Doctor Web’s overview of virus activity on mobile devices in July 2019
https://news.drweb.com/show/review/?lng=en&i=13374
https://news.drweb.com/show/review/?lng=en&i=13374
Dr.Web
Dr.Web — Doctor Web’s overview of virus activity on mobile devices in July 2019
Find out on Doctor Web’s site about the latest virus threats and information security issues.
Need to reverse engineer an iOS app?
Works on iOS11 & 12
https://twitter.com/ddouhine/status/1158700402419937280?s=19
Works on iOS11 & 12
https://twitter.com/ddouhine/status/1158700402419937280?s=19
Twitter
Davy Douhine
Need to reverse engineer an iOS app ? 1/ Add https://t.co/PjjYGi0uSC src to Cydia 2/ Install bfdecrypt 3/ Go to bfdecrypt pref pane in Settings & set the app to decrypt 4/ Launch it 5/ Decrypted IPA is stored in the Documents folder of the app Works on iOS11…
How To Start IoT Device Firmware Reverse Engineering? #IoT
http://blog.securelayer7.net/how-to-start-iot-device-firmware-reverse-engineering/
http://blog.securelayer7.net/how-to-start-iot-device-firmware-reverse-engineering/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
How to Start IoT device Firmware Reverse Engineering?
IoT device Firmware Reverse Engineering: It is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods....
Pwning the Galaxy S8
Bug 0: Pwning and Examining the browser’s renderer process
Bug 1: Incomplete fix for CVE-2016-5197
Bug 2: The Email loves EML with a … XSS
Bug 3: … And file:/// crossdomain
Bug 4: Pwn a process with INSTALL_PACKAGES privilege
Bug 5: Push SDK pushes vulnerability
https://blog.flanker017.me/galaxy-leapfrogging-pwning-the-galaxy-s8/
Bug 0: Pwning and Examining the browser’s renderer process
Bug 1: Incomplete fix for CVE-2016-5197
Bug 2: The Email loves EML with a … XSS
Bug 3: … And file:/// crossdomain
Bug 4: Pwn a process with INSTALL_PACKAGES privilege
Bug 5: Push SDK pushes vulnerability
https://blog.flanker017.me/galaxy-leapfrogging-pwning-the-galaxy-s8/
Flanker Sky
Galaxy Leapfrogging: Pwning the Galaxy S8
Hello everyone, long time no see! Now begins a series of blog posts about bugs I found before and now on Android vendors, including memory corruption and logical bugs, reported and fixed via Pwn2Ow…
Facebook sues two developers from Google Play for click injection fraud
Developers: LIONMOBI and Jedimobi
Altogether 7 apps on Google Play
Altogether 217,000,000+ installs of these apps
https://newsroom.fb.com/news/2019/08/enforcing-against-click-injection-fraud/
Developers: LIONMOBI and Jedimobi
Altogether 7 apps on Google Play
Altogether 217,000,000+ installs of these apps
Click injection fraud: The malware created fake user clicks on Facebook ads that appeared on the users’ phones, giving the impression that the users had clicked on the ads.https://newsroom.fb.com/news/2019/08/enforcing-against-click-injection-fraud/
About Facebook
Enforcing Against Click Injection Fraud - About Facebook
Facebook filed suit against two app developers for misrepresenting that a real person had clicked on their ads.
Fake Antivirus with 50,000+ installs
https://twitter.com/ReBensk/status/1158280511124471808?s=19
https://twitter.com/ReBensk/status/1158280511124471808?s=19
Contractors working for Microsoft are listening to personal conversations of Skype users conducted through the mobile app's translation service
https://www.vice.com/amp/en_us/article/xweqbq/microsoft-contractors-listen-to-skype-calls
https://www.vice.com/amp/en_us/article/xweqbq/microsoft-contractors-listen-to-skype-calls
Vice
Revealed: Microsoft Contractors Are Listening to Some Skype Calls
Documents, screenshots, and audio obtained by Motherboard show that humans listen to Skype calls made using the app's translation function.
Android Spyware masquerade as a security application performed spy activities - tracking device location and eavesdropping on call conversations. It was distributed via Google Play.
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/moqhao-related-android-spyware-targeting-japan-and-korea-found-on-google-play/
https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/moqhao-related-android-spyware-targeting-japan-and-korea-found-on-google-play/
McAfee Blog
Cybersecurity News and Insights to Stay Safe Online | McAfee Blog
Welcome to the McAfee Blog, where we share posts about security solutions and products to keep you and your connected family safe online.
Security analysis of counterfeit iPhone 6 and Samsung S10
-cost 1/10th of original
-both run vulnerable Android OS(4.4, 5.1)
-vulnerable kernels
-collect user info
-S10 contained RAT
I wouldn't use financial or social media apps on fake phones
https://blog.trailofbits.com/2019/08/07/from-the-depths-of-counterfeit-smartphones/
-cost 1/10th of original
-both run vulnerable Android OS(4.4, 5.1)
-vulnerable kernels
-collect user info
-S10 contained RAT
I wouldn't use financial or social media apps on fake phones
https://blog.trailofbits.com/2019/08/07/from-the-depths-of-counterfeit-smartphones/
The Trail of Bits Blog
From The Depths Of Counterfeit Smartphones
In an age of online second-hand retailers, marketplace exchanges, and third-party refurb shops, it’s easier than ever to save hundreds of dollars when buying a phone. These channels provide an appealing alternative for people foregoing a retail shopping experience…
HiddenAd with 10,000+ installs found on Google Play
-hides app icon
-display ads
https://twitter.com/Maler360/status/1159308968579100672?s=19
-hides app icon
-display ads
https://twitter.com/Maler360/status/1159308968579100672?s=19
Investigation of remote vulnerabilities on the iPhone via SMS, MMS, VVM, Email and iMessage
https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html
https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html
Blogspot
The Fully Remote Attack Surface of the iPhone
Posted by Natalie Silvanovich, Project Zero While there have been several rumours and reports of fully remote vulnerabilities affecting ...
Over 2,000 scam apps discovered on App Store #iOS
-scan fingerprint to make in-app purchase
-some of them are still on App Store
-2 apps made around $400k in June alone
-list of 517 apps
https://appsexposed.home.blog/2019/08/02/app-store-a-safe-haven-for-scammers-500-apps-exposed/
-scan fingerprint to make in-app purchase
-some of them are still on App Store
-2 apps made around $400k in June alone
-list of 517 apps
https://appsexposed.home.blog/2019/08/02/app-store-a-safe-haven-for-scammers-500-apps-exposed/
AppsExposed
App Store: A safe haven for scammers (+500 apps exposed)
IMPORTANT UPDATE: This article was first published on Medium. But the scammers which we exposed below reported us and Medium without an explanation suspended our account. We lost all our research t…
Decrypt WhatsApp protocol to manipulate group chat
https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/
https://research.checkpoint.com/black-hat-2019-whatsapp-protocol-decryption-for-chat-manipulation-and-more/
Check Point Research
Black Hat 2019 – WhatsApp Protocol Decryption for Chat Manipulation and More - Check Point Research
Research By: Dikla Barda, Roman Zaikin and Oded Vanunu According to sources, WhatsApp, the Facebook-owned messaging application has over 1.5 billion users in over 180 countries. The average user checks WhatsApp more than 23 times per day. And, the number…
Fake Android security solutions found on Google Play
Discovered 8 fake AV apps with 1,236,000+ installs
https://labs.k7computing.com/?p=17228
Discovered 8 fake AV apps with 1,236,000+ installs
https://labs.k7computing.com/?p=17228
Sex app leaks locations, pics and personal details.
https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/
https://www.pentestpartners.com/security-blog/group-sex-app-leaks-locations-pictures-and-other-personal-details-identifies-users-in-white-house-and-supreme-court/
Pentestpartners
Group sex app leaks locations, pics and personal details. Identifies users in White House and Supreme Court | Pen Test Partners
We’ve seen some pretty poor security in dating apps over recent years; breaches of personal data, leaking users locations and more. But this one really takes the biscuit: probably the worst security for any dating app we’ve ever seen And it’s used for arranging…
👍1
In the official Android app of BlackHat an attacker can:
- Open a random url in the app browser
- Pre dial a number
- Create an email
- Open Chrome to download a file https://t.co/mZ4UsuilPm
- Open a random url in the app browser
- Pre dial a number
- Create an email
- Open Chrome to download a file https://t.co/mZ4UsuilPm
Twitter
Elliot Alderson
The official Android app of #BHUSA is a joke. For an event of this size this is not serious @BlackHatEvents. Thanks to the #BlackHat app, an attacker can: - Open a random url in the app browser - Pre dial a number - Create an email - Open Chrome to download…
Reversing Android pre-installed apps
Convince 1 company to include your app rather than
thousands of users
https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf
Convince 1 company to include your app rather than
thousands of users
https://github.com/maddiestone/ConPresentations/blob/master/Blackhat2019.SecuringTheSystem.pdf
GitHub
ConPresentations/Blackhat2019.SecuringTheSystem.pdf at master · maddiestone/ConPresentations
Slide decks from my conference presentations. Contribute to maddiestone/ConPresentations development by creating an account on GitHub.
Vulnerabilities in 5G
1) A protocol vulnerability in 4G and 5G specification that allows the fake base station to steal information about the device and mount identification attacks
2) Implementation vulnerability in cellular network operator equipment that can be exploited during a device registration phase
3) A protocol vulnerability that affects the battery life of low-powered devices
https://infosec.sintef.no/en/informasjonssikkerhet/2019/08/new-vulnerabilities-in-5g-security-architecture-countermeasures/
1) A protocol vulnerability in 4G and 5G specification that allows the fake base station to steal information about the device and mount identification attacks
2) Implementation vulnerability in cellular network operator equipment that can be exploited during a device registration phase
3) A protocol vulnerability that affects the battery life of low-powered devices
https://infosec.sintef.no/en/informasjonssikkerhet/2019/08/new-vulnerabilities-in-5g-security-architecture-countermeasures/
infosec.sintef.no
New vulnerabilities in 5G Security Architecture & Countermeasures (Part 1)
The 5G network promises to transform industries and our digital society by providing enhanced capacity, higher data rates, increased battery life for machine-type devices, higher availability and reduced power consumptions. In a way, 5G will act as a vehicle…
Remote Code Execution Vulnerabilities in Apple FaceTime #BlackHat
https://i.blackhat.com/USA-19/Thursday/us-19-Huang-Towards-Discovering-Remote-Code-Execution-Vulnerabilities-In-Apple-FaceTime.pdf
https://i.blackhat.com/USA-19/Thursday/us-19-Huang-Towards-Discovering-Remote-Code-Execution-Vulnerabilities-In-Apple-FaceTime.pdf
Attacking iPhone XS Max
https://i.blackhat.com/USA-19/Thursday/us-19-Wang-Attacking-IPhone-XS-Max.pdf
https://i.blackhat.com/USA-19/Thursday/us-19-Wang-Attacking-IPhone-XS-Max.pdf