com/trng…
Kaspersky has published a lot of really interesting blogposts detailing the exploit chain and how they caught all the samples.
https://securelist.com/trng…
👍12👻1
Google Play Protect will soon automatically block sideloading Android apps if they request one of these four permissions: RECEIVE_SMS, READ_SMS, BIND_Notifications, and Accessibility
https://security.googleblog.com/2024/02/piloting-new-ways-to-protect-Android-users-from%20financial-fraud.html
https://security.googleblog.com/2024/02/piloting-new-ways-to-protect-Android-users-from%20financial-fraud.html
Google Online Security Blog
Piloting new ways of protecting Android users from financial fraud
Posted by Eugene Liderman, Director of Mobile Security Strategy, Google From its founding , Android has been guided by principles of open...
👍13😢7🤬5❤1👻1
Reverse engineering of Android Phoenix RAT
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
Analysis: https://cryptax.medium.com/reverse-engineering-of-android-phoenix-b59693c03bd3
Phoenix overview: https://cryptax.medium.com/android-phoenix-authors-claims-sample-identification-and-trends-f199cbc9901d
Medium
Reverse engineering of Android/Phoenix
Android/Phoenix is a malicious Remote Access Tool. Its main goal is to extensively spy on the victim’s phone (grab all screenshots, steal…
👍9❤2👻2
Analysis of an Info Stealer — Chapter 2: The iOS App
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-2-the-ios-app-0529e7b45405
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-2-the-ios-app-0529e7b45405
Medium
Analysis of an Info Stealer — Chapter 2: The iOS App
Introduction
❤7👍3🤔3👻1
Analysis of an Info Stealer — Chapter 3: The Android App
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-3-the-android-app-54ba3068b537
https://medium.com/@icebre4ker/analysis-of-an-info-stealer-chapter-3-the-android-app-54ba3068b537
Medium
Analysis of an Info Stealer — Chapter 3: The Android App
Introduction & Preface
🔥8💊4❤2👍1
MoqHao evolution: New variants start automatically right after installation
MoqHao aka XLoader is an Android malware operated by a financially motivated threat actor named Roaming Mantis.
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/moqhao-evolution-new-variants-start-automatically-right-after-installation/
MoqHao aka XLoader is an Android malware operated by a financially motivated threat actor named Roaming Mantis.
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/moqhao-evolution-new-variants-start-automatically-right-after-installation/
McAfee Blog
MoqHao evolution: New variants start automatically right after installation | McAfee Blog
Authored by Dexter Shin MoqHao is a well-known Android malware family associated with the Roaming Mantis threat actor group first discovered in 2015.
👍10❤3🎉1👻1
NetHunter Hacker XIII: Overall guide to MITM framework
New blog covers methods that attackers may employ to intercept network communication like in a video that demonstrates using SSLStrip+ and DNS change to intercept HTTPS and bypass HSTS via MITMf
https://www.mobile-hacker.com/2024/02/13/nethunter-hacker-xiii-overall-guide-to-mitm-framework/
New blog covers methods that attackers may employ to intercept network communication like in a video that demonstrates using SSLStrip+ and DNS change to intercept HTTPS and bypass HSTS via MITMf
https://www.mobile-hacker.com/2024/02/13/nethunter-hacker-xiii-overall-guide-to-mitm-framework/
Mobile Hacker
NetHunter Hacker XIII: Overall guide to MITM framework Mobile Hacker
I will cover the several methods that attackers may employ to intercept network communication to execute ARP poisoning, HTTP and HTTPS traffic interception, and DNS spoofing. In the video below is a demonstration of using SSLstrip and DNS change to intercept…
👍13⚡2❤1
SIM Hijacking
https://sensepost.com/blog/2022/sim-hijacking/
https://sensepost.com/blog/2022/sim-hijacking/
👍15⚡1
Mobile Threat Landscape Report for 2023
Report includes review of Android and iOS vulnerabilities and malware in 2023
https://www.lookout.com/threat-intelligence/report/mobile-landscape-threat-report
Report includes review of Android and iOS vulnerabilities and malware in 2023
https://www.lookout.com/threat-intelligence/report/mobile-landscape-threat-report
Lookout
Mobile Landscape Threat Report
Based on an analysis of Lookout’s security dataset of more than 300 million mobile apps, 220 million mobile devices, and billions of web items, Lookout has authored the Mobile Threat Landscape Report.
👍10❤2
iOS and Android Trojan harvesting facial recognition data used for unauthorized access to bank accounts
https://www.group-ib.com/blog/goldfactory-ios-trojan/
https://www.group-ib.com/blog/goldfactory-ios-trojan/
Group-IB
Face Off: Group-IB identifies first iOS trojan stealing facial recognition data
Group-IB uncovers the first iOS Trojan harvesting facial recognition data used for unauthorized access to bank accounts. The GoldDigger family grows
👍13🔥7
Dusting Off Old Fingerprints: NSO Group’s Unknown MMS Hack
https://www.enea.com/insights/dusting-off-old-fingerprints-nso-groups-unknown-mms-hack/
https://www.enea.com/insights/dusting-off-old-fingerprints-nso-groups-unknown-mms-hack/
Enea
Dusting off Old Fingerprints: NSO Group's Unknown MMS Hack
👍13❤3🔥1
Android SpyNote RAT Moves to Crypto Currencies
https://www.fortinet.com/blog/threat-research/android-spynote-moves-to-crypto-currencies
https://www.fortinet.com/blog/threat-research/android-spynote-moves-to-crypto-currencies
Fortinet Blog
Android/SpyNote Moves to Crypto Currencies
FortiGuard investigates a hot new sample of Android/SpyNote, which shows the malware authors stealing crypto currencies from crypto wallets.…
❤11👍6
New WiFi authentication vulnerabilities discovered affecting Android, ChromeOS and Linux devices
CVE-2023-52160 (“Phase-2 bypass”): This vulnerability can be exploited by an attacker to deceive the victim into connecting to a fake Wi-Fi network set up by the adversary. Once connected, the attacker can intercept and monitor the victim’s network traffic
CVE-2023-52161 (“4-way bypass”): It allows an adversary to gain full access to an existing protected WiFi network, exposing existing users and devices
PoC exploit is not available.
https://www.top10vpn.com/research/wifi-vulnerabilities/
CVE-2023-52160 (“Phase-2 bypass”): This vulnerability can be exploited by an attacker to deceive the victim into connecting to a fake Wi-Fi network set up by the adversary. Once connected, the attacker can intercept and monitor the victim’s network traffic
CVE-2023-52161 (“4-way bypass”): It allows an adversary to gain full access to an existing protected WiFi network, exposing existing users and devices
PoC exploit is not available.
https://www.top10vpn.com/research/wifi-vulnerabilities/
Top10Vpn
New WiFi Authentication Vulnerabilities Discovered
Two new WiFi vulnerabilities allow hackers to trick you into connecting to fake hotspots and steal your data, and join secure networks without the password.
❤13👏5👍4🔥2
Ghost files in the shared preferences
https://valsamaras.medium.com/ghost-files-in-the-shared-preferences-8d75226c23c0
https://valsamaras.medium.com/ghost-files-in-the-shared-preferences-8d75226c23c0
Medium
Ghost files in the shared preferences
Have you ever encountered an exceptionally clever bug, only to be thwarted by an unforeseen obstacle just moments before exploiting it…
👍13
Anatsa (TeaBot) Android Trojan Returns: Targeting Europe and Expanding Its Reach
Trojan reached on Google Play 10,000 installs, impersonating Phone Cleaner app.
The current campaign involves five droppers with over 100,000 total installations
https://www.threatfabric.com/blogs/anatsa-trojan-returns-targeting-europe-and-expanding-its-reach
Trojan reached on Google Play 10,000 installs, impersonating Phone Cleaner app.
The current campaign involves five droppers with over 100,000 total installations
https://www.threatfabric.com/blogs/anatsa-trojan-returns-targeting-europe-and-expanding-its-reach
ThreatFabric
Anatsa Trojan Returns: Targeting Europe and Expanding Its Reach
The Anatsa trojan returns, targeting Europe while expanding its reach.
🔥8👍3❤2🥱2😁1🤔1