Gartner evaluates a number of operating systems and device implementations including Android. Android 9 received strong ratings in 26 of 30 categories, including 12 of the 13 categories in the corp-managed section.
https://www.blog.google/products/android-enterprise/android-enterprise-security-assessed-gartner/

If you have app Qualcomm Telecome app that tries to send SMS remove it.

How: Go to Settings -> Apps search for Qualcomm Telecome app and check if it requests SMS permission. If so, uninstall it.
This app was found on Pixel 2XL, Pixel 3XL and OnePlus 5 once updated to Android 9.

South Africa Has Second Most Android Banking Malware Attacks As Cyber Crime Increases

▪️Android smartphones in South Africa are the second-most targeted for banking malware
▪️There are 13,842 cyber attacks per day in Africa’s most sophisticated economy
https://sabric.co.za/media-and-news/press-releases/digital-banking-crime-statistics/

A popular GPS tracker — used as a panic alarm for elderly patients, to monitor kids, and track vehicles — contains security flaws that could leak real-time locations and can remotely activate its microphone.

▪️Device has integrated SIM card but without internet connectivity
▪️If not properly secured (not by default), it can receive SMS commands from anyone
https://techcrunch.com/2019/05/10/gps-trackers-flaw/

Quick overview of "secure messaging apps"

In Android Q beta 3 apps running in the background can no longer launch activities.
However, users can disable this feature in developer options by turning on "Allow background activity starts."
Because of that, malware could allow it via Accessibility services. https://www.androidpolice.com/2019/05/08/background-apps-can-no-longer-launch-activities-in-android-q-beta-3/

APKiD (new release) gives you information about how an APK was made.
It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android.
https://github.com/rednaga/APKiD/blob/master/README.md

Great feature on iOS 12

Local DoS on all Samsung phones with PoC https://link.medium.com/IhXHrKKCDW

Hacking Public Warning System in LTE Mobile Network
https://t.co/pv7EUmYTa0?amp=1

3 fake apps found on Google Play Store. Their goal is to steal text messages and set itself as default SMS app. If you have them installed, uninstall them!

Pentesting Android applications by reversing and finding attack surfaces
https://blog.usejournal.com/an-intro-to-pentesting-an-android-phone-464ec4860f39

Did You Know These Mobile Fraud Examples?
https://www.linkedin.com/pulse/did-you-know-mobile-fraud-examples-ad-fraud-historian

DEF CON Quals 2019 : VERYANDROIDOSO
#Android #CTF #Writeup #Frida
https://eybisi.run/DEF-CON-Quals-2019-Veryandroidoso/

Four Main Mobile Payment Models and their security
https://2muchcoffee.com/blog/paying-with-your-mobile-phone-types-and-models/

“If you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature,” Twitter said
https://threatpost.com/twitter-leaked-ios-users-location/144687/

Android app "Ever - Capture Your Memories" with 1M+ installs.

What began in 2013 as another cloud storage app has pivoted toward a far more lucrative business known as Ever AI — without telling the app’s millions of users.
https://www.nbcnews.com/tech/security/millions-people-uploaded-photos-ever-app-then-company-used-them-n1003371