The 2019 Mobile Threat Landscape via Trendmicro
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/review-refocus-and-recalibrate-the-2019-mobile-threat-landscape
https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/review-refocus-and-recalibrate-the-2019-mobile-threat-landscape
Trendmicro
Review, Refocus, and Recalibrate: The 2019 Mobile Threat Landscape
In 2019, cybercriminals looked at the malicious mobile routines that worked in the past and adjusted these to make them more sophisticated, persistent, and profitable online and offline.
Runtime Mobile Security - powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime
https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
GitHub
GitHub - m0bilesecurity/RMS-Runtime-Mobile-Security: Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps…
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime - m0bilesecurity/RMS-Runtime-Mobile-Security
Semi-universal XSS found in iOS Firefox app
https://twitter.com/konarkmodi/status/1244714141421645826?s=20
Writeup: https://0x65.dev/blog/2020-03-30/cve-2019-17004-semi-universal-xss-affecting-firefox-for-ios.html
https://twitter.com/konarkmodi/status/1244714141421645826?s=20
Writeup: https://0x65.dev/blog/2020-03-30/cve-2019-17004-semi-universal-xss-affecting-firefox-for-ios.html
Twitter
Konark Modi
A writeup of our findings from last year on: Semi Universal-XSS affecting Firefox, Cliqz, Brave on iOS https://t.co/2Pjl2nWIEr #search #privacy #web #security via @cliqz https://t.co/f82c4h9wTi https://t.co/9mUj5bpxPe
Covid19 Tracker Apps
List of mobile apps created by government or police to track citizens
https://fs0c131y.com/covid19-tracker-apps/
List of mobile apps created by government or police to track citizens
https://fs0c131y.com/covid19-tracker-apps/
Fs0C131Y
Covid19 Tracker Apps
Apps made to track the population during the COVID19 crisis
Detailed analysis of how Accessibility services are misused by Android malware
+ to complete, there is missing info that such malware can also read and steal 2FA codes from e.g. Google Authenticator (via @reyammer)
https://labs.f-secure.com/blog/how-are-we-doing-with-androids-overlay-attacks-in-2020
2FA: https://reyammer.io/blog/2020/03/17/no-flag-secure-does-not-protect-you-from-a11y-malware-and-google-couldnt-have-protected-2fa-tokens-that-easily/
+ to complete, there is missing info that such malware can also read and steal 2FA codes from e.g. Google Authenticator (via @reyammer)
https://labs.f-secure.com/blog/how-are-we-doing-with-androids-overlay-attacks-in-2020
2FA: https://reyammer.io/blog/2020/03/17/no-flag-secure-does-not-protect-you-from-a11y-malware-and-google-couldnt-have-protected-2fa-tokens-that-easily/
Exploiting CVE-2020-0041 - Part 1: Escaping the Chrome Sandbox
https://labs.bluefrostsecurity.de/blog/2020/03/31/cve-2020-0041-part-1-sandbox-escape/
https://labs.bluefrostsecurity.de/blog/2020/03/31/cve-2020-0041-part-1-sandbox-escape/
labs.bluefrostsecurity.de
Exploiting CVE-2020-0041 - Part 1: Escaping the Chrome Sandbox | Bluefrostsecurity
Protecting Android App against Reverse Engineering and Tampering
https://medium.com/avi-parshan-studios/protecting-your-android-app-against-reverse-engineering-and-tampering-a727768b2e9e
https://medium.com/avi-parshan-studios/protecting-your-android-app-against-reverse-engineering-and-tampering-a727768b2e9e
Medium
Protecting your Android App against Reverse Engineering and Tampering
I built a premium (paid) android app that has been cracked and modded. Therefore, I started researching ways to secure my code and make it…
Gained unauthorized Camera access on iOS and macOS
Technical walkthrough of discovered several zero-day bugs in Safari during hunt to hack the iOS/MacOS camera
https://www.ryanpickren.com/webcam-hacking
Technical walkthrough of discovered several zero-day bugs in Safari during hunt to hack the iOS/MacOS camera
https://www.ryanpickren.com/webcam-hacking
Ryan Pickren
Webcam Hacking - Technical Walkthrough | Ryan Pickren
Techincal walkthrough
Automatic Uncovering of Hidden Behaviors From Input Validation in Mobile Apps
https://panda.moyix.net/~moyix/papers/inputscope_oakland20.pdf
https://panda.moyix.net/~moyix/papers/inputscope_oakland20.pdf
Android Webview Exploited
http://www.nuckingfoob.me/android-webview-csp-iframe-sandbox-bypass/index.html
http://www.nuckingfoob.me/android-webview-csp-iframe-sandbox-bypass/index.html
Forwarded from The Bug Bounty Hunter
Bypassing Xamarin Certificate Pinning on Android
https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/
https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/
GoSecure
24/7 managed detection, response, and expert cybersecurity services - GoSecure
We provide around-the-clock threat detection and incident response, backed by expert consulting to keep your organization secure.
Unkillable xHelper and a Trojan matryoshka
https://securelist.com/unkillable-xhelper-and-a-trojan-matryoshka/96487/
https://securelist.com/unkillable-xhelper-and-a-trojan-matryoshka/96487/
Securelist
Unkillable xHelper and a Trojan matryoshka
It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on Android smartphones, but even now the malware remains as active as ever.
Subnoscription scam apps found on iOS App Store
These apps charge subnoscription rates around $30 per month after a 3 or 7-day trial period
https://news.sophos.com/en-us/2020/04/08/iphone-fleeceware/
These apps charge subnoscription rates around $30 per month after a 3 or 7-day trial period
https://news.sophos.com/en-us/2020/04/08/iphone-fleeceware/
Sophos News
Don’t let fleeceware sneak into your iPhone
A SophosLabs investigation reveals fleeceware app publishers are also operating on Apple’s App Store for iPhones and iPads
Apple and Google came up with own solution to covid19 contact tracing
-without GPS
-only Bluetooth LE
-in May will release APIs
-user consent is necessity
-should be more secure than country's government own app solution
https://blog.google/inside-google/company-announcements/apple-and-google-partner-covid-19-contact-tracing-technology/
-without GPS
-only Bluetooth LE
-in May will release APIs
-user consent is necessity
-should be more secure than country's government own app solution
https://blog.google/inside-google/company-announcements/apple-and-google-partner-covid-19-contact-tracing-technology/
Google
Apple and Google partner on COVID-19 contact tracing technology
A joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of the virus.
Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy (Android 7-9)
https://medium.com/@Mayank.Grover/intercept-ssl-traffic-to-perform-penetration-testing-on-android-apps-using-charles-debug-proxy-59211859d22f
https://medium.com/@Mayank.Grover/intercept-ssl-traffic-to-perform-penetration-testing-on-android-apps-using-charles-debug-proxy-59211859d22f
Medium
Intercept SSL traffic to perform penetration testing on Android apps using Charles Debug Proxy
As cybersecurity incidents are increasing at a very high rate, it’s important to know how to pen-test your applications before they go…
Vulnerability Analysis of Android SuperVPN app that allows attacker to exchange VPN gateway
https://youtu.be/ofTts7jlC2Y
https://youtu.be/ofTts7jlC2Y
👍1
OSINT Investigation: Android Cerberus Trojan and the INPS related to COVID19 campaign
https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html
https://bushidotoken.blogspot.com/2020/04/osint-investigation-cerberus-and-inps.html
blog.bushidotoken.net
OSINT Investigation: Cerberus and the INPS
CTI, threat intelligence, OSINT, malware, APT, threat hunting, threat analysis, CTF, cybersecurity, security
Virtual machine host for iOS
It allows to run Windows, Android, and more on your iPhone and iPad
https://getutm.app
It allows to run Windows, Android, and more on your iPhone and iPad
https://getutm.app
Firefox for Android fixed 2 vulnerabilities:
-overwriting preference could lead to arbitrary code execution CVE-2020-6828
-URI spoofing CVE-2020-6827
https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/
-overwriting preference could lead to arbitrary code execution CVE-2020-6828
-URI spoofing CVE-2020-6827
https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/
Mozilla
Security Vulnerabilities fixed in Firefox ESR 68.7
TikTok Vulnerability Enables Hackers to Show Users Fake Videos
https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/
https://www.mysk.blog/2020/04/13/tiktok-vulnerability-enables-hackers-to-show-users-fake-videos/
Mysk
TikTok Vulnerability Enables Hackers to Show Users Fake Videos, Mysk
By Talal Haj Bakry and Tommy Mysk UPDATE (MAY 5, 2020): TikTok rolled updates for iOS and Android in May that fixed this vulnerability.