Operation Poisoned News
-exploit iOS vulns to install lightSpy malware
-Android dmsSpy
https://blog.trendmicro.com/trendlabs-security-intelligence/operation-poisoned-news-hong-kong-users-targeted-with-mobile-malware-via-local-news-links/
-exploit iOS vulns to install lightSpy malware
-Android dmsSpy
https://blog.trendmicro.com/trendlabs-security-intelligence/operation-poisoned-news-hong-kong-users-targeted-with-mobile-malware-via-local-news-links/
Trend Micro
Research, News, and Perspectives
Security vulnerability discovered in Apple’s iOS version 13.4 that prevents VPNs from encrypting all traffic
https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
Proton VPN
VPN bypass vulnerability in Apple iOS
We discovered a security vulnerability in Apple’s iOS that causes connections to remain unencrypted even after connecting to VPN.
Patching a split APK to use Objection
https://nickbloor.co.uk/2020/03/29/patching-android-split-apks/
https://nickbloor.co.uk/2020/03/29/patching-android-split-apks/
NickstaDB
Patching Android Split APKs
I recently came up against my first split APK during an Android app security assessment. My usual toolkit doesn’t support split APKs, so I hacked together a solution to allow me to instrument…
Android 11 system images for QEMU emulator are capable of executing ARM binaries
How? When an app’s process requires an ARM binary, the binary is translated to x86 within that process exclusively
https://android-developers.googleblog.com/2020/03/run-arm-apps-on-android-emulator.html
How? When an app’s process requires an ARM binary, the binary is translated to x86 within that process exclusively
https://android-developers.googleblog.com/2020/03/run-arm-apps-on-android-emulator.html
Android Developers Blog
Run ARM apps on the Android Emulator
Posted by Michael Hazard As part of the Android 11 developer preview we’ve released Android 11 system images , which are capable of ex...
The 2019 Mobile Threat Landscape via Trendmicro
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/review-refocus-and-recalibrate-the-2019-mobile-threat-landscape
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/review-refocus-and-recalibrate-the-2019-mobile-threat-landscape
Trendmicro
Review, Refocus, and Recalibrate: The 2019 Mobile Threat Landscape
In 2019, cybercriminals looked at the malicious mobile routines that worked in the past and adjusted these to make them more sophisticated, persistent, and profitable online and offline.
Runtime Mobile Security - powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime
https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
GitHub
GitHub - m0bilesecurity/RMS-Runtime-Mobile-Security: Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps…
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime - m0bilesecurity/RMS-Runtime-Mobile-Security
Semi-universal XSS found in iOS Firefox app
https://twitter.com/konarkmodi/status/1244714141421645826?s=20
Writeup: https://0x65.dev/blog/2020-03-30/cve-2019-17004-semi-universal-xss-affecting-firefox-for-ios.html
https://twitter.com/konarkmodi/status/1244714141421645826?s=20
Writeup: https://0x65.dev/blog/2020-03-30/cve-2019-17004-semi-universal-xss-affecting-firefox-for-ios.html
Twitter
Konark Modi
A writeup of our findings from last year on: Semi Universal-XSS affecting Firefox, Cliqz, Brave on iOS https://t.co/2Pjl2nWIEr #search #privacy #web #security via @cliqz https://t.co/f82c4h9wTi https://t.co/9mUj5bpxPe
Covid19 Tracker Apps
List of mobile apps created by government or police to track citizens
https://fs0c131y.com/covid19-tracker-apps/
List of mobile apps created by government or police to track citizens
https://fs0c131y.com/covid19-tracker-apps/
Fs0C131Y
Covid19 Tracker Apps
Apps made to track the population during the COVID19 crisis
Detailed analysis of how Accessibility services are misused by Android malware
+ to complete, there is missing info that such malware can also read and steal 2FA codes from e.g. Google Authenticator (via @reyammer)
https://labs.f-secure.com/blog/how-are-we-doing-with-androids-overlay-attacks-in-2020
2FA: https://reyammer.io/blog/2020/03/17/no-flag-secure-does-not-protect-you-from-a11y-malware-and-google-couldnt-have-protected-2fa-tokens-that-easily/
+ to complete, there is missing info that such malware can also read and steal 2FA codes from e.g. Google Authenticator (via @reyammer)
https://labs.f-secure.com/blog/how-are-we-doing-with-androids-overlay-attacks-in-2020
2FA: https://reyammer.io/blog/2020/03/17/no-flag-secure-does-not-protect-you-from-a11y-malware-and-google-couldnt-have-protected-2fa-tokens-that-easily/
Exploiting CVE-2020-0041 - Part 1: Escaping the Chrome Sandbox
https://labs.bluefrostsecurity.de/blog/2020/03/31/cve-2020-0041-part-1-sandbox-escape/
https://labs.bluefrostsecurity.de/blog/2020/03/31/cve-2020-0041-part-1-sandbox-escape/
labs.bluefrostsecurity.de
Exploiting CVE-2020-0041 - Part 1: Escaping the Chrome Sandbox | Bluefrostsecurity
Protecting Android App against Reverse Engineering and Tampering
https://medium.com/avi-parshan-studios/protecting-your-android-app-against-reverse-engineering-and-tampering-a727768b2e9e
https://medium.com/avi-parshan-studios/protecting-your-android-app-against-reverse-engineering-and-tampering-a727768b2e9e
Medium
Protecting your Android App against Reverse Engineering and Tampering
I built a premium (paid) android app that has been cracked and modded. Therefore, I started researching ways to secure my code and make it…
Gained unauthorized Camera access on iOS and macOS
Technical walkthrough of discovered several zero-day bugs in Safari during hunt to hack the iOS/MacOS camera
https://www.ryanpickren.com/webcam-hacking
Technical walkthrough of discovered several zero-day bugs in Safari during hunt to hack the iOS/MacOS camera
https://www.ryanpickren.com/webcam-hacking
Ryan Pickren
Webcam Hacking - Technical Walkthrough | Ryan Pickren
Techincal walkthrough
Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps
https://panda.moyix.net/~moyix/papers/inputscope_oakland20.pdf
https://panda.moyix.net/~moyix/papers/inputscope_oakland20.pdf
Android Webview Exploited
http://www.nuckingfoob.me/android-webview-csp-iframe-sandbox-bypass/index.html
http://www.nuckingfoob.me/android-webview-csp-iframe-sandbox-bypass/index.html
Forwarded from The Bug Bounty Hunter
Bypassing Xamarin Certificate Pinning on Android
https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/
https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/
GoSecure
24/7 managed detection, response, and expert cybersecurity services - GoSecure
We provide around-the-clock threat detection and incident response, backed by expert consulting to keep your organization secure.
Unkillable xHelper and a Trojan matryoshka
https://securelist.com/unkillable-xhelper-and-a-trojan-matryoshka/96487/
https://securelist.com/unkillable-xhelper-and-a-trojan-matryoshka/96487/
Securelist
Unkillable xHelper and a Trojan matryoshka
It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever.
Subnoscription scam apps found on iOS App Store
These apps charge subnoscription rates around $30 per month after a 3 or 7-day trial period
https://news.sophos.com/en-us/2020/04/08/iphone-fleeceware/
These apps charge subnoscription rates around $30 per month after a 3 or 7-day trial period
https://news.sophos.com/en-us/2020/04/08/iphone-fleeceware/
Sophos News
Don’t let fleeceware sneak into your iPhone
A SophosLabs investigation reveals fleeceware app publishers are also operating on Apple’s App Store for iPhones and iPads
Apple and Google came up with own solution to covid19 contact tracing
-without GPS
-only Bluetooth LE
-in May will release APIs
-user consent is necessity
-should be more secure than country's government own app solution
https://blog.google/inside-google/company-announcements/apple-and-google-partner-covid-19-contact-tracing-technology/
-without GPS
-only Bluetooth LE
-in May will release APIs
-user consent is necessity
-should be more secure than country's government own app solution
https://blog.google/inside-google/company-announcements/apple-and-google-partner-covid-19-contact-tracing-technology/
Google
Apple and Google partner on COVID-19 contact tracing technology
A joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus.
Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy (Android 7-9)
https://medium.com/@Mayank.Grover/intercept-ssl-traffic-to-perform-penetration-testing-on-android-apps-using-charles-debug-proxy-59211859d22f
https://medium.com/@Mayank.Grover/intercept-ssl-traffic-to-perform-penetration-testing-on-android-apps-using-charles-debug-proxy-59211859d22f
Medium
Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy
As cybersecurity incidents are increasing at a very high rate, it’s important to know how to pen-test your applications before they go…
Vulnerability Analysis of Android SuperVPN app that allows attacker to exchange VPN gateway
https://youtu.be/ofTts7jlC2Y
https://youtu.be/ofTts7jlC2Y
👍1