LinkedIn iOS app is copying the contents every clipboard keystroke. IOS 14 allows users to see each paste notification
https://www.zdnet.com/article/linkedin-says-ios-clipboard-snooping-after-every-key-press-is-a-bug-will-fix/
https://www.zdnet.com/article/linkedin-says-ios-clipboard-snooping-after-every-key-press-is-a-bug-will-fix/
ZDNet
LinkedIn says iOS clipboard snooping after every key press is a bug, will fix
The new clipboard access detection and warning feature in iOS 14 exposes another app.
Android Keylogger Injector demo
Be aware of such techniques when downloading any app, because free tutorial how to create keylogger injector is available on underground forums
https://youtu.be/jpmUUuNUIfo
Be aware of such techniques when downloading any app, because free tutorial how to create keylogger injector is available on underground forums
https://youtu.be/jpmUUuNUIfo
MobOk Malware found on Google Play
Functionality:
-Switching from Wi-Fi to Data Connection
-Subscribing to premium mobile services
-Solving Image-based CAPTCHA using an external image recognition service
-Stealing SMS used for 2FA
-Using the accessibility services to carry-on malicious activities on the screen
https://blog.zimperium.com/zimperium-discovers-mobok-malware-left-undetected-by-mobile-av-industry-for-months/
Functionality:
-Switching from Wi-Fi to Data Connection
-Subscribing to premium mobile services
-Solving Image-based CAPTCHA using an external image recognition service
-Stealing SMS used for 2FA
-Using the accessibility services to carry-on malicious activities on the screen
https://blog.zimperium.com/zimperium-discovers-mobok-malware-left-undetected-by-mobile-av-industry-for-months/
Zimperium
Zimperium Discovers MobOk Malware Left Undetected by AV Industry for Months - Zimperium
zLabs researchers have uncovered a new variant of the MobOk campaign. The samples found evaded detection by AV vendors for months. Zimperium worked with
Police cracked encryption in EncroChat to read messages between drug criminals, hitmen and murder orders
https://www.nytimes.com/2020/07/02/world/europe/encrypted-network-arrests-europe.html
https://www.nytimes.com/2020/07/02/world/europe/encrypted-network-arrests-europe.html
NY Times
When Police Are Hackers: Hundreds Charged as Encrypted Network Is Broken
The authorities said that by hacking into EncroChat, they were able to monitor criminal activity in real time, allowing them to stop drug deals and even murder.
How to use #Frida and #BurpSuite to quickly identify mobile app functionality
https://youtu.be/07K5DZXMvB4
https://youtu.be/07K5DZXMvB4
YouTube
How to identify malware using dynamic analysis tools | Android Trojan Spy | Burp Suite | Frida
Only by using dynamic analysis tools you can quickly identify mobile app functionality.
Demonstration of Android Trojan Spy functionality using dynamic tools Burp Suite and Frida to identify how it exfiltrates personal user data.
This Android malicious app…
Demonstration of Android Trojan Spy functionality using dynamic tools Burp Suite and Frida to identify how it exfiltrates personal user data.
This Android malicious app…
Repairing your smartphone or installing a ROM now will be a crime in Mexico
https://www.xataka.com.mx/legislacion-y-derechos/reparar-tu-smartphone-instalarle-rom-sera-delito-mexico-nueva-ley-que-proteje-candados-digitales-explicada
https://www.xataka.com.mx/legislacion-y-derechos/reparar-tu-smartphone-instalarle-rom-sera-delito-mexico-nueva-ley-que-proteje-candados-digitales-explicada
Xataka México
Reparar tu smartphone o instalarle una ROM será delito en México: la nueva ley que protege los candados digitales, explicada
Instalar una ROM personalizada, descargar y usar software que no provenga del mismo proveedor, y hasta reparar un teléfono, pasa por romper un candado digital...
DroneSploit - A pentesting console framework dedicated to drones
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
https://hakin9.org/dronesploit-a-pentesting-console-framework-dedicated-to-drones/
Hakin9 - IT Security Magazine
404 - Hakin9 - IT Security Magazine
Analysis of EventBot: Android banking Trojan
Here is available patched EventBot payload that displays debug logs while being executed on device to helps understand its malicious functionality
https://youtu.be/qqwOrLR2rgU
Here is available patched EventBot payload that displays debug logs while being executed on device to helps understand its malicious functionality
https://youtu.be/qqwOrLR2rgU
YouTube
Dynamic analysis of patched EventBot allows us read its detailed debug logs while running | Trojan
Malware analysis of Android banking Trojan - EventBot
Its encrypted payload has lots of detailed debug logs for almost every executed functionality, however not activated.
So, I patched encrypted payload. It should help malware analyst to understand how…
Its encrypted payload has lots of detailed debug logs for almost every executed functionality, however not activated.
So, I patched encrypted payload. It should help malware analyst to understand how…
[Virtual] Android Security Symposium 2020 starts now
Program: https://android.ins.jku.at/symposium/program/
Live stream: https://youtu.be/zxkbyyl-9b8
Program: https://android.ins.jku.at/symposium/program/
Live stream: https://youtu.be/zxkbyyl-9b8
YouTube
Android Security Symposium 2020 Live (Monday)
Live stream of Android Security Symposium 2020
https://android.ins.jku.at/symposium/
The third Android Security Symposium takes place as an online (virtual) conference from 6–7 July 2020, and is co-hosted with ACM WiSec 2020. The event is organized by Johannes…
https://android.ins.jku.at/symposium/
The third Android Security Symposium takes place as an online (virtual) conference from 6–7 July 2020, and is co-hosted with ACM WiSec 2020. The event is organized by Johannes…
Collection of smartphone adware
https://securelist.com/pig-in-a-poke-smartphone-adware/97607/
https://securelist.com/pig-in-a-poke-smartphone-adware/97607/
Securelist
Pig in a poke: smartphone adware
Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants
Cerberus Analysis
Untold story of Cerberus discovery and communication with the malware operators.
Talks includes malicious functionality analysis and distribution with over 9,000+ website clicks in 24 hours
https://youtu.be/79fQmmK5RT4
Untold story of Cerberus discovery and communication with the malware operators.
Talks includes malicious functionality analysis and distribution with over 9,000+ website clicks in 24 hours
https://youtu.be/79fQmmK5RT4
YouTube
Story of the new Android banking Trojan-Cerberus at DefCamp 2019
DefCamp is the most important conference on Hacking & Information Security in Central and Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field. Since 2011 it has been gathering decision makers, security specialists…
Reversing DexGuard
Code Obfuscation & RASP: https://www.pnfsoftware.com/blog/reversing-dexguard/
Assets and Code Encryption: https://www.pnfsoftware.com/blog/reversing-dexguard-encryption/
Code Obfuscation & RASP: https://www.pnfsoftware.com/blog/reversing-dexguard/
Assets and Code Encryption: https://www.pnfsoftware.com/blog/reversing-dexguard-encryption/
Banking Trojan Cerberus Made it onto the Google Play Store
https://blog.avast.com/avast-finds-banking-trojan-cerberus-on-google-play-avast?utm_campaign
https://blog.avast.com/avast-finds-banking-trojan-cerberus-on-google-play-avast?utm_campaign
Avast
Banking Trojan Cerberus Made it onto the Google Play Store
Avast Reports Banking Trojan, Cerberus, to Google
Review of the Bahrain mobile application on both iOS and Android with a focus on the process transparency, security, privacy, tracing capabilities, and accessibility
https://blog.ostorlab.co/covid19-how-to-carry-nation-scale-mobile-devices-compromise.html
https://blog.ostorlab.co/covid19-how-to-carry-nation-scale-mobile-devices-compromise.html
blog.ostorlab.co
Ostorlab: Mobile App Security Testing for Android and iOS
Mobile security testing of Covid-19 Contact Tracing Application BeAware
Malware found pre-installed on US smartphones
https://blog.malwarebytes.com/android/2020/07/we-found-yet-another-phone-with-pre-installed-malware-via-the-lifeline-assistance-program/
https://blog.malwarebytes.com/android/2020/07/we-found-yet-another-phone-with-pre-installed-malware-via-the-lifeline-assistance-program/
Malwarebytes
We found yet another phone with pre-installed malware via the Lifeline Assistance program
We discovered yet another phone model with pre-installed malware provided from the Lifeline Assistance program via Assurance Wireless by Virgin Mobile.
New Joker variant hits Google Play with an old trick
https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/
https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/
Check Point Research
New Joker variant hits Google Play with an old trick - Check Point Research
Research By: Aviran Hazum, Bogdan Melnykov, Israel Wernik Overview: Check Point’s researchers recently discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. Hiding in seemingly legitimate applications, we found that this…
Bug chaining in Android MX Player to achieve code execution
1) receive shared data file from other device
2) data file will exploit path traversal vulnerability
3) RCE of received data file
PoC: https://github.com/tenable/poc/tree/master/MXPlayer
https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34
1) receive shared data file from other device
2) data file will exploit path traversal vulnerability
3) RCE of received data file
PoC: https://github.com/tenable/poc/tree/master/MXPlayer
https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34
GitHub
poc/MXPlayer at master · tenable/poc
Proof of Concepts. Contribute to tenable/poc development by creating an account on GitHub.
Hacking smart devices to convince dementia sufferers to overdose
https://www.pentestpartners.com/security-blog/hacking-smart-devices-to-convince-dementia-sufferers-to-overdose/?=wednesday-8-july-2020
https://www.pentestpartners.com/security-blog/hacking-smart-devices-to-convince-dementia-sufferers-to-overdose/?=wednesday-8-july-2020
Pentestpartners
Hacking smart devices to convince dementia sufferers to overdose | Pen Test Partners
We've looked at numerous smart tracker watches over recent years. All had some disastrous security flaws. However, we found one recently that was a little different: it was aimed at the elderly, particularly those with dementia or other cognitive impairments.…
Global Grant URI in Android 8.0-9.0 [DUP]
Any third party application was able to grant R/W access to any exported/non exported, secured by permissions content providers which were installed in system
https://www.vulnano.com/2020/07/global-grant-uri-in-android-80-90-2018.html
Any third party application was able to grant R/W access to any exported/non exported, secured by permissions content providers which were installed in system
https://www.vulnano.com/2020/07/global-grant-uri-in-android-80-90-2018.html
Vulnano
Global grant uri in Android 8.0-9.0 (2018 year)
Vulnano: mobile security research.
How to unc0ver a 0-day in 4 hours or less
https://googleprojectzero.blogspot.com/2020/07/how-to-unc0ver-0-day-in-4-hours-or-less.html
https://googleprojectzero.blogspot.com/2020/07/how-to-unc0ver-0-day-in-4-hours-or-less.html
projectzero.google
How to unc0ver a 0-day in 4 hours or less - Project Zero
By Brandon Azad, Project ZeroAt 3 PM PDT on May 23, 2020, the unc0ver jailbreak was released for iOS 13.5 (the latest signed version at the time of release) ...