0-day Privilege Escalation Vulnerability in Android
Not patched. No exploit available.
Can by exploited by malicious app that could gain root privileges on infected device.
https://www.zerodayinitiative.com/advisories/ZDI-19-780/
Not patched. No exploit available.
Can by exploited by malicious app that could gain root privileges on infected device.
https://www.zerodayinitiative.com/advisories/ZDI-19-780/
Zerodayinitiative
ZDI-19-780
(0Day) Google Android v4l2 Double Free Privilege Escalation Vulnerability
Stalkerware app with 10,000+ installs found on Google Play
https://twitter.com/ReBensk/status/1169842841532526593
https://twitter.com/ReBensk/status/1169842841532526593
Twitter
Re-ind
Stalkerware App Found on Googleplay 10,000+ Installs https://t.co/ju56LevfSw
Indian 🇮🇳 face recogintion app was leaking: suspect & submited photo, OTP codes, police officers using app, admin password.
After report they: restricted db access, removed app from Google Play, removed their Twitter account and Firebase db. BTW this company works for Indian government.
https://twitter.com/olihough86/status/1169641409592381440
After report they: restricted db access, removed app from Google Play, removed their Twitter account and Firebase db. BTW this company works for Indian government.
https://twitter.com/olihough86/status/1169641409592381440
Heap Overflows and the iOS Kernel Heap - Case Study from an in-the-wild iOS 0-Day. #Part2
Learn how the exploit developer used a clever vulnerability-conversion to turn a heap-overflow into an artificial Use-After-Free.
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
Learn how the exploit developer used a clever vulnerability-conversion to turn a heap-overflow into an artificial Use-After-Free.
https://azeria-labs.com/heap-overflows-and-the-ios-kernel-heap/
Azeria-Labs
Heap Overflows and the iOS Kernel Heap
Doctor Web’s overview of malware detected on mobile devices in August 2019
https://news.drweb.com/show/review/?lng=en&i=13397
https://news.drweb.com/show/review/?lng=en&i=13397
Dr.Web
Dr.Web — Doctor Web’s overview of malware detected on mobile devices in August 2019
Find out on Doctor Web’s site about the latest virus threats and information security issues.
Bug in Telegram that didn't remove not sent videos and pictures from device
https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html
https://www.inputzero.io/2019/09/telegram-privacy-fails-again.html
Weekly tests (week 36) of APK files uploaded on Virus Total based on Antivirus engines
Results:
1. K7GW
2. ESET-NOD32
3. Trustlook
4. AhnLab-V3
5. Fortinet
https://blog.trustlook.com/virustotal-apk-malware-detection-data-week-36-20190826-20190901/
Results:
1. K7GW
2. ESET-NOD32
3. Trustlook
4. AhnLab-V3
5. Fortinet
https://blog.trustlook.com/virustotal-apk-malware-detection-data-week-36-20190826-20190901/
Trustlook blog
VirusTotal APK Malware Detection Data -
Week 36: 20190902-20190908
Week 36: 20190902-20190908
At Trustlook, we monitor live feed from VirusTotal (VT). On a daily basis, we
collect APK samples from VT along with detection results from Anti-Virus (AV)
vendors hosted on VT. Using a conservative labeling policy, we are able to
select thousands of benign…
collect APK samples from VT along with detection results from Anti-Virus (AV)
vendors hosted on VT. Using a conservative labeling policy, we are able to
select thousands of benign…
radare2 & Frida in OWASP Mobile Security Testing Guide
https://github.com/radareorg/r2con2019/blob/master/talks/r2_and_frida_owasp_mstg/r2_and_frida_in_the_OWASP_MSTG_Carlos_Holguera.pdf
https://github.com/radareorg/r2con2019/blob/master/talks/r2_and_frida_owasp_mstg/r2_and_frida_in_the_OWASP_MSTG_Carlos_Holguera.pdf
GitHub
r2con2019/talks/r2_and_frida_owasp_mstg/r2_and_frida_in_the_OWASP_MSTG_Carlos_Holguera.pdf at master · radareorg/r2con2019
r2con2019 - slides and materials. Contribute to radareorg/r2con2019 development by creating an account on GitHub.
Simjacker – Next Generation Spying Over Mobile
https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
Enea
Simjacker - Next Generation Spying via SIM Card Vulnerability
Find out more about Simjacker attacks: how do they work, who are the attackers, and how can the attacks be blocked.
A newly disclosed Instagram security issue, confirmed by Facebook, exposed user account details and phone numbers
https://www.forbes.com/sites/zakdoffman/2019/09/12/new-instagram-hack-exclusive-facebook-confirms-user-accounts-and-phone-numbers-at-risk/
https://www.forbes.com/sites/zakdoffman/2019/09/12/new-instagram-hack-exclusive-facebook-confirms-user-accounts-and-phone-numbers-at-risk/
Forbes
Instagram Confirms Security Issue Exposed User Accounts And Phone Numbers—Exclusive
A researcher exposed private user account details and phone numbers by combining two separate security exploits.
Period tracking apps send sexual health data to Facebook servers
https://www.privacyinternational.org/long-read/3196/no-bodys-business-mine-how-menstruation-apps-are-sharing-your-data
https://www.privacyinternational.org/long-read/3196/no-bodys-business-mine-how-menstruation-apps-are-sharing-your-data
Frida noscripts for reversing and debuging Android and iOS (dexdump,app/service hook)
https://github.com/4ch12dy/xia0FridaScript/tree/master/Android/sample
https://github.com/4ch12dy/xia0FridaScript/tree/master/Android/sample
GitHub
FridaLib/Android/sample at master · 4ch12dy/FridaLib
iOS/android frida library for reversing. Contribute to 4ch12dy/FridaLib development by creating an account on GitHub.
Trojan Dropper found on Google Play with 10,000+ installs
https://twitter.com/ReBensk/status/1172120835001208833
https://twitter.com/ReBensk/status/1172120835001208833
Twitter
Re-ind
Android Trojan-Dropper Found on Google Play https://t.co/9VIE8NfIcF 10,000+ Installs Encrypted Payload file assets/36290 (encrypted) decrypt the file with XOR Key '0xC2' you will get the original .dex - IOC: F8E13CC7D3968FCABF7D1938826B0B45 has the base64…
Project Zero Tools to test iPhone messaging
SmsSimulator: an SMS simulator for iPhone
iMessage: tools for sending and dumping iMessage messages
imapiness: a fuzzer for IMAP clients
https://github.com/googleprojectzero/iOS-messaging-tools
SmsSimulator: an SMS simulator for iPhone
iMessage: tools for sending and dumping iMessage messages
imapiness: a fuzzer for IMAP clients
https://github.com/googleprojectzero/iOS-messaging-tools
GitHub
GitHub - googleprojectzero/iOS-messaging-tools
Contribute to googleprojectzero/iOS-messaging-tools development by creating an account on GitHub.
Forwarded from The Bug Bounty Hunter
How two dead accounts allowed REMOTE CRASH of any Instagram android user
https://www.valbrux.it/blog/2019/09/13/how-two-dead-users-allowed-remote-crash-of-any-instagram-android-user/
https://www.valbrux.it/blog/2019/09/13/how-two-dead-users-allowed-remote-crash-of-any-instagram-android-user/
Valbrux
How two dead accounts allowed REMOTE CRASH of any Instagram android user - Valbrux
Facebook bug bounty remote crash bug
Reversing HackEx Android Game for fun & profit - static, dynamic and network analysis
https://0x00sec.org/t/reversing-hackex-an-android-game/16243
https://0x00sec.org/t/reversing-hackex-an-android-game/16243
0x00sec - The Home of the Hacker
Reversing HackEx - An android game
Hello peeps. I’m sp0re. This is my first post on 0x00sec, you can find more about me on my website. Today we are going to reverse engineer the network protocol of an android game so that we can automate the game, and earn unlimited money while drinking sodas…
How to bypass Android certificate pinning and intercept SSL traffic
https://vavkamil.cz/2019/09/15/how-to-bypass-android-certificate-pinning-and-intercept-ssl-traffic/
https://vavkamil.cz/2019/09/15/how-to-bypass-android-certificate-pinning-and-intercept-ssl-traffic/
Kamil Vavra @vavkamil
How to bypass Android certificate pinning and intercept SSL traffic
Offensive website security Bug bounty Ethical hacking
Threat actor recycles leaked source code of Android RAT SpyNote and sells it as new Android RAT MobiHok v4.
Threat actore sells it with entire source code for $15,000!
https://blog.sensecy.com/2019/09/15/arabic-speaking-threat-actor-recycles-the-source-code-of-popular-rat-spynote-and-sells-it-in-the-dark-web-as-new/
Threat actore sells it with entire source code for $15,000!
https://blog.sensecy.com/2019/09/15/arabic-speaking-threat-actor-recycles-the-source-code-of-popular-rat-spynote-and-sells-it-in-the-dark-web-as-new/
ES File Explorer - Authentication bypass via insecure FTP Activity execution
3rd party app can bypass master password to start local FTP server. Because of that, attacker on local network could access files on device without authentication.
https://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8
3rd party app can bypass master password to start local FTP server. Because of that, attacker on local network could access files on device without authentication.
https://medium.com/@bhaveshthakur2015/cve-2019-11380-how-i-was-able-to-access-complete-storage-of-es-fileexplorer-end-user-9bd8da5ac3b8
Medium
CVE-2019–11380 | How I was able to access complete storage of ES-FileExplorer End user
ES-file explorer was a very popular file manager having more than 30 lac downloads on play store. I found a critical vulnerability by…
Bypass iOS 13 Lockscreen to see contacts info
https://youtu.be/pW0TTnBCA04
https://youtu.be/pW0TTnBCA04
YouTube
With No Enter the Passcode you can See Contacts info. iOS 13 Feature. Read denoscription please.
Follow me on Twitter for more coming.
http://twitter.com/intent/follow/user?screen_name=vbarraquito
Original video shared to Apple on July 17:
https://youtu.be/7eWJkePoNAU
Sent to Apple in July 2019 as part of a report of two security flaws (Lock screen…
http://twitter.com/intent/follow/user?screen_name=vbarraquito
Original video shared to Apple on July 17:
https://youtu.be/7eWJkePoNAU
Sent to Apple in July 2019 as part of a report of two security flaws (Lock screen…
Simplify reverse-engineering ARM firmware in Ghidra
SVD-Loader for Ghidra automates the entire generation of peripheral structs and memory maps for over 650 different microcontrollers
https://leveldown.de/blog/svd-loader/
SVD-Loader for Ghidra automates the entire generation of peripheral structs and memory maps for over 650 different microcontrollers
https://leveldown.de/blog/svd-loader/