In this blog post we share Zimperium’s Zero-Day Protection against the Water Makara Spear-Phishing campaign.

Many months ago, a slightly younger Tim thought that porting mainline Linux to his old Android phone for the purpose of experimentation would be a great way to pass time. (In hindsight it was, but not for the reasons imagined.)

EXECUTIVE SUMMARY At CYFIRMA, we are dedicated to providing timely and relevant insights into emerging threats and tactics used by...

This article demonstrates the power of Frida tracing in reverse engineering, using Mini Militia Classic as a case study.

Discover Cleafy's in-depth analysis of a new Android banking Trojan campaign, ToxicPanda, initially linked to TgToxic. Our findings reveal a sophisticated fraud operation targeting European and LATAM banks, using On-Device Fraud (ODF) tactics to execute account…

Automated malware analysis with Hatching Triage, the high-volume sandbox solution for SOCs, CERTs, SOARs, and MSSPs.

Personal website and computer security blog.

14.11.2024 - Physical letters with MeteoSwiss as the sender are currently being sent out. The letters ask the recipients to download a new ‘Severe Weather Warning App’ via a QR code. However, malware is downloaded to the smartphone instead. This looks similar…

Wireless and firmware hacking, PhD life, Technology

Discover how reverse engineering led to a $5000 bounty by exploiting a critical vulnerability in a popular Android app

EXPLORING AND EXPLOITING AN ANDROID "SMART POS" PAYMENT TERMINAL

Today, credit card terminals are undergoing a drastic evolution, moving from specialized hardware and custom-built operating systems to Android devices similar to ordinary smartphones. While…

Thai authorities said the crime gang sent around a million malicious SMS text messages to nearby residents over a three-day period in November.

Authored by: Fernando Ruiz The McAfee mobile research team recently identified a significant global increase of SpyLoan, also known as predatory

This new technique mimics a cracked screen that is a result of a fake virus infection as visible in the video below

Discover how fuzzing can identify critical vulnerabilities in native Android components, strengthening device security.

Note: This is part of my @vr_progress journal. Also, subscribe to my new @SideQuest_256 channel and I might post videos about the Android journey too :D This is a story about how I wasted my weekend over a bug that was categorized as a High/EoP but then couldn’t…