How to root an Android device for analysis and vulnerability assessment
https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/
https://www.pentestpartners.com/security-blog/how-to-root-an-android-device-for-analysis-and-vulnerability-assessment/
Pen Test Partners
How to root an Android device for analysis and vulnerability assessment | Pen Test Partners
TL;DR Introduction For mobile testing, be it for apps or hardware, having complete control over the device is essential for analysis and vulnerability assessment. Rooting an Android device allows us to gain root privileges, giving us full access to the OSโฆ
๐ฅ13๐8๐คก4
Intercepting iHealth app traffic with Caido and Frida
iHealth Nexus Pro Body Composition Scale only communicates via Bluetooth Low Energy (BLE) to a iHealth mobile app
Blog: https://brownfinesecurity.com/blog/intercepting-mobile-traffic-with-caido-and-frida/
Video: https://youtu.be/GvRi7chKMPI
iHealth Nexus Pro Body Composition Scale only communicates via Bluetooth Low Energy (BLE) to a iHealth mobile app
Blog: https://brownfinesecurity.com/blog/intercepting-mobile-traffic-with-caido-and-frida/
Video: https://youtu.be/GvRi7chKMPI
Brownfinesecurity
Intercepting Mobile Application Traffic with Caido and Frida - Brown Fine Security
๐ฅ10๐4
Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF) could allow malicious actors to execute code remotely on servers running MobSF (CVE-2024-43399)
https://securityonline.info/cve-2024-43399-critical-zip-slip-vulnerability-discovered-in-mobile-security-framework-mobsf
https://securityonline.info/cve-2024-43399-critical-zip-slip-vulnerability-discovered-in-mobile-security-framework-mobsf
Daily CyberSecurity
CVE-2024-43399: Critical Zip Slip Vulnerability Discovered in Mobile Security Framework (MobSF)
Discover the critical vulnerability in MobSF - CVE-2024-43399. Find out how this flaw could lead to remote code execution and the potential impact on app security.
๐ฅ25๐3โค2
Rocinante: Analysis of new Android banking trojan
https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante
https://www.threatfabric.com/blogs/the-trojan-horse-that-wanted-to-fly-rocinante
ThreatFabric
Rocinante: The trojan horse that wanted to fly
New DTO malware appears in Brazil, posing as security updates and banking applications.
๐11๐3โค1
Reverse Engineering Obfuscated Flutter App
https://youtu.be/0uUSwMg2suk
https://youtu.be/0uUSwMg2suk
YouTube
Reverse Engineering Obfuscated Flutter App
#flutterobfuscatedapp #mobilesecurity #dartdecompilation #dartobjectpool #reverse-engineering
Hello everyone and welcome to another video on Flutter by FatalSec. In this video we are gonna learn how to deal with an obfuscated flutter application by resolvingโฆ
Hello everyone and welcome to another video on Flutter by FatalSec. In this video we are gonna learn how to deal with an obfuscated flutter application by resolvingโฆ
๐24โค1
New Phishing Campaign Spreads EagleSpy Android Malware
https://www-d3lab-net.translate.goog/nuova-campagna-di-phishing-diffonde-malware-android-eaglespy/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
https://www-d3lab-net.translate.goog/nuova-campagna-di-phishing-diffonde-malware-android-eaglespy/?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en
D3Lab
Nuova Campagna di Phishing diffonde malware Android EagleSpy
Una recente campagna di phishing sta diffondendo il malware Android EagleSpy, un potente RAT in grado di rubare dati sensibili attraverso false app bancarie. Analizziamo le somiglianze tecniche con SpyNote e CraxsRAT, rivelando le sofisticate tecniche diโฆ
๐8๐3
GPUAF Using a general GPU exploit tech to attack Pixel 8
We developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploited a vulnerability in the Pixel series, achieving Kernel Code Execution.
https://www.youtube.com/watch?v=Mw6iCqjOV9Q
We developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploited a vulnerability in the Pixel series, achieving Kernel Code Execution.
https://www.youtube.com/watch?v=Mw6iCqjOV9Q
YouTube
Off-By-One 2024 Day 1 - GPUAF Using a general GPU exploit tech to attack Pixel8
Abstract
Last year, we developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploitedโฆ
Last year, we developed an advanced exploit technique capable of transforming a conventional out-of-bounds (OOB) bug into a more potent exploit primitive, specifically a page Use-After-Free (UAF). Utilizing this technique, we successfully exploitedโฆ
๐ฅ14๐3
New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/
McAfee Blog
New Android SpyAgent Campaign Steals Crypto Credentials via Image Recognition | McAfee Blog
Authored by SangRyol Ryu Recently, McAfeeโs Mobile Research Team uncovered a new type of mobile malware that targets mnemonic keys by scanning for images
๐ฅ6๐1
Attempted cyberattacks on Ukrainian military systems using mobile malware
https://cert.gov.ua/article/6280563
https://cert.gov.ua/article/6280563
cert.gov.ua
CERT-UA
ะฃััะดะพะฒะฐ ะบะพะผะฐะฝะดะฐ ัะตะฐะณัะฒะฐะฝะฝั ะฝะฐ ะบะพะผะฟโััะตัะฝั ะฝะฐะดะทะฒะธัะฐะนะฝั ะฟะพะดัั ะฃะบัะฐัะฝะธ, ัะบะฐ ััะฝะบััะพะฝัั ะฒ ัะบะปะฐะดั ะะตัะถะฐะฒะฝะพั ัะปัะถะฑะธ ัะฟะตััะฐะปัะฝะพะณะพ ะทะฒโัะทะบั ัะฐ ะทะฐั
ะธััั ัะฝัะพัะผะฐััั ะฃะบัะฐัะฝะธ.
๐ฅ10๐3๐ฅฐ2๐2๐ข1
How to intercepting Android at runtime on non-rooted devices using frida-gadget
https://dispatchersdotplayground.hashnode.dev/intercepting-android-at-runtime-on-non-rooted-devices
https://dispatchersdotplayground.hashnode.dev/intercepting-android-at-runtime-on-non-rooted-devices
๐ฅ10๐2๐2
[$12000] How I found 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security issues in TikTokโs system
https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3
https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3
๐20๐7
Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos
https://labs.taszk.io/articles/post/there_will_be_bugs/
https://labs.taszk.io/articles/post/there_will_be_bugs/
labs.taszk.io
Unburdened By What Has Been: Exploiting New Attack Surfaces in Radio Layer 2 for Baseband RCE on Samsung Exynos
Samsung Baseband RCE with Layer 2 Vulnerabilities
๐ฑ8๐ฅ2๐ฅด1
A new TrickMo saga: from Banking Trojan to Victim's Data Leak
https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak
https://www.cleafy.com/cleafy-labs/a-new-trickmo-saga-from-banking-trojan-to-victims-data-leak
Cleafy
A new TrickMo saga: from Banking Trojan to Victim's Data Leak | Cleafy Labs
Explore Cleafy's analysis of a newly discovered TrickMo variant, revealing enhanced malware capabilities and critical endpoints used for storing stolen credentials and data from victims. Here is the latest threat analyst report.
โคโ๐ฅ7๐จโ๐ป3๐1
Exploiting JavaScript Interface for Unauthorized Access in a Kucoin cryptocurrency exchange Android app
https://hulkvision.github.io/blog/javascript-interface/exploiting-javascript-interface/
https://hulkvision.github.io/blog/javascript-interface/exploiting-javascript-interface/
hulkvision.github.io
Exploiting JavaScript Interface for Unauthorized Access in a 'global' cryptocurrency exchange android app
Intro
Webview in Android Ecosystem is an extension of Androidโs view class that lets you display web pages as a part of your application activity layout. You can call it as a web browser built into your application but it doesnโt include the features of aโฆ
Webview in Android Ecosystem is an extension of Androidโs view class that lets you display web pages as a part of your application activity layout. You can call it as a web browser built into your application but it doesnโt include the features of aโฆ
๐8โค3๐คฏ3๐2๐1
Android banking trojan - Ajina - attacks Central Asia: Story of an Uzbek Android Pandemic
https://www.group-ib.com/blog/ajina-malware
https://www.group-ib.com/blog/ajina-malware
Group-IB
Story of an Uzbek Android Pandemic | Group-IB Blog
Discovered by Group-IB in May 2024, the Ajina.Banker malware is a major cyber threat in the Central Asia region, disguising itself as legitimate apps to steal banking information and intercept 2FA messages.
๐ฅ6๐คฏ2โค1๐ฅด1
Android Vo1d malware infected over a million Android TV boxes
It is a backdoor that puts its components in the system storage and, when commanded by attackers, is capable of secretly downloading and installing third-party software
https://news.drweb.com/show/?i=14900&lng=en
It is a backdoor that puts its components in the system storage and, when commanded by attackers, is capable of secretly downloading and installing third-party software
https://news.drweb.com/show/?i=14900&lng=en
Dr.Web
Void captures over a million Android TV boxes
Doctor Web experts have uncovered yet another case of an Android-based TV box infection. The malware, dubbed <a href="https://vms.drweb.com/search/?q=Android.Vo1d&lng=en"><b>Android.Vo1d</b></a>, has infected nearly 1.3 million devices belonging to usersโฆ
๐8๐3๐1
Diving into ADB protocol internals (1/2)
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12
https://www.synacktiv.com/publications/diving-into-adb-protocol-internals-12
Synacktiv
Diving into ADB protocol internals (1/2)
๐ฅ11๐3๐1๐คก1๐ฅฑ1
Wild vulnerabilities discovered in mobile dating app - Feeld with 1 Million installs on Google Play
-Disclosure of profile information to non-premium users
-Read other peopleโs messages
-access to other peopleโs photos & videos from their chats
-delete, recover and edit other peopleโs messages
-Update someone elseโs profile information
-Send messages in other peopleโs chat
-Get a โLikeโ from any user profile
https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
-Disclosure of profile information to non-premium users
-Read other peopleโs messages
-access to other peopleโs photos & videos from their chats
-delete, recover and edit other peopleโs messages
-Update someone elseโs profile information
-Send messages in other peopleโs chat
-Get a โLikeโ from any user profile
https://fortbridge.co.uk/research/feeld-dating-app-nudes-data-publicly-available/
Cyber Security Services - London
Feeld dating app - Your nudes and data were publicly available
Discover critical Feeld app vulnerabilities from our pentest. See how flaws in security controls expose personal data and learn key fixes.
๐ฅ9๐5๐คฃ5๐4โค1๐คฎ1
Android Bytecode Exploitation
Introduction (Part 1): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_0/
Fundamentals (Part 2): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_1/
Bytecode Injection (Part 3): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
Bytecode Reuse Attack (Part 4): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
Introduction (Part 1): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_0/
Fundamentals (Part 2): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_1/
Bytecode Injection (Part 3): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_2/
Bytecode Reuse Attack (Part 4): https://lolcads.github.io/posts/2024/09/bytecode_exploitation_3/
lolcads tech blog
Introduction to Android Bytecode Exploitation (Part 1)
Introduction to Android Bytecode Exploitation (Part 1) Android resides among the most popular operating systems for mobile devices, which causes Android to also be among the most popular targets for exploitation. While Android is frequently updated to fixโฆ
๐ฅ21๐2๐2
Jailbreak your Enemies with a Link: Remote Execution on iOS
The Trident Exploit Chain deep-dive (Part I)
https://jacobbartlett.substack.com/p/jailbreak-enemies-with-a-link-remote-execution
The Trident Exploit Chain deep-dive (Part I)
https://jacobbartlett.substack.com/p/jailbreak-enemies-with-a-link-remote-execution
Jacobstechtavern
Jailbreak your Enemies with a Link: Remote Execution on iOS
The Trident Exploit Chain deep-dive (Part I)
๐ฅ26โค1๐1