Android Trojan xHelper uses persistent re-infection tactics: here’s how to remove
https://blog.malwarebytes.com/android/2020/02/new-variant-of-android-trojan-xhelper-reinfects-with-help-from-google-play/
https://blog.malwarebytes.com/android/2020/02/new-variant-of-android-trojan-xhelper-reinfects-with-help-from-google-play/
Malwarebytes
Android Trojan xHelper uses persistent re-infection tactics: here's how to remove | Malwarebytes Labs
A new variant of the Android Trojan xHelper re-infects just hours after removal—and with the help of Google PLAY?! A forum user helps us investigate.
Memory corruption in Samsung's Android kernel (Galaxy A50, A505FN)
https://googleprojectzero.blogspot.com/2020/02/mitigations-are-attack-surface-too.html
https://googleprojectzero.blogspot.com/2020/02/mitigations-are-attack-surface-too.html
Blogspot
Mitigations are attack surface, too
Posted by Jann Horn, Project Zero Introduction This blog post discusses a bug leading to memory corruption in Samsung's Android kern...
Forwarded from The Bug Bounty Hunter
INTRODUCTION TO ANDROID HACKING BY @0XTEKNOGEEK
https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking
https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking
HackerOne
Guess what's coming!? #AndroidHackingMonth on @Hacker0x01
Mobile hacking has become an essential part of the bug bounty hunter’s tool belt as more and more companies are doubling down on mobile and investing in the security of their iOS and Android applications. As part of our determination to ensure you have the…
Analysis of techniques to bypass the Android Security Config control with Frida
https://neo-geo2.gitbook.io/adventures-on-security/frida/analysis-of-network-security-configuration-bypasses-with-frida
https://neo-geo2.gitbook.io/adventures-on-security/frida/analysis-of-network-security-configuration-bypasses-with-frida
neo-geo2.gitbook.io
Analysis of Network Security Configuration bypasses with Frida | Adventures on Security
Analysis of techniques to bypass the Android Security Config control with Frida
Bad Binder - Finding an Android In The Wild 0-day
https://github.com/maddiestone/ConPresentations/blob/master/OffensiveCon2020.BadBinder.pdf
https://github.com/maddiestone/ConPresentations/blob/master/OffensiveCon2020.BadBinder.pdf
GitHub
ConPresentations/OffensiveCon2020.BadBinder.pdf at master · maddiestone/ConPresentations
Slide decks from my conference presentations. Contribute to maddiestone/ConPresentations development by creating an account on GitHub.
Detecting Memory Corruption Bugs With HWASan in Android
https://android-developers.googleblog.com/2020/02/detecting-memory-corruption-bugs-with-hwasan.html
https://android-developers.googleblog.com/2020/02/detecting-memory-corruption-bugs-with-hwasan.html
Android Developers Blog
Detecting Memory Corruption Bugs With HWASan
Posted by Evgenii Stepanov, Staff Software Engineer, Dynamic Tools Native code in memory-unsafe languages like C and C++ is often vuln...
Malwarebytes Labs releases 2020 State of Malware Report
https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf
https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf
Forwarded from The Bug Bounty Hunter
JAVASCRIPT INJECTION IN SIX ANDROID MAIL CLIENTS
https://www.gubello.me/blog/javanoscript-injection-in-six-android-mail-clients/
https://www.gubello.me/blog/javanoscript-injection-in-six-android-mail-clients/
Blog un po' nerd
Javanoscript Injection in six Android mail clients
During last spring (2019) I started to “open and read” the Android applications before installing them. Reversing an APK file can be interesting to understand how an app works, how it manages the permissions and my data, if there are vulnerabilities. I was…
Shodan Pentesting Guide
Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more.
https://community.turgensec.com/shodan-pentesting-guide/
Shodan is a tool for searching devices connected to the internet. Unlike search engines which help you find websites, Shodan helps you find information about desktops, servers, IoT devices, and more.
https://community.turgensec.com/shodan-pentesting-guide/
Hamas Android Malware On IDF Soldiers
This MRAT (Mobile Remote Access Trojan) is disguised as a set of dating apps, “GrixyApp”, “ZatuApp”, and “Catch&See”.
https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened/
This MRAT (Mobile Remote Access Trojan) is disguised as a set of dating apps, “GrixyApp”, “ZatuApp”, and “Catch&See”.
https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened/
Check Point Research
Hamas Android Malware On IDF Soldiers-This is How it Happened - Check Point Research
Introduction: Earlier today, IDF’s spokesperson revealed that IDF (Israel Defense Force) and ISA (Israel Security Agency AKA “Shin Bet”) conducted a joint operation to take down a Hamas operation targeting IDF soldiers, dubbed ‘Rebound’. In this article,…
Phishing campaign targeting mobile banking users
Nearly 4,000 victims fall for off-the-shelf, mobile-only phishing attack
https://blog.lookout.com/lookout-phishing-ai-reveals-mobile-banking-phishing-campaign
Nearly 4,000 victims fall for off-the-shelf, mobile-only phishing attack
https://blog.lookout.com/lookout-phishing-ai-reveals-mobile-banking-phishing-campaign
Lookout
Inside Look Into Phishing Campaign Targeting Mobile Banking | Threat Intel
Lookout Phishing AI discovered a phishing campaign targeting customers via SMS messaging to lure them to fake websites of well-known Canadian and American banks.
WhatsApp bug allowed anyone who has the victim phone to read their contacts list without unlocking the device
Fixed in version 2.19.198
https://medium.com/bugbountywriteup/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
Fixed in version 2.19.198
https://medium.com/bugbountywriteup/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
Medium
WhatsApp Bug Bounty: Reading contacts list without unlocking the device
A bug allows anyone who has the victim’s phone to read all their contact list without unlocking the security lock
Forwarded from The Bug Bounty Hunter
Blind IDOR in LinkedIn iOS application
https://hailstorm1422.com/linkedin-blind-idor/
https://hailstorm1422.com/linkedin-blind-idor/
Faketoken: full analysis of this dangerous banking Trojan
https://www.buguroo.com/en/blog/faketoken-full-analysis-of-this-dangerous-banking-trojan
https://www.buguroo.com/en/blog/faketoken-full-analysis-of-this-dangerous-banking-trojan
iOS App Static Security Analysis using Frida
https://asciinema.org/a/302160
https://asciinema.org/a/302160
asciinema.org
iOS App Static Security Analysis using Frida
Frida noscript to perform static security analysis of an iOS app Source: https://github.com/interference-security/frida-noscripts/blob/master/iOS/ios-app-static-analysis.js Twitter: https://twitter.com...
ToTok app removed from Google Play for the second time
https://9to5google.com/2020/02/14/google-play-removes-totok/
https://9to5google.com/2020/02/14/google-play-removes-totok/
9to5Google
Messaging app ToTok, allegedly used for mass spying, removed from Google Play again
Last year, the New York Times reported how a chat app gaining traction worldwide was actually being used as a spying tool. Google Play removes ToTok...
No Clicks Required - Exploiting Memory Corruption Vulnerabilities in Messenger Apps
https://saelo.github.io/presentations/offensivecon_20_no_clicks.pdf
https://saelo.github.io/presentations/offensivecon_20_no_clicks.pdf
Static analysis of an Android App #BugBounty
Insecure storage of SMS API credentials -> Takeover the SMS API
https://blog.securitybreached.org/2020/02/19/hacking-sms-api-service-provider-of-a-company-android-app-static-security-analysis-bug-bounty-poc/
Insecure storage of SMS API credentials -> Takeover the SMS API
https://blog.securitybreached.org/2020/02/19/hacking-sms-api-service-provider-of-a-company-android-app-static-security-analysis-bug-bounty-poc/
Security Breached Blog
Hacking SMS API Service Provider of a Company |Android App Static Security Analysis | Bug Bounty POC - Security Breached Blog
This blog post is about static analysis of Android App & due to insecure storage of SMS API credentials I was able to Takeover the SMS API.