Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea – Threat Actors, Tactics, and Defense Strategies
https://i.blackhat.com/EU-24/Presentations/EU-24-V2-Islamoglu-Unmasking-State-Sponsored-Mobile-Surveillance.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-V2-Islamoglu-Unmasking-State-Sponsored-Mobile-Surveillance.pdf
🔥10😁8
My other ClassLoader is your ClassLoader: Creating evil twin instances of a class
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-Valsamaras-My-other-classloader.pdf
🔥12
WiFi Calling: Revealing Downgrade Attacks and Not-so-private private Keys
https://i.blackhat.com/EU-24/Presentations/EU-24-DabrowskiGegenhuber-WiFi-Calling-Revealing-Downgrade-Attacks.pdf
https://i.blackhat.com/EU-24/Presentations/EU-24-DabrowskiGegenhuber-WiFi-Calling-Revealing-Downgrade-Attacks.pdf
🔥12
How to detect ARP spoofing attack using Android app
https://www.mobile-hacker.com/2024/12/16/detect-arp-spoofing-attack-using-android-app/
https://www.mobile-hacker.com/2024/12/16/detect-arp-spoofing-attack-using-android-app/
Mobile Hacker
Detect ARP spoofing attack using Android app
ARP spoofing attacks are often used in combination with other types of attacks, such as DNS spoofing, SSL stripping, and more. These attacks can be used to steal sensitive information, launch phishing attacks.
👍13🔥3👏1
Discovery of 6 vulnerabilities in one Qualcomm driver and one of the used as In-the-Wild exploit
https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html
https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html
Blogspot
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
Posted by Seth Jenkins, Google Project Zero This blog post provides a technical analysis of exploit artifacts provided to us by Google's Thr...
🔥10👍2❤1
Authorities in Serbia used Cellebrite to unlock mobile phones so they could then infect them with NoviSpy Android malware
https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/
https://securitylab.amnesty.org/latest/2024/12/a-digital-prison-surveillance-and-the-suppression-of-civil-society-in-serbia/
Amnesty International Security Lab
“A Digital Prison”: Surveillance and the suppression of civil society in Serbia - Amnesty International Security Lab
This is the Executive Summary of Amnesty International’s report on surveillance and the suppression of civil society in Serbia. Please click here for the full report in PDF format. You can read the Executive Summary in Serbian, French or Spanish. In February…
🔥11😁5👍3
Diving into ADB protocol internals (2/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-22.html
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-22.html
Synacktiv
Diving into ADB protocol internals (2/2)
👍10🔥6😁5🌚4❤1
Screen recording Android spyware distributed through Amazon Appstore
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyware-distributed-through-amazon-appstore/
McAfee Blog
Spyware distributed through Amazon Appstore | McAfee Blog
Authored by Wenfeng Yu and ZePeng Chen As smartphones have become an integral part of our daily lives, malicious apps have grown increasingly deceptive
🤔13😁7🔥2
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Device
https://www.mobile-hacker.com/2024/12/23/exploring-marauder-bruce-and-ghost-esp-on-cheap-yellow-device/
https://www.mobile-hacker.com/2024/12/23/exploring-marauder-bruce-and-ghost-esp-on-cheap-yellow-device/
Mobile Hacker
Exploring Marauder, Bruce, and Ghost ESP on Cheap Yellow Display
In this blog, I will focus on the most popular offensive security projects such as Marauder, Bruce and Ghost ESP to get most of this device and compare them in the end.
👍13🔥8
Android BADBOX Botnet Is Back
https://www.bitsight.com/blog/badbox-botnet-back
https://www.bitsight.com/blog/badbox-botnet-back
Bitsight
BADBOX Botnet Is Back | Bitsight
The TRACE team investigated BADBOX, which is a large-scale cybercriminal operation selling off-brand Android TV boxes, smartphones, and other Android electronics with preinstalled malware.
👍16🔥5😁2
Install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
Mobile Hacker
Run Firmware Anywhere: Flexibility of M5Stick Launcher
Launcher tool that is able to switch between all of the three firmware without a need of a computer, and even while on the go.
👍15🌚2
This media is not supported in your browser
VIEW IN TELEGRAM
How to install and run any firmware (Marauder, Bruce, Ghost ESP...) on ESP32 devices without using computer with M5Stick Launcher
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
https://www.mobile-hacker.com/2024/12/29/run-firmware-anywhere-flexibility-of-m5stick-launcher/
🔥21👍4❤1
Ultimate iOS (iPhone & iPad) Hardening Guide
https://github.com/martinholovsky/Security-Blueprints/blob/main/iOS-Hardening-Guide.md
https://github.com/martinholovsky/Security-Blueprints/blob/main/iOS-Hardening-Guide.md
GitHub
Security-Blueprints/iOS-Hardening-Guide.md at main · martinholovsky/Security-Blueprints
Collection of my Security Blueprints & Guides. Contribute to martinholovsky/Security-Blueprints development by creating an account on GitHub.
👍12🔥5🤡3
FireScam: Android information stealing malware with spyware capabilities
https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/
https://www.cyfirma.com/research/inside-firescam-an-information-stealer-with-spyware-capabilities/
CYFIRMA
Inside FireScam : An Information Stealer with Spyware Capabilities - CYFIRMA
This report has been revised to remove references to the obfuscation tool previously mentioned, as the obfuscation techniques in the...
🌚12👍6❤1
Emulating Android native libraries using unidbg
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
https://bhamza.me/blogpost/2024/09/10/Emulating-Android-native-libraries-using-unidbg.html
Hamza’s blog posts, notes and thoughts.
Emulating Android native libraries using unidbg
Introduction Unidbg is an open-source framework to emulate Android native libraries (and to a certain extent has experimental iOS emulation capabilities). There are a few use cases where emulating Android libraries is beneficial. I will cover a single use…
🔥11🌚4👍3👏3
Unidbg to production
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html
https://bhamza.me/blogpost/2024/09/20/unidbg-to-production.html
Hamza’s blog posts, notes and thoughts.
Unidbg to production
Introduction In the last blogpost, we covered how to use unidbg from scratch to emulate an Android native library. As some might have noticed, the Proof of Concept code is not production ready as it does not allow for a way to call the signing functionality…
👍11🔥6🌚1
Boost Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/
https://www.mobile-hacker.com/2025/01/09/boost-your-flipper-zero-with-feberis-3-in-1-subghz-nrf24-and-wifi-board/
Mobile Hacker
Boost Your Flipper Zero with FEBERIS: 3-in-1 SubGhz, NRF24, and WiFi board
I am excited to introduce you to FEBERIS, an expansion 3-in-1 development board for the Flipper Zero. This custom board utilizes external Wi-Fi, NRF24, and CC1101 modules, enhancing the capabilities of your Flipper Zero device.
👍17❤12👌2
Fully-remote (0-click) bug on the Samsung S24 if Google Messages is configured for RCS (the default configuration on this device), as the trannoscription service decodes incoming audio before a user interacts with the message for trannoscription purposes. Issue is fixed now.
https://project-zero.issues.chromium.org/issues/368695689
https://project-zero.issues.chromium.org/issues/368695689
🔥34👍3⚡1
Analysis of Autel MaxiCharger Android app to reviewing the attack surface
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two
https://www.zerodayinitiative.com/blog/2025/1/15/reviewing-the-attack-surface-of-the-autel-maxicharger-part-two
Zero Day Initiative
Zero Day Initiative — Reviewing the Attack Surface of the Autel MaxiCharger: Part Two
Previously , we covered the internals of the Autel MaxiCharger where we highlighted each of the main components. In this post, we aim to outline the attack surface of the MaxiCharger in the hopes of providing inspiration for vulnerability research. All information…
🌚7👍1
Android malware in DoNot APT operations
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/
https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/
CYFIRMA
ANDROID MALWARE IN DONOT APT OPERATIONS - CYFIRMA
EXECUTIVE SUMMARY The research team at CYFIRMA collected a sample attributed to the Indian APT group known as ‘DONOT’, which...
❤12🌚6🤔2👍1