This media is not supported in your browser
VIEW IN TELEGRAM
ShadyShader 2: An Apple bug that could freeze any device or cause crash loops by exploiting how GPUs handle shaders
Similar issue Apple patched last year (CVE-2023-40441)
https://www.imperva.com/blog/shadyshader-crashing-apple-m-series-with-single-click/
Similar issue Apple patched last year (CVE-2023-40441)
https://www.imperva.com/blog/shadyshader-crashing-apple-m-series-with-single-click/
🔥23❤2
I tried to explain how it is possible to locate smartphones using Advertising ID and ad plugins that are part of thousand popular apps without needing any spyware or exploits
https://www.mobile-hacker.com/2024/10/25/locate-smartphones-using-advertising-id-without-spyware-or-exploit/
https://www.mobile-hacker.com/2024/10/25/locate-smartphones-using-advertising-id-without-spyware-or-exploit/
Mobile Hacker
Locate smartphones using Advertising ID without spyware or exploit
I explain how it is possible to locate Google and Apple smartphones legally by misusing device unique Advertising ID and stream of data collected by advertising plugins. These plugins are part of thousands of popular and legitimate apps.
👍25🤡3🤔2😱2
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives also using Android malware
https://cloud.google.com/blog/topics/threat-intelligence/russian-espionage-influence-ukrainian-military-recruits-anti-mobilization-narratives/
https://cloud.google.com/blog/topics/threat-intelligence/russian-espionage-influence-ukrainian-military-recruits-anti-mobilization-narratives/
Google Cloud Blog
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives…
A suspected Russian hybrid espionage and influence operation, delivering Windows and Android malware.
❤16😁5🤮3😎2👍1🔥1🤡1😈1
iOS Forensics Suite: Generates detailed reports from iOS backups (encrypted & unencrypted) with device info, contacts, messages, WiFi, notes, WhatsApp data & more. All done locally.
https://github.com/piotrbania/ios_forensics_suite
https://github.com/piotrbania/ios_forensics_suite
GitHub
GitHub - piotrbania/ios_forensics_suite: A tool for generating detailed, locally-processed reports from iOS backups, supporting…
A tool for generating detailed, locally-processed reports from iOS backups, supporting encrypted and unencrypted data. - piotrbania/ios_forensics_suite
❤13🔥4🙏2
Frida Script Runner - Versatile web-based tool designed for Android and iOS penetration testing purposes
https://github.com/z3n70/Frida-Script-Runner
https://github.com/z3n70/Frida-Script-Runner
🔥26👍5❤3
Nine writeup for some Android specific chromium behavior vulnerabilities
1) intent:// restrictions bypassed via firebase dynamic links (Fixed, Awarded $3000)
2) Bypass to issue 40060327 via market:// URL (Fixed, Awarded $2250)
3) Add to home screen spoof (Fixed, Awarded $1125)
4) Iframe sandbox allow-popups-to-escape-sandbox bypass via intent (Asked, Not fixed)
5) Controlling Google assistant (Asked, Not fixed)
6) Controlling Clock (Accepted, Not fixed)
7) URL Spoof via intent (Fixed, Awarded $3133.70)
8) BROWSABLE intent:// bypass (Fixed, Duplicate)
9) BROWSABLE intent:// bypass (Fixed, Awarded $4500.00)
https://ndevtk.github.io/writeups/2024/08/01/awas/
1) intent:// restrictions bypassed via firebase dynamic links (Fixed, Awarded $3000)
2) Bypass to issue 40060327 via market:// URL (Fixed, Awarded $2250)
3) Add to home screen spoof (Fixed, Awarded $1125)
4) Iframe sandbox allow-popups-to-escape-sandbox bypass via intent (Asked, Not fixed)
5) Controlling Google assistant (Asked, Not fixed)
6) Controlling Clock (Accepted, Not fixed)
7) URL Spoof via intent (Fixed, Awarded $3133.70)
8) BROWSABLE intent:// bypass (Fixed, Duplicate)
9) BROWSABLE intent:// bypass (Fixed, Awarded $4500.00)
https://ndevtk.github.io/writeups/2024/08/01/awas/
Writeups
Android web attack surface
The following is a writeup for some Android specific chromium behaviors.
👍14🌚4❤3
Cracking into a Just Eat / Takeaway.com terminal with an NFC card
https://blog.mgdproductions.com/justeat-takeaway-terminal/
https://blog.mgdproductions.com/justeat-takeaway-terminal/
MGD Blog
Cracking into a Just Eat / Takeaway.com terminal with an NFC card
So this is a pretty interesting one, i found this one on a local marketplace for 25 dollars, so i immediately snagged it up.
After it booted up, it showed an activation screen. Looks like the previous owner has logged out.
We can't do much from this screen…
After it booted up, it showed an activation screen. Looks like the previous owner has logged out.
We can't do much from this screen…
🌚8👍2🔥1
LightSpy: Implant for iOS
https://www.threatfabric.com/blogs/lightspy-implant-for-ios
https://www.threatfabric.com/blogs/lightspy-implant-for-ios
ThreatFabric
LightSpy: Implant for iOS
ThreatFabric’s latest insights on LightSpy malware, targeting both iOS and macOS. Learn about the evolving tactics, new destructive features, and the importance of keeping devices updated to defend against these advanced cyber threats.
👍15🔥1
Emulating Android native libraries using unidbg
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
Hamza’s blog posts, notes and thoughts.
Emulating Android native libraries using unidbg
Introduction Unidbg is an open-source framework to emulate Android native libraries (and to a certain extent has experimental iOS emulation capabilities). There are a few use cases where emulating Android libraries is beneficial. I will cover a single use…
🔥11❤3👍1
Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware
https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/
https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/
Zimperium
Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware - Zimperium
In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.
👍12🔥5
Low-Level Development on Retail Android Hardware - Reconnaissance and Prototyping a Bootloader
https://blog.timschumi.net/2024/10/05/lldorah-bootloader-prototype.html
https://blog.timschumi.net/2024/10/05/lldorah-bootloader-prototype.html
timschumi’s low-traffic blog
Low-Level Development on Retail Android Hardware - Reconnaissance and Prototyping a Bootloader
Many months ago, a slightly younger Tim thought that porting mainline Linux to his old Android phone for the purpose of experimentation would be a great way to pass time. (In hindsight it was, but not for the reasons imagined.)
🔥12🌚3👍1
Android G700 spyware: The Next Generation of Craxs RAT
https://www.cyfirma.com/research/g700-the-next-generation-of-craxs-rat/
https://www.cyfirma.com/research/g700-the-next-generation-of-craxs-rat/
CYFIRMA
G700 : The Next Generation of Craxs RAT - CYFIRMA
EXECUTIVE SUMMARY At CYFIRMA, we are dedicated to providing timely and relevant insights into emerging threats and tactics used by...
⚡14🌚4👍3
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM
https://www.cleafy.com/cleafy-labs/toxicpanda-a-new-banking-trojan-from-asia-hit-europe-and-latam
https://www.cleafy.com/cleafy-labs/toxicpanda-a-new-banking-trojan-from-asia-hit-europe-and-latam
Cleafy
ToxicPanda: a new banking trojan from Asia hit Europe and LATAM | Cleafy Labs
Discover Cleafy's in-depth analysis of a new Android banking Trojan campaign, ToxicPanda, initially linked to TgToxic. Our findings reveal a sophisticated fraud operation targeting European and LATAM banks, using On-Device Fraud (ODF) tactics to execute account…
🌚13👍2
Apple CarPlay: What's Under the Hood
Slides: https://troopers.de/downloads/troopers24/TR24_Apple_CarPlay-What's_Under_the_Hood_8MCYKG.pdf
Video: https://www.youtube.com/watch?v=cHhxJzavq5I
Slides: https://troopers.de/downloads/troopers24/TR24_Apple_CarPlay-What's_Under_the_Hood_8MCYKG.pdf
Video: https://www.youtube.com/watch?v=cHhxJzavq5I
❤16👍3🕊1
Fake physical letters were sent to potential victims at their address to download "Severe Weather Warning App" via QR code. Coper AKA Octo2 malware is downloaded instead.
https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2024/2024-meteosuisse.html
https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2024/2024-meteosuisse.html
www.ncsc.admin.ch
Caution: Fake letters on behalf of MeteoSwiss – Instead of a ‘Severe Weather Warning App’, malware is downloaded
14.11.2024 - Physical letters with MeteoSwiss as the sender are currently being sent out. The letters ask the recipients to download a new ‘Severe Weather Warning App’ via a QR code. However, malware is downloaded to the smartphone instead. This looks similar…
😁18👍7🔥4❤1🌚1
GPUAF - Two ways of Rooting All Qualcomm based Android phones
https://powerofcommunity.net/poc2024/Pan%20Zhenpeng%20&%20Jheng%20Bing%20Jhong,%20GPUAF%20-%20Two%20ways%20of%20rooting%20All%20Qualcomm%20based%20Android%20phones.pdf
https://powerofcommunity.net/poc2024/Pan%20Zhenpeng%20&%20Jheng%20Bing%20Jhong,%20GPUAF%20-%20Two%20ways%20of%20rooting%20All%20Qualcomm%20based%20Android%20phones.pdf
🤯20🔥5👍4👏1
Reverse Engineering iOS 18 Inactivity Reboot
https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
Blogspot
Reverse Engineering iOS 18 Inactivity Reboot
Wireless and firmware hacking, PhD life, Technology
🔥19❤1👍1