[Virtual] Android Security Symposium 2020 starts now
Program: https://android.ins.jku.at/symposium/program/
Live stream: https://youtu.be/zxkbyyl-9b8
Program: https://android.ins.jku.at/symposium/program/
Live stream: https://youtu.be/zxkbyyl-9b8
YouTube
Android Security Symposium 2020 Live (Monday)
Live stream of Android Security Symposium 2020
https://android.ins.jku.at/symposium/
The third Android Security Symposium takes place as an online (virtual) conference from 6–7 July 2020, and is co-hosted with ACM WiSec 2020. The event is organized by Johannes…
https://android.ins.jku.at/symposium/
The third Android Security Symposium takes place as an online (virtual) conference from 6–7 July 2020, and is co-hosted with ACM WiSec 2020. The event is organized by Johannes…
Collection of smartphone adware
https://securelist.com/pig-in-a-poke-smartphone-adware/97607/
https://securelist.com/pig-in-a-poke-smartphone-adware/97607/
Securelist
Pig in a poke: smartphone adware
Our support team continues to receive more and more requests from users complaining about intrusive ads on their smartphones from unknown sources. In some cases, the solution is quite simple. In others, the task is far harder: the adware plants
Cerberus Analysis
Untold story of Cerberus discovery and communication with the malware operators.
Talks includes malicious functionality analysis and distribution with over 9,000+ website clicks in 24 hours
https://youtu.be/79fQmmK5RT4
Untold story of Cerberus discovery and communication with the malware operators.
Talks includes malicious functionality analysis and distribution with over 9,000+ website clicks in 24 hours
https://youtu.be/79fQmmK5RT4
YouTube
Story of the new Android banking Trojan-Cerberus at DefCamp 2019
DefCamp is the most important conference on Hacking & Information Security in Central and Eastern Europe, bringing hands-on talks about the latest research and practices from the INFOSEC field. Since 2011 it has been gathering decision makers, security specialists…
Reversing DexGuard
Code Obfuscation & RASP: https://www.pnfsoftware.com/blog/reversing-dexguard/
Assets and Code Encryption: https://www.pnfsoftware.com/blog/reversing-dexguard-encryption/
Code Obfuscation & RASP: https://www.pnfsoftware.com/blog/reversing-dexguard/
Assets and Code Encryption: https://www.pnfsoftware.com/blog/reversing-dexguard-encryption/
Banking Trojan Cerberus Made it onto the Google Play Store
https://blog.avast.com/avast-finds-banking-trojan-cerberus-on-google-play-avast?utm_campaign
https://blog.avast.com/avast-finds-banking-trojan-cerberus-on-google-play-avast?utm_campaign
Avast
Banking Trojan Cerberus Made it onto the Google Play Store
Avast Reports Banking Trojan, Cerberus, to Google
Review of the Bahrain mobile application on both iOS and Android with a focus on the process transparency, security, privacy, tracing capabilities, and accessibility
https://blog.ostorlab.co/covid19-how-to-carry-nation-scale-mobile-devices-compromise.html
https://blog.ostorlab.co/covid19-how-to-carry-nation-scale-mobile-devices-compromise.html
blog.ostorlab.co
Ostorlab: Mobile App Security Testing for Android and iOS
Mobile security testing of Covid-19 Contact Tracing Application BeAware
Malware found pre-installed on US smartphones
https://blog.malwarebytes.com/android/2020/07/we-found-yet-another-phone-with-pre-installed-malware-via-the-lifeline-assistance-program/
https://blog.malwarebytes.com/android/2020/07/we-found-yet-another-phone-with-pre-installed-malware-via-the-lifeline-assistance-program/
Malwarebytes
We found yet another phone with pre-installed malware via the Lifeline Assistance program
We discovered yet another phone model with pre-installed malware provided from the Lifeline Assistance program via Assurance Wireless by Virgin Mobile.
New Joker variant hits Google Play with an old trick
https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/
https://research.checkpoint.com/2020/new-joker-variant-hits-google-play-with-an-old-trick/
Check Point Research
New Joker variant hits Google Play with an old trick - Check Point Research
Research By: Aviran Hazum, Bogdan Melnykov, Israel Wernik Overview: Check Point’s researchers recently discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. Hiding in seemingly legitimate applications, we found that this…
Bug chaining in Android MX Player to achieve code execution
1) receive shared data file from other device
2) data file will exploit path traversal vulnerability
3) RCE of received data file
PoC: https://github.com/tenable/poc/tree/master/MXPlayer
https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34
1) receive shared data file from other device
2) data file will exploit path traversal vulnerability
3) RCE of received data file
PoC: https://github.com/tenable/poc/tree/master/MXPlayer
https://medium.com/tenable-techblog/android-mx-player-path-traversal-to-code-execution-9134b623eb34
GitHub
poc/MXPlayer at master · tenable/poc
Proof of Concepts. Contribute to tenable/poc development by creating an account on GitHub.
Hacking smart devices to convince dementia sufferers to overdose
https://www.pentestpartners.com/security-blog/hacking-smart-devices-to-convince-dementia-sufferers-to-overdose/?=wednesday-8-july-2020
https://www.pentestpartners.com/security-blog/hacking-smart-devices-to-convince-dementia-sufferers-to-overdose/?=wednesday-8-july-2020
Pentestpartners
Hacking smart devices to convince dementia sufferers to overdose | Pen Test Partners
We've looked at numerous smart tracker watches over recent years. All had some disastrous security flaws. However, we found one recently that was a little different: it was aimed at the elderly, particularly those with dementia or other cognitive impairments.…
Global Grant URI in Android 8.0-9.0 [DUP]
Any third party application was able to grant R/W access to any exported/non exported, secured by permissions content providers which were installed in system
https://www.vulnano.com/2020/07/global-grant-uri-in-android-80-90-2018.html
Any third party application was able to grant R/W access to any exported/non exported, secured by permissions content providers which were installed in system
https://www.vulnano.com/2020/07/global-grant-uri-in-android-80-90-2018.html
Vulnano
Global grant uri in Android 8.0-9.0 (2018 year)
Vulnano: mobile security research.
How to unc0ver a 0-day in 4 hours or less
https://googleprojectzero.blogspot.com/2020/07/how-to-unc0ver-0-day-in-4-hours-or-less.html
https://googleprojectzero.blogspot.com/2020/07/how-to-unc0ver-0-day-in-4-hours-or-less.html
projectzero.google
How to unc0ver a 0-day in 4 hours or less - Project Zero
By Brandon Azad, Project ZeroAt 3 PM PDT on May 23, 2020, the unc0ver jailbreak was released for iOS 13.5 (the latest signed version at the time of release) ...
Critical Security Vulnerabilities fixed in Firefox for Android 68.10.1
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.
https://www.mozilla.org/en-US/security/advisories/mfsa2020-27/
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.
https://www.mozilla.org/en-US/security/advisories/mfsa2020-27/
Mozilla
Security Vulnerabilities fixed in Firefox for Android 68.10.1
Reversing DexGuard, Part 3 – Code Virtualization
https://www.pnfsoftware.com/blog/reversing-dexguard-virtualization/
https://www.pnfsoftware.com/blog/reversing-dexguard-virtualization/
Accelerating Android Updates
https://android-developers.googleblog.com/2020/07/accelerating-android-updates.html
https://android-developers.googleblog.com/2020/07/accelerating-android-updates.html
Android Developers Blog
Accelerating Android Updates
Posted by Eddie Hsu (Technical Program Manager), Brent VerWeyst (Product Manager), Maya Ben Ari (Product Manager), Amith Dsouza (Technica...
Reverse Engineering Nike Run Club Android App Using Frida
https://yasoob.me/posts/reverse-engineering-nike-run-club-using-frida-android/
https://yasoob.me/posts/reverse-engineering-nike-run-club-using-frida-android/
yasoob.me
Reverse Engineering Nike Run Club Android App Using Frida - Yasoob Khalid
Hi everyone! 👋 If you have been following my blog then you might have already read the article on reverse engineering an Android app by writing custom smali code. I am still very much a reverse engineering beginner so after that article, I got to learn about…
Russian Android Stalkerware
-after launch it gathers device logs
-downloads additional app via HTTP
-logs credentials....
Here is demo of this #Stalkware being installed and hooked by Frida
https://youtu.be/IcVRwyJpmMw
-after launch it gathers device logs
-downloads additional app via HTTP
-logs credentials....
Here is demo of this #Stalkware being installed and hooked by Frida
https://youtu.be/IcVRwyJpmMw
YouTube
Android Stalkerware logs gathering | downloading additional app | Monitoring app
Demonstration of how Android Stalkerware app logs and gathers device details, downloads additional app via HTTP to by installed, stores temporarily login credentials in clear text etc.
To identify this behavior during installation process I used Frida noscript…
To identify this behavior during installation process I used Frida noscript…
How To Intercept Android Application HTTPS traffic in Android 10 (Q) with Burp Suite and Magisk
https://www.theburpsuite.com/2020/05/intercepting-android-application-https.html
https://www.theburpsuite.com/2020/05/intercepting-android-application-https.html
Theburpsuite
Intercepting Android Application HTTPS traffic in Burp Suite - Android 10 (Q) with Magisk
Unofficial Burp Suite blog for Pentesting with the burp suite tutorials.
AMDH - Android Mobile Device Hardening tool
This forensics tool helps you list installed apps on device and dump them all
Tool: https://github.com/SecTheTech/AMDH
Test of the tool: https://www.instagram.com/p/CCgipObAGBQ/
This forensics tool helps you list installed apps on device and dump them all
Tool: https://github.com/SecTheTech/AMDH
Test of the tool: https://www.instagram.com/p/CCgipObAGBQ/
GitHub
GitHub - A-YATTA/AMDH: Android Mobile Device Hardening
Android Mobile Device Hardening. Contribute to A-YATTA/AMDH development by creating an account on GitHub.
Slicer - A tool to automate the recon process on an APK file
https://github.com/mzfr/slicer
https://github.com/mzfr/slicer
GitHub
GitHub - mzfr/slicer: A tool to automate the boring process of APK recon
A tool to automate the boring process of APK recon - mzfr/slicer
How to hack and prevent getting hacked by Android on the same WiFi
Video explains three types of attack:
1) Spy on other user web browsing
2) Redirect visited websites to attacker web
3) Steal Facebook login credentials
https://youtu.be/MHxbv6oA3CA
Video explains three types of attack:
1) Spy on other user web browsing
2) Redirect visited websites to attacker web
3) Steal Facebook login credentials
https://youtu.be/MHxbv6oA3CA