We dug deeper into the behavior of Geost, a trojan targetting Russian banks, by reverse engineering a sample of the malware. It has several layers of obfuscation, encryption, reflection that made it more difficult to reverse engineer.

The McAfee Mobile Research team has identified an Android malware family dubbed Android/LeifAccess.A that has been active since May 2019. This trojan was

Google removes Iran's official COVID-19 detection app from the Play Store.

Google ensures that each app in the Play Store and on smartphones is checked for Trojans and other kinds of malware. The current test shows that Android users are much safer with security apps than if they rely on Google. Here are the facts.

Since iOS 10, Apple has released the unpacked/decrypted kernel cache (*.ipsw), but the system source code, in particular the kernel and driver part, remain close-sourced. What is more, symbol info in the binary (kernel cache) has been greatly removed, which…

So here we go, after years of fun messing around using Magisk, it seems that Google FINALLY decided to "fix" SafetyNet to something useful, and that is to use key attestation to verify device status (after 3 years since introduced to Android's platform!)

Trojan-Spy.AndroidOS.Cookiethief turned out to be quite simple. Its main task was to acquire root rights on the victim device, and transfer cookies used by the browser and Facebook app to the cybercriminals’ server.

The other day, our Android traps ensnared an interesting specimen of software that can be used for stalking. On closer inspection, we found that this app outstrips all existing software of its class in terms of functionality.

Are cybercriminals and scammer's taking advantage of increased communication around COVID-19? Discovery shows new surveillanceware exploits the pandemic.

Android is launching new features for Advanced Protection Program users to automatically protect them from malware.

Android SMS Trojan portraying itself as an app to get you Coronavirus Safety Mask.

Pen-testing android apps require different methodologies than web applications. The difference is that you have to figure out by different methods.

MobSF is a tool for testing mobile applications. This article shows how to increase the security of iOS applications by integrating MobSF with Bitrise.

Cerebus is riding the COVID-19 / Coronavirus wave with a branded trojan that targets the financial data on your smartphone. .

Our team is closely monitoring TrickBot's developing capabilities, including its new cross-channel attacks using the TrickMo component.

In March 2020, Google patched a critical vulnerability affecting many MediaTek based devices. This vulnerability had been known by MediaTek since April 2019, and later exploited in the wild! In this post, we give some details about this vulnerability and…

Nuxt.js project