Attempted cyberattacks on Ukrainian military systems using mobile malware
https://cert.gov.ua/article/6280563
https://cert.gov.ua/article/6280563
cert.gov.ua
CERT-UA
Урядова команда реагування на комп’ютерні надзвичайні події України, яка функціонує в складі Державної служби спеціального зв’язку та захисту інформації України.
🔥10👍3🥰2🌚2😢1
How to intercepting Android at runtime on non-rooted devices using frida-gadget
https://dispatchersdotplayground.hashnode.dev/intercepting-android-at-runtime-on-non-rooted-devices
https://dispatchersdotplayground.hashnode.dev/intercepting-android-at-runtime-on-non-rooted-devices
🔥10👍2🌚2
[$12000] How I found 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security issues in TikTok’s system
https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3
https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3
👍20🌚7
Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos
https://labs.taszk.io/articles/post/there_will_be_bugs/
https://labs.taszk.io/articles/post/there_will_be_bugs/
labs.taszk.io
Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos
Samsung Baseband RCE with Layer 2 Vulnerabilities
😱8🔥2🥴1
A new TrickMo saga: from Banking Trojan to Victim's Data Leak
https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak
https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak
Cleafy
A new TrickMo saga: from Banking Trojan to Victim's Data Leak | Cleafy Labs
Explore Cleafy's analysis of a newly discovered TrickMo variant, revealing enhanced malware capabilities and critical endpoints used for storing stolen credentials and data from victims. Here is the latest threat analyst report.
❤🔥7👨💻3👍1
Exploiting JavaScript Interface for Unauthorized Access in a Kucoin cryptocurrency exchange Android app
https://hulkvision.github.io/blog/javanoscript-interface/exploiting-javanoscript-interface/
https://hulkvision.github.io/blog/javanoscript-interface/exploiting-javanoscript-interface/
hulkvision.github.io
Exploiting JavaScript Interface for Unauthorized Access in a 'global' cryptocurrency exchange android app
Intro
Webview in Android Ecosystem is an extension of Android’s view class that lets you display web pages as a part of your application activity layout. You can call it as a web browser built into your application but it doesn’t include the features of a…
Webview in Android Ecosystem is an extension of Android’s view class that lets you display web pages as a part of your application activity layout. You can call it as a web browser built into your application but it doesn’t include the features of a…
👍8❤3🤯3🌚2👏1
Android banking trojan - Ajina - attacks Central Asia: Story of an Uzbek Android Pandemic
https://www.group-ib.com/blog/ajina-malware
https://www.group-ib.com/blog/ajina-malware
Group-IB
Story of an Uzbek Android Pandemic | Group-IB Blog
Discovered by Group-IB in May 2024, the Ajina.Banker malware is a major cyber threat in the Central Asia region, disguising itself as legitimate apps to steal banking information and intercept 2FA messages.
🔥6🤯2❤1🥴1
Android Vo1d malware infected over a million Android TV boxes
It is a backdoor that puts its components in the system storage and, when commanded by attackers, is capable of secretly downloading and installing third-party software
https://news.drweb.com/show/?i=14900&lng=en
It is a backdoor that puts its components in the system storage and, when commanded by attackers, is capable of secretly downloading and installing third-party software
https://news.drweb.com/show/?i=14900&lng=en
Dr.Web
Void captures over a million Android TV boxes
Doctor Web experts have uncovered yet another case of an Android-based TV box infection. The malware, dubbed <a href="https://vms.drweb.com/search/?q=Android.Vo1d&lng=en"><b>Android.Vo1d</b></a>, has infected nearly 1.3 million devices belonging to users…
👍8🌚3👏1
Diving into ADB protocol internals (1/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12
Synacktiv
Diving into ADB protocol internals (1/2)
🔥11🌚3👍1🤡1🥱1
Wild vulnerabilities discovered in mobile dating app - Feeld with 1 Million installs on Google Play
-Disclosure of profile information to non-premium users
-Read other people’s messages
-access to other people’s photos & videos from their chats
-delete, recover and edit other people’s messages
-Update someone else’s profile information
-Send messages in other people’s chat
-Get a ‘Like’ from any user profile
https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
-Disclosure of profile information to non-premium users
-Read other people’s messages
-access to other people’s photos & videos from their chats
-delete, recover and edit other people’s messages
-Update someone else’s profile information
-Send messages in other people’s chat
-Get a ‘Like’ from any user profile
https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
Cyber Security Services - London
Feeld dating app - Your nudes and data were publicly available
Discover critical Feeld app vulnerabilities from our pentest. See how flaws in security controls expose personal data and learn key fixes.
🔥9🌚5🤣5👍4❤1🤮1
Android Bytecode Exploitation
Introduction (Part 1): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_0/
Fundamentals (Part 2): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_1/
Bytecode Injection (Part 3): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
Bytecode Reuse Attack (Part 4): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
Introduction (Part 1): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_0/
Fundamentals (Part 2): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_1/
Bytecode Injection (Part 3): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
Bytecode Reuse Attack (Part 4): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
lolcads tech blog
Introduction to Android Bytecode Exploitation (Part 1)
Introduction to Android Bytecode Exploitation (Part 1) Android resides among the most popular operating systems for mobile devices, which causes Android to also be among the most popular targets for exploitation. While Android is frequently updated to fix…
🔥21👍2🌚2
Jailbreak your Enemies with a Link: Remote Execution on iOS
The Trident Exploit Chain deep-dive (Part I)
https://jacobbartlett.substack.com/p/jailbreak-enemies-with-a-link-remote-execution
The Trident Exploit Chain deep-dive (Part I)
https://jacobbartlett.substack.com/p/jailbreak-enemies-with-a-link-remote-execution
Jacobstechtavern
Jailbreak your Enemies with a Link: Remote Execution on iOS
The Trident Exploit Chain deep-dive (Part I)
🔥26❤1🌚1
Advanced Frida Usage Part 10 – Instruction Tracing using Frida Stalker
https://8ksec.io/advanced-frida-usage-part-10-instruction-tracing-using-frida-stalker/
https://8ksec.io/advanced-frida-usage-part-10-instruction-tracing-using-frida-stalker/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Advanced Frida Usage Part 10 – Instruction Tracing using Frida Stalker - 8kSec
Welcome to another blog in the series of Advance Frida Usage. This blog post demonstrates how to use Frida’s Stalker APIs to trace instructions as they execute in a app in real time.
👍16🌚2
Exploiting Android Client WebViews with Help from HSTS
1-click account takeover vulnerability discovered in a popular Indonesian Android Tokopedia app
https://seanpesce.blogspot.com/2024/09/exploiting-android-client-webviews-with.html
1-click account takeover vulnerability discovered in a popular Indonesian Android Tokopedia app
https://seanpesce.blogspot.com/2024/09/exploiting-android-client-webviews-with.html
Blogspot
Exploiting Android Client WebViews with Help from HSTS
TL;DR I discovered a one-click account takeover vulnerability in a popular Indonesian Android app called Tokopedia . Th...
😨13🔥3🌚2👍1
0-Click exploit discovered in MediaTek Wi-Fi chipsets affects routers and smartphones (CVE-2024-20017).
Published PoC can be tested even from a smartphone
Technical details: https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html
PoC: https://github.com/mellow-hype/cve-2024-20017
Published PoC can be tested even from a smartphone
Technical details: https://blog.coffinsec.com/0day/2024/08/30/exploiting-CVE-2024-20017-four-different-ways.html
PoC: https://github.com/mellow-hype/cve-2024-20017
🌚11🤣4❤2💩2🤮1
Undetected Android Spyware Targeting Individuals In South Korea
https://cyble.com/blog/undetected-android-spyware-targeting-individuals-in-south-korea/
https://cyble.com/blog/undetected-android-spyware-targeting-individuals-in-south-korea/
🔥12🥱4🤔3😴2👍1🌚1
How the Necro Trojan infiltrated Google Play, again
https://securelist.com/necro-trojan-is-back-on-google-play/113881/
https://securelist.com/necro-trojan-is-back-on-google-play/113881/
Securelist
Necro Trojan infiltrates Google Play and Spotify and WhatsApp mods
Kaspersky experts have discovered a new version of the Necro Trojan, which has infected tens of thousands of Android devices through Google Play and Spotify and WhatsApp mods.
👍12❤4⚡2👏1
Octo2: European Banks Already Under Attack by New Malware Variant
https://www.threatfabric.com/blogs/octo2-european-banks-already-under-attack-by-new-malware-variant
https://www.threatfabric.com/blogs/octo2-european-banks-already-under-attack-by-new-malware-variant
ThreatFabric
Octo2: European Banks Already Under Attack by New Malware Variant
ThreatFabric unveils the evolution of Octo2 malware, enhancing mobile banking security with sophisticated techniques and remote access capabilities.
🔥9👍2🍌2
A step-by-step guide to writing an iOS kernel exploit
https://alfiecg.uk/2024/09/24/Kernel-exploit.html
https://alfiecg.uk/2024/09/24/Kernel-exploit.html
Alfie CG
A step-by-step guide to writing an iOS kernel exploit
Introduction Memory management in XNU Page tables Physical use-after-free Exploitation strategy Heap spray Kernel memory read/write Conclusion Bonus: arm64e, PPL and SPTM
🔥19🌚2👍1
SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites
https://blog.sekoia.io/silentselfie-uncovering-a-major-watering-hole-campaign-against-kurdish-websites/
https://blog.sekoia.io/silentselfie-uncovering-a-major-watering-hole-campaign-against-kurdish-websites/
Sekoia.io Blog
SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites
Learn about the sophisticated campaign compromising Kurdish websites. Gain insights into the scale and variants used by malicious actors.
🌚8🔥1
WalletConnect Scam: A Case Study in Crypto Drainer Tactics
https://research.checkpoint.com/2024/walletconnect-scam-a-case-study-in-crypto-drainer-tactics/
https://research.checkpoint.com/2024/walletconnect-scam-a-case-study-in-crypto-drainer-tactics/
Check Point Research
Wallet Scam: A Case Study in Crypto Drainer Tactics - Check Point Research
Key takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often use phishing techniques and leverage smart contracts to enhance their impact. Typically, users are tricked…
👍8❤1🤩1🌚1👾1