HiddenAd adware discovered on Google Play was one of the top 10 new apps in the store in July!
Reached 1M+ downloads. Reported.
https://t.co/iY3z60gicp
Reached 1M+ downloads. Reported.
https://t.co/iY3z60gicp
Twitter
ESET research
#HiddenAd adware found on Google Play was one of the top 10 new apps in the store in July, with 1M+ downloads - until @LukasStefanko #reported it. IoC Hash: 3E1E1FD9BAE9E7DDE2CB06859E125352B7EA8ABD ESET detection name: Android/Hiddad.ADQ
Record for HiddenAd Adware found on Google Play.
It reached 5,000,000+ installs.
-after launch can hide itself icon
-after unlocking device it display fullscreen ad
-reported
https://twitter.com/ReBensk/status/1157267868993515521?s=19
It reached 5,000,000+ installs.
-after launch can hide itself icon
-after unlocking device it display fullscreen ad
-reported
https://twitter.com/ReBensk/status/1157267868993515521?s=19
Found new ways to hack WPA3 protected wifi passwords
https://wpa3.mathyvanhoef.com/
https://wpa3.mathyvanhoef.com/
Mathyvanhoef
Dragonblood: Analysing WPA3's Dragonfly Handshake
This website presents the Dragonblood Attack. It is a collection of attacks against the WPA3 protocol, which mainly abuse the password element generation algorithm of WPA3's Dragonfly handshake.
HiddenAd trojan discovered on Google Play with 100,000 installs.
Once installed, it executes itself without user interaction and displays ads.
https://t.co/DOVPmX50Bs
Once installed, it executes itself without user interaction and displays ads.
https://t.co/DOVPmX50Bs
Twitter
ESET
#HiddenAd #trojan discovered by @LukasStefanko on Google Play with 100,000 installs is removed now. Once installed, it executes itself without user interaction and displays ads. @ESETresearch ESET detection: Android/Hiddad.ACS https://t.co/DOVPmX50Bs
Compromise Android Kernel be compromised by over-the-air
CVE-2019-10538 - allows attackers to compromise the WLAN and the chip's modem over-the-air.
CVE-2019-10540 - an attacker can exploit it to compromise the Android Kernel from the WLAN component.
https://blade.tencent.com/en/advisories/qualpwn/
CVE-2019-10538 - allows attackers to compromise the WLAN and the chip's modem over-the-air.
CVE-2019-10540 - an attacker can exploit it to compromise the Android Kernel from the WLAN component.
https://blade.tencent.com/en/advisories/qualpwn/
Within 1 kilometer - surveillance van - can spy on WhatsApp messages, Facebook chats, texts, calls, contacts...
https://www.forbes.com/sites/thomasbrewster/2019/08/05/a-multimillionaire-surveillance-dealer-steps-out-of-the-shadows-and-his-9-million-whatsapp-hacking-van/
https://www.forbes.com/sites/thomasbrewster/2019/08/05/a-multimillionaire-surveillance-dealer-steps-out-of-the-shadows-and-his-9-million-whatsapp-hacking-van/
Forbes
A Multimillionaire Surveillance Dealer Steps Out Of The Shadows . . . And His $9 Million WhatsApp Hacking Van
He can hack your WhatsApp, find out where you are in 15 minutes and monitor your iPhone. But Tal Dilian says he's one of the good guys. It's badly-behaved governments who should be in trouble, not the $12 billion industry he's come to represent.
Doctor Web’s overview of virus activity on mobile devices in July 2019
https://news.drweb.com/show/review/?lng=en&i=13374
https://news.drweb.com/show/review/?lng=en&i=13374
Dr.Web
Dr.Web — Doctor Web’s overview of virus activity on mobile devices in July 2019
Find out on Doctor Web’s site about the latest virus threats and information security issues.
Need to reverse engineer an iOS app?
Works on iOS11 & 12
https://twitter.com/ddouhine/status/1158700402419937280?s=19
Works on iOS11 & 12
https://twitter.com/ddouhine/status/1158700402419937280?s=19
Twitter
Davy Douhine
Need to reverse engineer an iOS app ? 1/ Add https://t.co/PjjYGi0uSC src to Cydia 2/ Install bfdecrypt 3/ Go to bfdecrypt pref pane in Settings & set the app to decrypt 4/ Launch it 5/ Decrypted IPA is stored in the Documents folder of the app Works on iOS11…
How To Start IoT Device Firmware Reverse Engineering? #IoT
http://blog.securelayer7.net/how-to-start-iot-device-firmware-reverse-engineering/
http://blog.securelayer7.net/how-to-start-iot-device-firmware-reverse-engineering/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
How to Start IoT device Firmware Reverse Engineering?
IoT device Firmware Reverse Engineering: It is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods....
Pwning the Galaxy S8
Bug 0: Pwning and Examining the browser’s renderer process
Bug 1: Incomplete fix for CVE-2016-5197
Bug 2: The Email loves EML with a … XSS
Bug 3: … And file:/// crossdomain
Bug 4: Pwn a process with INSTALL_PACKAGES privilege
Bug 5: Push SDK pushes vulnerability
https://blog.flanker017.me/galaxy-leapfrogging-pwning-the-galaxy-s8/
Bug 0: Pwning and Examining the browser’s renderer process
Bug 1: Incomplete fix for CVE-2016-5197
Bug 2: The Email loves EML with a … XSS
Bug 3: … And file:/// crossdomain
Bug 4: Pwn a process with INSTALL_PACKAGES privilege
Bug 5: Push SDK pushes vulnerability
https://blog.flanker017.me/galaxy-leapfrogging-pwning-the-galaxy-s8/
Flanker Sky
Galaxy Leapfrogging: Pwning the Galaxy S8
Hello everyone, long time no see! Now begins a series of blog posts about bugs I found before and now on Android vendors, including memory corruption and logical bugs, reported and fixed via Pwn2Ow…
Facebook sues two developers from Google Play for click injection fraud
Developers: LIONMOBI and Jedimobi
Altogether 7 apps on Google Play
Altogether 217,000,000+ installs of these apps
https://newsroom.fb.com/news/2019/08/enforcing-against-click-injection-fraud/
Developers: LIONMOBI and Jedimobi
Altogether 7 apps on Google Play
Altogether 217,000,000+ installs of these apps
Click injection fraud: The malware created fake user clicks on Facebook ads that appeared on the users’ phones, giving the impression that the users had clicked on the ads.https://newsroom.fb.com/news/2019/08/enforcing-against-click-injection-fraud/
About Facebook
Enforcing Against Click Injection Fraud - About Facebook
Facebook filed suit against two app developers for misrepresenting that a real person had clicked on their ads.
Fake Antivirus with 50,000+ installs
https://twitter.com/ReBensk/status/1158280511124471808?s=19
https://twitter.com/ReBensk/status/1158280511124471808?s=19
Contractors working for Microsoft are listening to personal conversations of Skype users conducted through the mobile app's translation service
https://www.vice.com/amp/en_us/article/xweqbq/microsoft-contractors-listen-to-skype-calls
https://www.vice.com/amp/en_us/article/xweqbq/microsoft-contractors-listen-to-skype-calls
Vice
Revealed: Microsoft Contractors Are Listening to Some Skype Calls
Documents, screenshots, and audio obtained by Motherboard show that humans listen to Skype calls made using the app's translation function.
Android Spyware masquerade as a security application performed spy activities - tracking device location and eavesdropping on call conversations. It was distributed via Google Play.
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/moqhao-related-android-spyware-targeting-japan-and-korea-found-on-google-play/
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/moqhao-related-android-spyware-targeting-japan-and-korea-found-on-google-play/
McAfee Blog
Cybersecurity News and Insights to Stay Safe Online | McAfee Blog
Welcome to the McAfee Blog, where we share posts about security solutions and products to keep you and your connected family safe online.
Security analysis of counterfeit iPhone 6 and Samsung S10
-cost 1/10th of original
-both run vulnerable Android OS(4.4, 5.1)
-vulnerable kernels
-collect user info
-S10 contained RAT
I wouldn't use financial or social media apps on fake phones
https://blog.trailofbits.com/2019/08/07/from-the-depths-of-counterfeit-smartphones/
-cost 1/10th of original
-both run vulnerable Android OS(4.4, 5.1)
-vulnerable kernels
-collect user info
-S10 contained RAT
I wouldn't use financial or social media apps on fake phones
https://blog.trailofbits.com/2019/08/07/from-the-depths-of-counterfeit-smartphones/
The Trail of Bits Blog
From The Depths Of Counterfeit Smartphones
In an age of online second-hand retailers, marketplace exchanges, and third-party refurb shops, it’s easier than ever to save hundreds of dollars when buying a phone. These channels provide an appealing alternative for people foregoing a retail shopping experience…
HiddenAd with 10,000+ installs found on Google Play
-hides app icon
-display ads
https://twitter.com/Maler360/status/1159308968579100672?s=19
-hides app icon
-display ads
https://twitter.com/Maler360/status/1159308968579100672?s=19
Investigation of remote vulnerabilities on the iPhone via SMS, MMS, VVM, Email and iMessage
https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html
https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html
Blogspot
The Fully Remote Attack Surface of the iPhone
Posted by Natalie Silvanovich, Project Zero While there have been several rumours and reports of fully remote vulnerabilities affecting ...
Over 2,000 scam apps discovered on App Store #iOS
-scan fingerprint to make in-app purchase
-some of them are still on App Store
-2 apps made around $400k in June alone
-list of 517 apps
https://appsexposed.home.blog/2019/08/02/app-store-a-safe-haven-for-scammers-500-apps-exposed/
-scan fingerprint to make in-app purchase
-some of them are still on App Store
-2 apps made around $400k in June alone
-list of 517 apps
https://appsexposed.home.blog/2019/08/02/app-store-a-safe-haven-for-scammers-500-apps-exposed/
AppsExposed
App Store: A safe haven for scammers (+500 apps exposed)
IMPORTANT UPDATE: This article was first published on Medium. But the scammers which we exposed below reported us and Medium without an explanation suspended our account. We lost all our research t…
Decrypt WhatsApp protocol to manipulate group chat
https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/
https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/
Check Point Research
Black Hat 2019 – WhatsApp Protocol Decryption for Chat Manipulation and More - Check Point Research
Research By: Dikla Barda, Roman Zaikin and Oded Vanunu According to sources, WhatsApp, the Facebook-owned messaging application has over 1.5 billion users in over 180 countries. The average user checks WhatsApp more than 23 times per day. And, the number…