Bluetooth-using home COVID test was cracked to fake results
https://labs.f-secure.com/blog/faking-a-positive-covid-test
https://labs.f-secure.com/blog/faking-a-positive-covid-test
IP address leak (Android), and denial of service (DoS) dubbed Message of Death (Android) found in Android Microsoft Teams app https://positive.security/blog/ms-teams-1-feature-4-vulns
positive.security
MS Teams: 1 feature, 4 vulnerabilities | Positive Security
Microsoft Team's link preview feature is susceptible to spoofing and vulnerable to Server-Side Request Forgery. Team's Android users can be DoS'ed and, in the past, their IP address could be leaked.
Malicious App Targets Major Brazilian Bank Itaรบ Unibanco
https://blog.cyble.com/2021/12/23/malicious-app-targets-major-brazilian-bank-itau-unibanco/
https://blog.cyble.com/2021/12/23/malicious-app-targets-major-brazilian-bank-itau-unibanco/
Cyble
Malicious App Targets Major Brazilian Bank Itaรบ Unibanco
Cyble's research on an Android Malware that has been targeting a major banking company in Brazil.
Samsung's Galaxy Store is distributing apps that could infect phones with malware
https://www.androidpolice.com/samsung-galaxy-store-malware-movie-piracy-showbox/
https://www.androidpolice.com/samsung-galaxy-store-malware-movie-piracy-showbox/
Android Police
Samsung's Galaxy Store is distributing apps that could infect phones with malware
Potentially fake 'Showbox' movie piracy apps trigger a Play Protect warning, and an investigation indicates they could download malware
Android Tor Browser Thumbnails. What?
https://abrignoni.blogspot.com/2021/12/tor-thumbnails-what.html
https://abrignoni.blogspot.com/2021/12/tor-thumbnails-what.html
Blogspot
Initialization Vectors
Learning DFIR.
Android Component Security
https://www.hebunilhanli.com/wonderland/mobile-security/android-component-security/
https://www.hebunilhanli.com/wonderland/mobile-security/android-component-security/
Hebun ilhanlฤฑ
Android Component Security | The Four Horsemen - Hebun ilhanlฤฑ
In this blog, I usually share articles about the mobile security, ctf solutions, web application security area and any subject that interests me.
A Memory Visualiser Tool for iOS Security Research
https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
Medium
A Memory Visualiser Tool for iOS Security Research
Happy New Year!๐ฅณ
Facebook android webview vulnerability: Execute arbitrary javascript (xss) and load arbitrary website
https://servicenger.com/mobile/facebook-android-webview-vulnerability/
https://servicenger.com/mobile/facebook-android-webview-vulnerability/
SERVICENGER
Facebook android webview vulnerability : Execute arbitrary javascript (xss) and load arbitrary website - SERVICENGER
In Facebook android activity "com.facebook.katana.activity.iap.LaunchFromIAP" is exported with "com.facebook.katana.activity.iap" action intent filter and
Meet โNoRebootโ: The iOS Ultimate Persistence Bug
https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
ZecOps Blog
Persistence without "Persistence": Meet The Ultimate Persistence Bug - โNoRebootโ - ZecOps Blog
Mobile Attackerโs Mindset Series โ Part II Evaluating how attackers operate when there are no rules leads to discoveries of advanced detection and response mechanisms. ZecOps is proudly researching scenarios of attacks and sharing the information publiclyโฆ
Detailed analysis of Android FluBot malware version 5.0
https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond
https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond
F5 Labs
FluBotโs Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond | F5 Labs
A deconstruction of FluBot 5.0โs new communication protocol and other capabilities FluBot uses to hide, making it difficult for researchers and security solutions to detect.
Real-world Android Malware Analysis 1: SMS spy
https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html
https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html
Purpl3 F0x Secur1ty
Real-world Android Malware Analysis 1: eblagh.apk
Intro
Building userDebug Android images with root access and debug capabilities for a Google Pixel (sailfish)
https://www.linkedin.com/pulse/building-userdebug-android-images-google-pixel-sailfish-basanta
https://www.linkedin.com/pulse/building-userdebug-android-images-google-pixel-sailfish-basanta
Linkedin
Building userDebug Android images for a Google Pixel (sailfish).
Beforehand, i'm sorry for my english writing. I'm in practice for improve it.
Poland: Use of Pegasus spyware to hack politicians highlights threat to civil society
https://www.amnesty.org/en/latest/news/2022/01/poland-use-of-pegasus-spyware-to-hack-politicians-highlights-threat-to-civil-society/
https://www.amnesty.org/en/latest/news/2022/01/poland-use-of-pegasus-spyware-to-hack-politicians-highlights-threat-to-civil-society/
Amnesty International
Poland: Use of Pegasus spyware to hack politicians highlights threat to civil society
Confirming that Amnesty International has independently confirmed that Pegasus spyware was used to hack Polish senator, Krzysztof Brejza, when he was running the oppositionโs 2019 parliamentary election campaign, Amnesty International Polandโs Director Annaโฆ
Project Torogoz - Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware
https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-civil-society-el-salvador-pegasus-spyware/
https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-civil-society-el-salvador-pegasus-spyware/
The Citizen Lab
Project Torogoz: Extensive Hacking of Media & Civil Society in El Salvador with Pegasus Spyware - The Citizen Lab
Journalists and members of civil society had their phones successfully infected with NSOโs Pegasus spyware between July 2020 - November 2021.
RCE in Adobe Acrobat Reader for Android (CVE-2021-40724)
analysis: https://hulkvision.github.io/blog/post1/
analysis: https://hulkvision.github.io/blog/post1/
hulkvision.github.io
RCE in Adobe Acrobat Reader for android(CVE-2021-40724)
# Summary While testing Adobe Acrobat reader app , the app has a feature which allows user to open pdfs directly from http/https url. This feature was vulnerable to path traversal vulnerability. Abode reader was also using Google play core library for dynamicโฆ
Multidex trick to unpack Android BianLian malware family
https://cryptax.medium.com/multidex-trick-to-unpack-android-bianlian-ed52eb791e56
https://cryptax.medium.com/multidex-trick-to-unpack-android-bianlian-ed52eb791e56
Medium
Multidex trick to unpack Android/BianLian
This article explains how to unpack sample sha256 5b9049c392eaf83b12b98419f14ece1b00042592b003a17e4e6f0fb466281368 which was served fromโฆ
AERoot - command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs
https://github.com/quarkslab/AERoot
https://github.com/quarkslab/AERoot
GitHub
GitHub - quarkslab/AERoot: AERoot is a command line tool that allows you to give root privileges on-the-fly to any process runningโฆ
AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs. - GitHub - quarkslab/AERoot: AERoot is...