Analysis of SpyNote spyware that logs and steals a variety of information, including key strokes, call logs, information on installed applications etc.
https://blog.f-secure.com/take-a-note-of-spynote/
https://blog.f-secure.com/take-a-note-of-spynote/
F-Secure
Take a note of SpyNote malware | FβSecure
SpyNote malware is targeting Android users β learn how it works, the risks it poses, and how to keep your device secure.
π10π₯±6π΄1π
1
Malicious βRedAlert - Rocket Alertsβ Application Targets Israeli Phone Calls, SMS, and User Information through fake website
https://blog.cloudflare.com/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/
https://blog.cloudflare.com/malicious-redalert-rocket-alerts-application-targets-israeli-phone-calls-sms-and-user-information/
The Cloudflare Blog
Malicious βRedAlert - Rocket Alertsβ application targets Israeli phone calls, SMS, and user information
On October 13, 2023, Cloudflareβs Cloudforce One Threat Operations Team became aware of a malicious Google Android application impersonating the real-time rocket alert app, Red Alert, which provides real-time rocket alerts for Israeli citizens
π16π1
BLE Spam allows now to send unwanted notifications to iOS, Android and Windows at once using Flipper Zero.
If you don't have Flipper Zero, in the blog I explained how to trigger popups using any Android smartphone even with custom messages
https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/
If you don't have Flipper Zero, in the blog I explained how to trigger popups using any Android smartphone even with custom messages
https://www.mobile-hacker.com/2023/10/17/spam-ios-android-and-windows-with-bluetooth-pairing-messages-using-flipper-zero-or-android-smartphone/
Mobile Hacker
Spam iOS, Android and Windows with Bluetooth pairing messages using Flipper Zero or Android smartphone Mobile Hacker
So far, it was possible to spam through proximity paring messages only iOS devices, either using Flipper Zero, Arduino board or any Android as explained in my previous blog here. However, recently developers of Xtreme firmware for Flipper Zero pushed andβ¦
π13β€3π₯1π€1
iObfuscate: Unraveling iOS Obfuscation Techniques
Examine multiple examples of Reverse Engineering iOS obfuscation techniques
https://github.com/LaurieWired/ObjectiveByTheSea2023/
Examine multiple examples of Reverse Engineering iOS obfuscation techniques
https://github.com/LaurieWired/ObjectiveByTheSea2023/
GitHub
GitHub - LaurieWired/ObjectiveByTheSea2023: This contains notes and slides for my Objective by the Sea talk
This contains notes and slides for my Objective by the Sea talk - LaurieWired/ObjectiveByTheSea2023
π18β€3π₯2
Automatically extract URL and IP endpoints from Android app to a text file using apk2url.
Fast and useful tool for pentesters, bug bounty hunters, or malware analyst
https://github.com/n0mi1k/apk2url
Fast and useful tool for pentesters, bug bounty hunters, or malware analyst
https://github.com/n0mi1k/apk2url
GitHub
GitHub - n0mi1k/apk2url: An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling - n0mi1k/apk2url
π₯20π8π€2β€1
Analysis of Rusty Droid Android RAT
https://labs.k7computing.com/index.php/rusty-droid-under-the-hood-of-a-dangerous-android-rat/
https://labs.k7computing.com/index.php/rusty-droid-under-the-hood-of-a-dangerous-android-rat/
K7 Labs
Rusty Droid: Under the Hood of a Dangerous Android RAT
Threat actors focus on gaining remote access and control of victimsβ devices. For this they either use fake apps or [β¦]
π12β€3π2π€1
The outstanding stealth of Operation Triangulation
https://securelist.com/triangulation-validators-modules/110847/
https://securelist.com/triangulation-validators-modules/110847/
Securelist
Triangulation: validators, post-compromise activity and modules
In this report Kaspersky shares insights into the validation components used in Operation Triangulation, TriangleDB implant post-compromise activity, as well as details of some additional modules.
π10π₯°1
How to increase radio range of Flipper Zero beyond 100 meters | internal vs. external radio module
https://www.mobile-hacker.com/2023/10/24/how-to-increase-radio-range-of-flipper-zero-yourself-beyond-100-meters/
https://www.mobile-hacker.com/2023/10/24/how-to-increase-radio-range-of-flipper-zero-yourself-beyond-100-meters/
Mobile Hacker
How to increase radio range of Flipper Zero yourself beyond 100 meters Mobile Hacker
Equipped with an integrated module, Flipper Zero is capable of both receiving and transmitting radio frequencies spanning from 300 MHz to 928 MHz. This module enables to capture, store, and replicate remote controls, commonly employed for tasks such as interfacingβ¦
π18β€3π€1
Pwn2Own 2023 hacking contest resulted in hacking Samsung Galaxy S23 twice, Xiaomi's 13 Pro smartphone, as well as printers, smart speakers, Network Attached Storage (NAS) devices, and surveillance cameras from Western Digital, QNAP, Synology, Canon, Lexmark, and Sonos
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s23-hacked-twice-on-first-day-of-pwn2own-toronto/
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s23-hacked-twice-on-first-day-of-pwn2own-toronto/
BleepingComputer
Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto
Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada.
β€10π₯2π1π1π€£1
Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
https://unit42.paloaltonetworks.com/hooking-framework-in-sandbox-to-analyze-android-apk/
https://unit42.paloaltonetworks.com/hooking-framework-in-sandbox-to-analyze-android-apk/
Unit 42
Leveraging a Hooking Framework to Expand Malware Detection Coverage on the Android Platform
We employ static and dynamic analysis to dissect two case studies using obfuscation in Android malware: a Cerberus banking trojan and HiddenAd adware.
π13π€3π₯1
Forwarded from The Bug Bounty Hunter
Bypass Android Applications Debug and Root Detection via debugger.
https://medium.com/@shubhamsonani/hacking-with-precision-bypass-techniques-via-debugger-in-android-apps-27fd562b2cc0
https://medium.com/@shubhamsonani/hacking-with-precision-bypass-techniques-via-debugger-in-android-apps-27fd562b2cc0
Medium
Bypass Android Applications Debug and Root Detection via debugger.
Hi Everyone,
π₯9π4β€2π₯±1
Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I
https://devco.re/blog/2023/10/05/your-printer-is-not-your-printer-hacking-printers-pwn2own-part1-en/
https://devco.re/blog/2023/10/05/your-printer-is-not-your-printer-hacking-printers-pwn2own-part1-en/
DEVCORE ζ΄ε€«ε―ηΎ
Your printer is not your printer ! - Hacking Printers at Pwn2Own Part I | DEVCORE ζ΄ε€«ε―ηΎ
In 2021, we found Pre-auth RCE vulnerabilities(CVE-2022-24673 and CVE-2022-3942) in Canon and HP printers, and vulnerability(CVE-2021-44734) in Lexmark. We used these vulnerabilities to exploit Canon ImageCLASS MF644Cdw, HP Color LaserJet Pro MFP M283fdwβ¦
π€6π4
Discovered XMPP (Jabber) instant messaging protocol encrypted TLS connection wiretapping (Man-in-the-Middle attack) of jabber.ru (aka xmpp.ru) serviceβs servers on Hetzner and Linode hosting providers in Germany
https://notes.valdikss.org.ru/jabber.ru-mitm/
https://notes.valdikss.org.ru/jabber.ru-mitm/
π8β€2π1
Android adware discovered on Google Play with over 2,000,000 installs
https://news.drweb.com/show/review/?lng=en&i=14767
https://news.drweb.com/show/review/?lng=en&i=14767
Drweb
Dr.Web β Doctor Webβs September 2023 review of virus activity on mobile devices
In early September, Doctor Web <a href=
β€7π1π±1
How to get Wi-Fi password via WPS Button attack using NetHunter
https://www.mobile-hacker.com/2023/10/31/nethunter-hacker-x-wps-attacks/
https://www.mobile-hacker.com/2023/10/31/nethunter-hacker-x-wps-attacks/
Mobile Hacker
NetHunter Hacker X: WPS attacks Mobile Hacker
Ever wanted to hack your Wi-Fi network, but your internal adapter doesnβt support monitor mode and you donβt have external adapter? Without switching your Wi-Fi adapter in to monitor mode, WPS attacks allows you to perform various attacks on wireless accessβ¦
π12π₯2π€1
Arid Viper (APT-C-23) disguising mobile spyware as updates for non-malicious Android applications
https://blog.talosintelligence.com/arid-viper-mobile-spyware/
https://blog.talosintelligence.com/arid-viper-mobile-spyware/
Cisco Talos Blog
Arid Viper disguising mobile spyware as updates for non-malicious Android applications
Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users.
π9
Car Hacking using Flipper Zero and HackRF
Both blogs present in depth research and testing of common methods of hacking fixed-code and rolling codes of radio frequency locks using replay attacks, brute-force, signal jamming, RollJAM, Rolling-PWN and Keeloq Decryption
part1: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking.html
part2: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking_31.html
Both blogs present in depth research and testing of common methods of hacking fixed-code and rolling codes of radio frequency locks using replay attacks, brute-force, signal jamming, RollJAM, Rolling-PWN and Keeloq Decryption
part1: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking.html
part2: https://chaos-lab.blogspot.com/2023/10/grand-theft-auto-rf-locks-hacking_31.html
π15
Mobile Malware Analysis Part 3 β Pegasus
https://8ksec.io/mobile-malware-analysis-part-3-pegasus/
https://8ksec.io/mobile-malware-analysis-part-3-pegasus/
π16π1
Media is too big
VIEW IN TELEGRAM
Bluetooth LE spam attack is now ported to dedicated Android app to push notifications for Android and Windows
For Android, is can advertise over 170 devices
https://github.com/simondankelmann/Bluetooth-LE-Spam
For Android, is can advertise over 170 devices
https://github.com/simondankelmann/Bluetooth-LE-Spam
π24π₯6β€3π€3π₯°1π1π±1
WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users
https://securelist.com/spyware-whatsapp-mod/110984/
https://securelist.com/spyware-whatsapp-mod/110984/
Securelist
Analysis of a spy module inside a WhatsApp mod
A WhatsApp mod with a built-in spy module has been spreading through Arabic and Azeri Telegram channels since August 2023.
π12π4
Vulnerability (CVE-2023-36620) in Boomerang Parental Control Android app (100,000+ installs) allowed an attacker with physical access to device to take over admin control panel and spy on a kid
https://seclists.org/fulldisclosure/2023/Jul/12
https://seclists.org/fulldisclosure/2023/Jul/12
seclists.org
Full Disclosure: SEC Consult SA-20230628-0 :: Stored XSS & Privilege Escalation in Boomerang Parental Control App
π13β€2