Forwarded from The Bug Bounty Hunter
Facebook Bug Bounty: Reading WhatsApp contacts list without unlocking the device
https://medium.com/@ar_arvind/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
https://medium.com/@ar_arvind/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
Medium
WhatsApp Bug Bounty: Reading contacts list without unlocking the device
A bug allows anyone who has the victim’s phone to read all their contact list without unlocking the security lock
Introducing new #Android #malware analysis platform!
Upload APK, detect malware and grab its configuration.
Currently open for trusted researchers only.
https://www.apkdetect.com/
Upload APK, detect malware and grab its configuration.
Currently open for trusted researchers only.
https://www.apkdetect.com/
Microsoft Patches Vulnerable Android Remote Desktop App
https://www.bleepingcomputer.com/news/security/microsoft-patches-vulnerable-android-remote-desktop-app/
https://www.bleepingcomputer.com/news/security/microsoft-patches-vulnerable-android-remote-desktop-app/
BleepingComputer
Microsoft Patches Vulnerable Android Remote Desktop App
Microsoft updated the security advisory of an information disclosure vulnerability that previously impacted only Windows Remote Desktop Protocol clients to also include the Microsoft Remote Desktop for Android app.
First known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice
https://www.welivesecurity.com/2019/08/22/first-spyware-android-ahmyth-google-play/
https://www.welivesecurity.com/2019/08/22/first-spyware-android-ahmyth-google-play/
WeLiveSecurity
First‑of‑its‑kind spyware sneaks into Google Play
ESET research breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice.
One Bug To Rule Them All: Modern Android Password Managers and FLAG_SECURE Misuse
https://blog.doyensec.com/2019/08/22/modern-password-managers-flag-secure.html
https://blog.doyensec.com/2019/08/22/modern-password-managers-flag-secure.html
Doyensec
One Bug To Rule Them All: Modern Android Password Managers and FLAG_SECURE Misuse
A few months ago I stumbled upon a 2016 blog post by Mark Murphy, warning about the state of FLAG_SECURE window leaks in Android. This class of vulnerabilities has been around for a while, hence I wasn’t confident that I could still leverage the same weakness…
CVE-2019-8646 is a vulnerability in iMessage that can allow memory to be leaked and files to be read remotely from a device.
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
Demo: https://youtu.be/br2xCvtVFn4
Research: https://googleprojectzero.blogspot.com/2019/08/the-many-possibilities-of-cve-2019-8646.html
YouTube
iPhone Remote File Read Demo
A demo of CVE-2019-8646, retrieving an image from a remote device's messages
Telegram bug discloses phone numbers of any users in public groups.
Not fixed yet.
Allegedly exploited by government sponsored attack against Hong Kong protesters.
https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub
Not fixed yet.
Allegedly exploited by government sponsored attack against Hong Kong protesters.
https://docs.google.com/document/d/e/2PACX-1vRx2wO2kj0axlQtv2CDSjPGlRKJOHtucvpOKGFKybh2eVVGZqvt_JJv-2Q11NHn5Y4um_F4-bgA6q5v/pub
Forwarded from The Bug Bounty Hunter
[iOS Application Security] Jailbreak 12.4 and SSL pinning bypass | How to set up your iOS Testing Lab
https://medium.com/@yogendra_h1/ios-application-security-jailbreak-12-4-5e3fc0dc0726
https://medium.com/@yogendra_h1/ios-application-security-jailbreak-12-4-5e3fc0dc0726
Medium
[iOS Application Security] Jailbreak 12.4
Hello Everyone — Long time no see!
Riltok - Android banking Trojan spreads in France 🇫🇷 via SMS
https://twitter.com/benkow_/status/1165905380402171905?s=19
https://twitter.com/benkow_/status/1165905380402171905?s=19
Twitter
Benkøw moʞuƎq
#Riltok #Android still around in France http://karambga3j. net/3lfk3jGj/fKJh3jKLO/login.php f51a27163cb0ddd08caa29d865b9f238848118ba2589626af711330481b352df
Forwarded from The Bug Bounty Hunter
Hail Frida!! The Universal SSL pinning bypass for Android applications
https://medium.com/@ved_wayal/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29
https://medium.com/@ved_wayal/hail-frida-the-universal-ssl-pinning-bypass-for-android-e9e1d733d29
Medium
Hail Frida!! The Universal SSL pinning bypass for Android applications
In this article, I’ll explain how to bypass SSL pinning of any android application using frida framework.
Solving Android CTF from BSidesSF2019
https://aadityapurani.com/2019/03/07/bsidessf-ctf-2019-mobile-track/
https://aadityapurani.com/2019/03/07/bsidessf-ctf-2019-mobile-track/
Aaditya Purani - Hacker
[BSidesSF CTF 2019] – Mobile Track
Introduction BSIDES CTF 2019 was hosted by Google and Facebook in San Francisco during the BSides Conference. Teams from all over the world could compete, but the prizes can only be claimed by team…
Bypass passcode protection in NextCloud Android app
https://hackerone.com/reports/631206
https://hackerone.com/reports/631206
HackerOne
Nextcloud disclosed on HackerOne: Passcode Protection in Android...
###What is The Vulnerability?
The Passcode can be bypassed by calling a MainLoginActivity which is com.owncloud.android.ui.activity.FileDisplayActivity , We have successfully bypassed the passcode...
The Passcode can be bypassed by calling a MainLoginActivity which is com.owncloud.android.ui.activity.FileDisplayActivity , We have successfully bypassed the passcode...
Android Trojan Dropper - xHelper
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
https://blog.malwarebytes.com/android/2019/08/mobile-menace-monday-android-trojan-raises-xhelper/
Malwarebytes Labs
Mobile Menace Monday: Android Trojan raises xHelper Malwarebytes Labs
Since its introduction in May 2019, the xHelper dropper, an Android Trojan, has climbed to our top 10 list of most detected mobile malware.
Tests of some of Android Antiviruses (Banking, Trojans, Spyware, PUAs, SMS)
https://www.mrg-effitas.com/wp-content/uploads/2019/08/Android360_2019q2_7.pdf
https://www.mrg-effitas.com/wp-content/uploads/2019/08/Android360_2019q2_7.pdf
Trojan found in CamScanner – Phone PDF creator app with 100,000,000+ installs on Google Play
This Trojan downloads malicious payload from developer's server.
https://securelist.com/dropper-in-google-play/92496/
This Trojan downloads malicious payload from developer's server.
https://securelist.com/dropper-in-google-play/92496/
Securelist
An advertising dropper in Google Play
Recently, the popular CamScanner – Phone PDF creator app caught our attention. After analyzing the app, we saw that the developer added an advertising library to it that contains a malicious dropper component.
Two fake phishing apps found on Google Play. Both of them request user's credit card details. Target Brazilian 🇧🇷 users.
https://twitter.com/silvaaa_anne/status/1166435030182313985?s=19
https://twitter.com/silvaaa_anne/status/1166407382840168449?s=19
Pernambucanas - Cupons - 100+ installsMidway Acesso (impersontes Riachuelo) - 5+ installshttps://twitter.com/silvaaa_anne/status/1166435030182313985?s=19
https://twitter.com/silvaaa_anne/status/1166407382840168449?s=19
Twitter
Anne Silva
Another Malicious App targeting Pernambucanas clients: https://t.co/vcZjTNDDeB @assolini @defesa_digital @Android @GooglePlay @emilio_simoni
Six new HiddenAd Trojans found on Google Play with 280,000+ downloads. If you have them installed, remove them. https://t.co/fB1CCttfIZ
Fake VPN app found on Google Play can download and install additional apps.
https://twitter.com/m0br3v/status/1166680295023812609?s=19
https://twitter.com/m0br3v/status/1166680295023812609?s=19
Twitter
I.Zhilyakov
Fake VPN client has been found and removed from Google Play. On command: -opens web, #instagram, #telegram and google play pages -downloads and tries to install other applications ioc: d789d13c6187ad3cd2991b6d387d9e943d394a8c #android #trojan #malware
Two adware apps found on Google Play with over 1.5 million installs.
https://www.symantec.com/blogs/threat-intelligence/stealthy-ad-clicking-apps-google-play
https://www.symantec.com/blogs/threat-intelligence/stealthy-ad-clicking-apps-google-play
Symantec
New Stealthy Ad Clicking Tactics Found in Popular Apps on Google Play
Two apps with over 1.5 million downloads use new method to stealthily click ads on users’ devices. Apps present on Play Store for almost a year before being discovered.
👍1