Forensic analysis of Jeff Bezos hacked #iPhoneX
iPhone was exploited via #WhatsApp vulnerability that probably triggered RCE.
Similar exploit was fixed in October 2019 - CVE-2019-11932(double-free vulnerability) but instead of video it was triggered by GIF.
https://www.documentcloud.org/documents/6668313-FTI-Report-into-Jeff-Bezos-Phone-Hack.html
iPhone was exploited via #WhatsApp vulnerability that probably triggered RCE.
Similar exploit was fixed in October 2019 - CVE-2019-11932(double-free vulnerability) but instead of video it was triggered by GIF.
https://www.documentcloud.org/documents/6668313-FTI-Report-into-Jeff-Bezos-Phone-Hack.html
www.documentcloud.org
FTI Report into Jeff Bezos Phone Hack
Analysis of Opera for Android vulnerability to a sandboxed cross-origin iframe bypass attack (CVE-2019-19788)
https://blog.confiant.com/trending-client-side-innovations-in-malvertising-payloads-914d9f614ed1
https://blog.confiant.com/trending-client-side-innovations-in-malvertising-payloads-914d9f614ed1
Medium
Trending Client-Side Innovations In Malvertising Payloads
This blog post will cover two techniques that persistent, high volume malvertisers have been leveraging in recent months to maximize the…
What mobile OS you are using?
anonymous poll
Android – 417
👍👍👍👍👍👍👍 80%
iOS – 78
👍 15%
other – 10
▫️ 2%
Windows Mobile – 9
▫️ 2%
KaiOS – 6
▫️ 1%
👥 520 people voted so far.
anonymous poll
Android – 417
👍👍👍👍👍👍👍 80%
iOS – 78
👍 15%
other – 10
▫️ 2%
Windows Mobile – 9
▫️ 2%
KaiOS – 6
▫️ 1%
👥 520 people voted so far.
United Nations officials will not use #WhatsApp to communicate because it’s not supported as a secure mechanism #JeffBezos
https://www.reuters.com/article/us-un-whatsapp/u-n-says-officials-barred-from-using-whatsapp-since-june-2019-over-security-idUSKBN1ZM32P
https://www.reuters.com/article/us-un-whatsapp/u-n-says-officials-barred-from-using-whatsapp-since-june-2019-over-security-idUSKBN1ZM32P
Reuters
U.N. says officials barred from using WhatsApp since June 2019 over security
UNITED NATIONS (Reuters) - United Nations officials do not use WhatsApp to communicate because “it’s not supported as a secure mechanism,” a U.N. spokesman said on Thursday, after U.N. experts accused Saudi Arabia of using the online communications platform…
Penetration Testing & Hacking Tools List (30+)
- Penetration Testing Resources
- Exploit Development
- OSINT Resources
- Anonymity Tools
- Social Engineering
- Reverse Engineering Tools
- Operating Systems
- Vulnerability Databases
- Penetration Testing Distributions
- Docker for Penetration Testing
- Multi-paradigm Frameworks
- Vulnerability Scanners
- Static Analyzers
- Web Scanners
- Network Tools
- Wireless Network Hacking Tools
- Transport Layer Security Tools
- Web Exploitation
- Hex Editors
- File Format Analysis Tools
- Defense Evasion Tools
- Hash Cracking
- Windows Utilities
- GNU/Linux Utilities
- macOS Utilities
- Lock Picking Resources
- CTF Tools
- Books
- Security Courses
https://itshackingnews.blogspot.com/2020/01/penetration-testing-hacking-tools.html
- Penetration Testing Resources
- Exploit Development
- OSINT Resources
- Anonymity Tools
- Social Engineering
- Reverse Engineering Tools
- Operating Systems
- Vulnerability Databases
- Penetration Testing Distributions
- Docker for Penetration Testing
- Multi-paradigm Frameworks
- Vulnerability Scanners
- Static Analyzers
- Web Scanners
- Network Tools
- Wireless Network Hacking Tools
- Transport Layer Security Tools
- Web Exploitation
- Hex Editors
- File Format Analysis Tools
- Defense Evasion Tools
- Hash Cracking
- Windows Utilities
- GNU/Linux Utilities
- macOS Utilities
- Lock Picking Resources
- CTF Tools
- Books
- Security Courses
https://itshackingnews.blogspot.com/2020/01/penetration-testing-hacking-tools.html
Ring doorbell app on Android shares its users personal information with third-party companies
-names, email
-private IP addresses
-mobile network carriers
-persistent identifiers
-sensor data (magnetometer, gyroscope,accelerometer)
-etc.
https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers
-names, email
-private IP addresses
-mobile network carriers
-persistent identifiers
-sensor data (magnetometer, gyroscope,accelerometer)
-etc.
https://www.eff.org/deeplinks/2020/01/ring-doorbell-app-packed-third-party-trackers
Electronic Frontier Foundation
Ring Doorbell App Packed with Third-Party Trackers
Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers.An investigation by EFF of the Ring doorbell app for Android found it to be
Another New York Times journalist targeted by mobile spyware #Pegasus created by NSO Group
https://citizenlab.ca/2020/01/stopping-the-press-new-york-times-journalist-targeted-by-saudi-linked-pegasus-spyware-operator/
https://citizenlab.ca/2020/01/stopping-the-press-new-york-times-journalist-targeted-by-saudi-linked-pegasus-spyware-operator/
The Citizen Lab
Stopping the Press
New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator…
Forensics detective says Android phones are now harder to crack than iPhones
"The tool could not extract any social media, internet browsing, or GPS data from devices such as the Google Pixel 2 and Samsung Galaxy S9. In the case of the Huawei P20 Pro, the cracking software literally got nothing."
https://www.androidauthority.com/android-encryption-forensics-1078668/
"The tool could not extract any social media, internet browsing, or GPS data from devices such as the Google Pixel 2 and Samsung Galaxy S9. In the case of the Huawei P20 Pro, the cracking software literally got nothing."
https://www.androidauthority.com/android-encryption-forensics-1078668/
Android Authority
Forensics detective says Android phones are now harder to crack than iPhones
According to a forensics detective, Android encryption has made it harder to crack Android phones as compared to iPhones. This is a reversal from the norm.
Apple WebKit team aims to improve the security of one-time passcodes sent to users via SMS
https://www.zdnet.com/google-amp/article/apple-wants-to-standardize-the-format-of-sms-otps-one-time-passcodes/
https://www.zdnet.com/google-amp/article/apple-wants-to-standardize-the-format-of-sms-otps-one-time-passcodes/
ZDNet
Apple wants to standardize the format of SMS OTPs (one-time passcodes)
WebKit team proposal aims to improve the security of one-time passcodes sent to users via SMS.
mobile-report.pdf
6.3 MB
Mobile Ad Fraud - A multi-billion dollar criminalenterprise
Popular Android Malware Threats - January, 2020
http://skptr.me/malware_timeline_2020.html
http://skptr.me/malware_timeline_2020.html
The worst mistakes made by the law enforcement and iOS forensic experts
https://blog.elcomsoft.com/2020/01/the-worst-mistakes-in-ios-forensics/
https://blog.elcomsoft.com/2020/01/the-worst-mistakes-in-ios-forensics/
ElcomSoft blog
The Worst Mistakes in iOS Forensics
What can possibly go wrong with that iPhone? I’ll have a look (oh, it’s locked!), then switch it off, eject the SIM card and pass it on to the expert. Well, you’ve just made three of the five most common mistakes making subsequent unlock and extraction attempts…
Now you can root using exploit Galaxy S9, Galaxy S9+ and Galaxy Note 9 if you’re running Android 8.0 or 8.1 Oreo.
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
https://www.xda-developers.com/samsung-galaxy-s9-galaxy-note-9-snapdragon-root/
XDA Developers
Developers have exploited the Samsung Galaxy S9 and Note 9 to get root access on the Snapdragon models
Developers have figured out how to root the Snapdragon models of the Samsung Galaxy S9 and Galaxy Note 9 thanks to an exploit, but there's a catch.
Analysis of native react Android applications
https://blog.assetnote.io/bug-bounty/2020/02/01/expanding-attack-surface-react-native/
https://blog.assetnote.io/bug-bounty/2020/02/01/expanding-attack-surface-react-native/
Fugu - is the first open source jailbreak tool based on the checkm8 exploit #iOS
https://github.com/LinusHenze/Fugu
https://github.com/LinusHenze/Fugu
GitHub
GitHub - LinusHenze/Fugu: Fugu is the first open source jailbreak based on the checkm8 exploit
Fugu is the first open source jailbreak based on the checkm8 exploit - LinusHenze/Fugu
Exploiting Insecure Firebase Database in Android apps
https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/
https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/
Security Breached Blog
Exploiting Insecure Firebase Database! - Security Breached Blog
this blog post is about Exploiting Insecure Firebase Databases, due to Improper set security rules one can write data to the database in certain conditions here’s a Short POC tutorial of the issue.
In the case you prefer Android InfoSec news rather on Facebook, we are there.
It is better for posting visuals and videos.
Feel free to like us https://facebook.com/AndroidInfoSec/
It is better for posting visuals and videos.
Feel free to like us https://facebook.com/AndroidInfoSec/
Android Banking Malware #slides
https://maxkersten.nl/wp-content/uploads/2020/02/SecureID_AndroidBankingMalware_ENG.pdf
https://maxkersten.nl/wp-content/uploads/2020/02/SecureID_AndroidBankingMalware_ENG.pdf
Analyzing iOS WhatsApp Calls
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
Analysis of the network traffic + binary files + runtime behavior
https://link.medium.com/yi4uD2Q1P3
Medium
Analyzing WhatsApp Calls
How I revealed parts of the VoIP protocol with Wireshark, radare2 and Frida.