Microsoft Edge for Android Spoofing Vulnerability (CVE-2020-17153)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17153
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17153
Microsoft
Security Update Guide - Microsoft Security Response Center
The Microsoft Security Response Center (MSRC) investigates all reports of security vulnerabilities affecting Microsoft products and services, and provides the information here as part of the ongoing effort to help you manage security risks and help keep yourβ¦
Cellebriteβs New Solution for Decrypting the Signal App
http://web.archive.org/web/20201210150311/https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/
http://web.archive.org/web/20201210150311/https://www.cellebrite.com/en/blog/cellebrites-new-solution-for-decrypting-the-signal-app/
Bypass antiroot detection for Xamarin apps using Frida
https://codeshare.frida.re/@Gand3lf/xamarin-antiroot/
https://codeshare.frida.re/@Gand3lf/xamarin-antiroot/
New Spyware Used by Sextortionists to Blackmail iOS and Android Users
https://blog.lookout.com/lookout-discovers-new-spyware-goontact-used-by-sextortionists-for-blackmail
https://blog.lookout.com/lookout-discovers-new-spyware-goontact-used-by-sextortionists-for-blackmail
Lookout
Lookout Discovers New Spyware Used by Sextortionists to Blackmail iOS and Android Users
The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.
Exploiting new-era of Request forgery on mobile applications
http://dphoeniixx.com/2020/12/13-2/
http://dphoeniixx.com/2020/12/13-2/
Journalists Hacked with Suspected NSO Group iMessage βZero-Clickβ Exploit
https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/
https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/
The Citizen Lab
The Great iPwn: Journalists Hacked with Suspected NSO Group iMessage 'Zero-Click' Exploit - The Citizen Lab
Government operatives used NSO Groupβs Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attributeβ¦
Analysis of 13 popular secure messaging apps:
https://cybernews.com/security/research-nearly-all-of-your-messaging-apps-are-secure/
https://cybernews.com/security/research-nearly-all-of-your-messaging-apps-are-secure/
CyberNews
Research: nearly all of your messaging apps are secure | CyberNews
We tested the security of 13 popular and less-popular secure messaging apps and have good news: most provide default security out of the box.
Settting up iOS Debugging
https://understruction.com/setting-up-ios-debugging
https://understruction.com/setting-up-ios-debugging
Android Security
Supplementary material for Android Trainings:
1) Deep Dive Android
2) Xtreme Android Hacking
3) Android Pentesting
https://github.com/anantshri/Android_Security
Supplementary material for Android Trainings:
1) Deep Dive Android
2) Xtreme Android Hacking
3) Android Pentesting
https://github.com/anantshri/Android_Security
GitHub
anantshri/Android_Security
This repository is a suplimentary material for Android Training's done by Anant Shrivastava - anantshri/Android_Security
Explanation of Samsung's Real-time Kernel Protection and reveal the vulnerability, the one-liner exploit
https://blog.longterm.io/samsung_rkp.html
https://blog.longterm.io/samsung_rkp.html
Pwn To Own LG phones
https://douevenknow.us/post/639414006930702336/tying-it-all-together-pwning-to-own-on-lg-phones
https://douevenknow.us/post/639414006930702336/tying-it-all-together-pwning-to-own-on-lg-phones
[Segmentation Fault]
Tying It All Together - Pwning To Own on LG phones
Last year I detailed a secure EL3 vulnerability which affected (and still affects, for devices with discontinued updates) LG Android devices. However, this vulnerability alone isn't actually all that...
Comparing user data gathering of popular messaging apps (Signal won)
https://9to5mac.com/2021/01/04/app-privacy-labels-messaging-apps/
https://9to5mac.com/2021/01/04/app-privacy-labels-messaging-apps/
9to5Mac
App privacy labels show stark contrasts among messaging apps
Apple's new app privacy labels went live in the App Store last month, giving users the chance to see what data is collected by each ...
Which messenger is the most secure?
Analysis done by Threema.
https://threema.ch/en/messenger-comparison
Analysis done by Threema.
https://threema.ch/en/messenger-comparison
threema.ch
Messenger Comparison - Threema
Why is Threema the most trusted and secure chat app? This messenger comparison shows the differences between Signal, Telegram, WhatsApp, and Threema.
Going Rogue - a Mastermind behind Android Malware Returns with a New RAT
https://research.checkpoint.com/2021/going-rogue-a-mastermind-behind-android-malware-returns-with-a-new-rat/
https://research.checkpoint.com/2021/going-rogue-a-mastermind-behind-android-malware-returns-with-a-new-rat/
Check Point Research
Going Rogue- a Mastermind behind Android Malware Returns with a New RAT - Check Point Research
Research by: Aviran Hazum, Alex Shamshur, Raman Ladutska, Ohad Mana, Israel Wernik Introduction Now more than ever, we rely on our smartphones to keep in touch with our work, our families and the world around us. There are over 3.5 billion smartphone usersβ¦
Detail analysis of Android vulnerabilities being exploited in the wild found by Project Zero
Android Exploits ITW: https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-exploits.html
Android Post-Exploitation https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-post-exploitation.html
Android Exploits ITW: https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-exploits.html
Android Post-Exploitation https://googleprojectzero.blogspot.com/2021/01/in-wild-series-android-post-exploitation.html
Blogspot
In-the-Wild Series: Android Exploits
This is part 4 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other pa...
xnuspy - iOS kernel function hooking framework for checkra1n'able devices
https://github.com/jsherman212/xnuspy
https://github.com/jsherman212/xnuspy
GitHub
jsherman212/xnuspy
an iOS kernel function hooking framework for checkra1n'able devices - jsherman212/xnuspy