Cellebrite leaked documents display which Android and iOS versions it is capable to unlock and access data from
https://www.404media.co/leaked-docs-show-what-phones-cellebrite-can-and-cant-unlock/
https://www.404media.co/leaked-docs-show-what-phones-cellebrite-can-and-cant-unlock/
❤22👍4
Konfety Spreads ‘Evil Twin’ Android Apps for Multiple Fraud Schemes
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-konfety-spreads-evil-twin-apps-for-multiple-fraud-schemes
https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-konfety-spreads-evil-twin-apps-for-multiple-fraud-schemes
HUMAN Security
Satori Threat Intelligence Alert: Konfety Spreads ‘Evil Twin’ Apps for Multiple Fraud Schemes - HUMAN Security
Uncover the intricate web of the Konfety ad fraud operation spreading through 'evil twin' apps, exposing malicious tactics and deceptive practices in the mobile advertising realm.
👍8
Beware of BadPack: One Weird Trick Being Used Against Android Devices
https://unit42.paloaltonetworks.com/apk-badpack-malware-tampered-headers/
https://unit42.paloaltonetworks.com/apk-badpack-malware-tampered-headers/
Unit 42
Beware of BadPack: One Weird Trick Being Used Against Android Devices
Our data shows a pattern of APK malware bundled as BadPack files. We discuss how this technique is used to garble malicious Android files, creating challenges for analysts.
👌12👍5❤4
Exploiting the EvilVideo vulnerability on Telegram
Discovered a 0-day Telegram for Android exploit that allows sending malicious apps disguised as videos
https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/
Discovered a 0-day Telegram for Android exploit that allows sending malicious apps disguised as videos
https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/
Welivesecurity
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos.
👍11🔥4❤1👎1👏1
Hacking a 2014 tablet... in 2024!
https://blog.r0rt1z2.com/hacking-a-2014-tablet-in-2024.html
https://blog.r0rt1z2.com/hacking-a-2014-tablet-in-2024.html
❤12🔥4🥰3
Part 1: Injecting and Exploiting Synthetic Remote Vulnerabilities to explore Signal-iOS and WebRTC
https://margin.re/2024/07/you-cant-spell-webrtc-without-rce-part-1/
https://margin.re/2024/07/you-cant-spell-webrtc-without-rce-part-1/
Margin Research
You Can't Spell WebRTC without RCE - Part 1
Injecting and Exploiting Synthetic Remote Vulnerabilities to explore Signal-iOS and WebRTC
It’s another average Friday morning and my iPhone shows 705 unread Signal messages. Signal has not completely supplanted my use of iMessage, but it does dominate communications…
It’s another average Friday morning and my iPhone shows 705 unread Signal messages. Signal has not completely supplanted my use of iMessage, but it does dominate communications…
🔥17🥰1
WhatsApp trick: Android malware can impersonate PDF file
https://www.mobile-hacker.com/2024/07/23/whatsapp-trick-android-malware-can-impersonate-pdf-file/
https://www.mobile-hacker.com/2024/07/23/whatsapp-trick-android-malware-can-impersonate-pdf-file/
Mobile Hacker
WhatsApp trick: Android malware can impersonate PDF file
Exploiting this trick can easily mislead non-tech-savvy users into installing a malicious app that impersonates a PDF document. The trick lies in manipulating the file extension within the WhatsApp Messenger using API interface.
👍22❤4👎1😁1😱1
Android spyware named Ratel pretending to be Hamster Kombat game distributed via an unofficial Telegram channel
https://www.welivesecurity.com/en/eset-research/tap-estry-threats-targeting-hamster-kombat-players/
https://www.welivesecurity.com/en/eset-research/tap-estry-threats-targeting-hamster-kombat-players/
Welivesecurity
The tap-estry of threats targeting Hamster Kombat players
ESET research reveals how the success of Hamster Kombats has attracted malicious actors trying to abuse interest in the game for monetary gain.
🔥14🤣9😁3
How to install Kali NetHunter on TicWatch Pro 3
https://www.mobile-hacker.com/2024/07/25/how-to-install-kali-nethunter-on-ticwatch-pro-3/
https://www.mobile-hacker.com/2024/07/25/how-to-install-kali-nethunter-on-ticwatch-pro-3/
Mobile Hacker
How to install Kali NetHunter on TicWatch Pro 3
In previous series of blogs I focused on installation of Kali NetHunter on older model of TicWatch Pro 2018 (catfish) which might be for some of you a good choice if you already have them forgotten in your drawer or you can get them cheap to play around.…
🔥20👍6❤1
Vulnerability in Telegram for Android: Use-after-free in Connection::onReceivedData
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
https://bugs.chromium.org/p/project-zero/issues/detail?id=2547
👍10
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps
https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/
https://www.zimperium.com/blog/unmasking-the-sms-stealer-targeting-several-countries-with-deceptive-apps/
Zimperium
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps - Zimperium
true
👍10
Mandrake spyware sneaks onto Google Play again, flying under the radar for two years
https://securelist.com/mandrake-apps-return-to-google-play/113147/
https://securelist.com/mandrake-apps-return-to-google-play/113147/
Securelist
New Mandrake Android spyware version discovered on Google Play
Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play
🤯8👍6
Android CraxsRAT strikes in Malaysia
https://www.group-ib.com/blog/craxs-rat-malaysia/
https://www.group-ib.com/blog/craxs-rat-malaysia/
Group-IB
Android Remote Access malware strikes in Malaysia | Group-IB Blog
Group-IB's investigation on a malware sample targeting a Malaysia-based financial organization's clients in the Asia-Pacific region.
🤡7🥱5❤2
BlueStacks (Android emulator) privilege escalation through VM backdooring (CVE-2024-33352)
https://github.com/mmiszczyk/CVE-2024-33352
https://github.com/mmiszczyk/CVE-2024-33352
GitHub
GitHub - mmiszczyk/CVE-2024-33352: BlueStacks privilege escalation through VM backdooring
BlueStacks privilege escalation through VM backdooring - mmiszczyk/CVE-2024-33352
🔥10👍5❤1
Open Redirect in Login Redirect in MobSF (CVE-2024-41955)
Update to MobSF v4.0.5.
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8m9j-2f32-2vx4
Update to MobSF v4.0.5.
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8m9j-2f32-2vx4
GitHub
Open Redirect in Login Redirect
### Impact
_What kind of vulnerability is it? Who is impacted?_
An open redirect vulnerability exist in MobSF authentication view.
PoC
1. Go to http://127.0.0.1:8000/login/?next=//afine.co...
_What kind of vulnerability is it? Who is impacted?_
An open redirect vulnerability exist in MobSF authentication view.
PoC
1. Go to http://127.0.0.1:8000/login/?next=//afine.co...
🔥8
BingoMod: The new android RAT that steals money and wipes data
https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data
https://www.cleafy.com/cleafy-labs/bingomod-the-new-android-rat-that-steals-money-and-wipes-data
Cleafy
BingoMod: The new android RAT that steals money and wipes data | Cleafy Labs
Discover the new android RAT BingoMod, identified by the Cleafy TIR team in May 2024. BingoMod targets money transfers via Account Takeover and On-Device Fraud, bypassing bank security measures. It exploits permissions to steal credentials, conduct overlay…
🤩9👍3
Introducing the new Mobile App Security Weakness Enumeration (MASWE).
This brand new OWASP MAS resource bridges the gap between MASVS high-level controls and MASTG low-level testing, using a similar approach to CWEs.
https://mas.owasp.org/news/2024/07/30/new-maswe/
This brand new OWASP MAS resource bridges the gap between MASVS high-level controls and MASTG low-level testing, using a similar approach to CWEs.
https://mas.owasp.org/news/2024/07/30/new-maswe/
👍5🌚3
New Fileless Malware Framework "GhostHook" Targets Android Devices
https://iverify.io/post/new-fileless-malware-framework-ghosthook-targets-android-devices
https://iverify.io/post/new-fileless-malware-framework-ghosthook-targets-android-devices
iverify.io
New Fileless Malware Framework "GhostHook" Targets Android Devices
iVerify have detected a new fileless malware spreading framework, GhostHook, being shared across cybercrime forums and networks.
👍8🌚3👻3🔥2❤1
BlankBot - a new Android banking trojan with screen recording, keylogging and remote control capabilities
https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities
https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities
👍10❤3👏3
Heap overflow in JPEG loading in Samsung's Little Kernel in bootloader allows a privileged attacker to execute persistent arbitrary code (it survives reboots and factory reset) CVE-2024-20832
Paper: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Article-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Slides: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Slides-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Paper: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Article-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
Slides: https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendor1_meets_vendor2_the_story_of_a_small_bu/SSTIC2024-Slides-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf
🗿9🌚3👍2❤1