Key takeaways Introduction Crypto drainers are malicious tools that steal digital assets like NFTs, and tokens from cryptocurrency wallets. They often use phishing techniques and leverage smart contracts to enhance their impact. Typically, users are tricked…

WiFiPumpkin3 is a powerful framework designed for rogue access point attacks and network security testing. It allows security researchers, and red teamers to create fake Wi-Fi networks, custom captive portals, intercept traffic, and deploy phishing attacks.…

CTI, threat intelligence, OSINT, malware, APT, threat hunting, threat analysis, CTF, cybersecurity, security

We have analyzed the CVE-2024-7965 vulnerability that allows adversaries to execute arbitrary code in the Google Chrome renderer

Dvuln is a specialist information security company founded by Australian cyber security specialists based out of Sydney, Melbourne and Brisbane

Zespół CERT Polska zaobserwował w ostatnich tygodniach nowe próbki złośliwego oprogramowania na urządzenia mobilne

In this article, Group-IB specialists uncovered a large-scale fraud campaign involving fake trading apps targeting Apple iOS and Android users across multiple regions through the UniApp framework, and distributed through official app stores and phishing sites.

This guide shows you how to set up a headless Pi-Tail, controlled entirely from your smartphone via SSH or VNC. This compact and cost-effective setup is perfect for on-the-go Wi-Fi pentesting, network scanning, and vulnerability assessments.

Many months ago, a slightly younger Tim thought that porting mainline Linux to his old Android phone for the purpose of experimentation would be a great way to pass time. (In hindsight it was, but not for the reasons imagined.)

Fraud and scams cost consumers more than $1 trillion in losses globally, and it’s one of the most common forms of cyber crime that India witnesses. According to the Indi…

TL;DR: If you’re new to Xamarin or unsure how to analyze a Xamarin application, this post is for you. We’ll explore the key differences…

Contribute to tomasz-lisowski/simurai development by creating an account on GitHub.

CellGuard is a research project that analyzes how cellular networks are operated and possibly surveilled - seemoo-lab/CellGuard

Our analysis of TrickMo suggests that many of these samples remain undetected by the broader security community.

Discover how the ErrorFather campaign deploys the undetected Cerberus Android Banking Trojan to target users. Learn about its sophisticated infection chain, malicious capabilities, and the ongoing cyber threats posed by repurposed malware

Explore the 2024 ThreatLabz Mobile, IoT, and OT Threat Report, which covers mobile and IoT/OT trends, case studies, and best practices.

This report performs the first public analysis of MMTLS, the main network protocol used by WeChat, an app with over one billion users. The report finds that MMTLS is a modified version of TLS, however some of the modifications have introduced cryptographic…

Threat actors are constantly working on different ways to target users across the globe. Spyware has the capability to quietly […]

Exploring Android in-app purchase vulnerabilities using Frida to simulate and bypass payment validation

Stealing another KakaoTalk user’s chat messages with a simple 1-click exploit.