Search cyberveille.decio.ch

Found 88 bookmarks

Custom sorting

Android Kitchen Sink: Send BLE spam to iOS, Android and Windows at once using Android app - Mobile Hacker

The Kitchen Sink is a name of Bluetooth Low Energy (BLE) attack that sends random advertisement packets that targets iOS, Android, and Windows devices the same time in the vicinity. The attack is called “Kitchen Sink” because it tries to send every possible packet in the list, similar to the phrase “everything but the kitchen

#mobile-hacker #EN #2023 #BLE #spam #Android

·mobile-hacker.com·Nov 9, 2023

Android Kitchen Sink: Send BLE spam to iOS, Android and Windows at once using Android app - Mobile Hacker

Now Android and Windows devices aren't safe from Flipper Zero either | ZDNET

The Bluetooth spam feature that was initially used to inundate, and even crash, iPhones has now been expanded to cover Android and Windows devices.

#zdnet #EN #203 #flipperzero #ble #spam #Android #Bluetooth

·zdnet.com·Oct 25, 2023

Now Android and Windows devices aren't safe from Flipper Zero either | ZDNET

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.

#bleepingcomputer #EN #2023 #Actively-Exploited #Android #Mobile #Qualcomm #Vulnerability #Zero-Day #GPU #Adreno

·bleepingcomputer.com·Oct 3, 2023

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

0-days exploited by commercial surveillance vendor in Egypt

Last week Google’s Threat Analysis Group (TAG), in partnership with The Citizen Lab, discovered an in-the-wild 0-day exploit chain for iPhones. Developed by the commercial surveillance vendor, Intellexa, this exploit chain is used to install its Predator spyware surreptitiously onto a device. In response, yesterday, Apple patched the bugs in iOS 16.7 and iOS 17.0.1 as CVE-2023-41991, CVE-2023-41992, CVE-2023-41993. This quick patching from Apple helps to better protect users and we encourage all iOS users to install them as soon as possible.

#Google #EN #2023 #TAG #Apple #Android #CitizenLab #Predator #spyware #Intellexa #CVE-2023-41993 #CVE-2023-41991 #CVE-2023-41992 #Exploit #Chain #0-days

·blog.google·Sep 23, 2023

0-days exploited by commercial surveillance vendor in Egypt

#FuckStalkerware pt. 3 - ownspy got, well, owned

we continue our series on stalkerware with a write-up and batch of data sent to me by a source last night. this time it is the brazilian ownspy (aka webdetective and saferspy, by mobileinnova) that has been completely hacked. among other things ownspy claims to be the #1 most privacy focused "parental control app" allegedly featuring E2E encryption, if this sounds too good to be true that's because it mostly is, but more on that later.

#FuckStalkerware #stalkerware #research #analysis #leak #sqli #exploit #nyancrimew #maia-arson-crimew #android #switzerland #hacktivism #lucerne #developer

·maia.crimew.gay·Aug 28, 2023

#FuckStalkerware pt. 3 - ownspy got, well, owned

Two spyware tied with China found hiding on the Google Play Store

This week, our engine detected two spyware hiding on the Google Play Store and affecting up to 1.5 million users.

#pradeo #EN #Android #spyware #GooglePlay

·blog.pradeo.com·Jul 7, 2023

Two spyware tied with China found hiding on the Google Play Store

Flubot: the evolution of a notorious Android Banking Malware

Flubot is an Android based malware that has been distributed in the past 1.5 years in Europe, Asia and Oceania affecting thousands of devices of mostly unsuspecting victims. Like the majority of Android banking malware, Flubot abuses Accessibility Permissions and Services in order to steal the victim’s credentials, by detecting when the official banking application is open to show a fake web injection, a phishing website similar to the login form of the banking application. An important part of the popularity of Flubot is due to the distribution strategy used in its campaigns, since it has been using the infected devices to send text messages, luring new victims into installing the malware from a fake website. In this article we detail its development over time and recent developments regarding its disappearance, including new features and distribution campaigns.

#foxit #EN #2022 #Flubot #Android #Banking #Malware #evolution #research

·blog.fox-it.com·Jul 1, 2022

Flubot: the evolution of a notorious Android Banking Malware

Protecting Android users from 0-Day attacks

To protect our users, Google’s Threat Analysis Group (TAG) routinely hunts for 0-day vulnerabilities exploited in-the-wild. In 2021, we reported nine 0-days affecting Chrome, Android, Apple and Microsoft, leading to patches to protect users from these attacks.

#GoogleTAG #EN #2022 #Android #0-day #0day #cytrox #CVE-2021-1048 #chrome

·blog.google·May 22, 2022

Protecting Android users from 0-Day attacks

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

We would like to thank The Citizen Lab for their cooperation, support and inputs into this research. * Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox). * Our research specifically looks at two components of this mobile spyware suite known as “ALIEN” and “PREDATOR,” which compose the backbone of the spyware implant. Our findings include an in-depth walkthrough of the infection chain, including the implants’ various information-stealing capabilities. * A deep dive into both spyware components indicates that ALIEN is more than just a loader for PREDATOR and actively sets up the low-level capabilities needed for PREDATOR to spy on its victims. * We assess with high confidence that the spyware has two additional components — tcore (main component) and kmem (privilege escalation mechanic) — but we were unable to obtain and analyze these modules. * If readers suspect their system(s) may have been compromised by commercial spyware, please consider notifying Talos’ research team at talos-mercenary-spyware-help@external.cisco.com to assist in furthering the community’s knowledge of these threats.

#talosintelligence #EN #2023 #PREDATOR #spyware #Intellexa #ALIEN #analysis #Android

·blog.talosintelligence.com·May 28, 2023

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

Inner workings revealed for “Predator,” the Android malware that exploited 5 0-days

Spyware is sold to countries including Egypt, Indonesia, Oman, Saudi Arabia, and Serbia. Smartphone malware sold to governments around the world can surreptitiously record voice calls and nearby audio, collect data from apps such as Signal and WhatsApp, and hide apps or prevent them from running upon device reboots, researchers from Cisco’s Talos security team have found.

#arstechnica #EN #2023 #Smartphone #PREDATOR #0-days #spyware #Android

·arstechnica.com·May 28, 2023

Inner workings revealed for “Predator,” the Android malware that exploited 5 0-days

Popular Android TV boxes sold on Amazon are laced with malware

The malware-infected AllWinner and RockChip-powered Android TV models are still available to purchase on Amazon.

#techcrunch #EN #2023 #amazon #android-tv #malware #rockchip #Android #IoT #AllWinner #Amazon

·techcrunch.com·May 21, 2023

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.

#trendmicro #EN #2023 #malware #cyber-crime #LemonGroup #Preinfected #Guerrilla #Android #mobile #mobile-device #IoT #AndroidOS_Guerilla

·trendmicro.com·May 21, 2023

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

BouldSpy: Android Spyware Tied to Iranian Police Targets Minorities

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

#lookout #EN #2023 #BouldSpy #Spyware #Android #FARAJA #Iran

·security.lookout.com·May 2, 2023

BouldSpy: Android Spyware Tied to Iranian Police Targets Minorities

Xiaomi, OnePlus, Top Android Phones in China Spy on You: Study

A recent study shows that top-of-the-line Android phones sold in China are a total privacy nightmare.

·gizmodo.com·Feb 9, 2023

Xiaomi, OnePlus, Top Android Phones in China Spy on You: Study

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,

#cyble #EN #2023 #analysis #InTheBox #Android #Banking #injection

·blog.cyble.com·Jan 31, 2023

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Analyzing and remediating a malware infested T95 TV box from Amazon

Find out why one of our Android experts has been obsessing over a little black box from Amazon.

#malwarebytes #EN #2023 #howto #T95 #TVbox #malware #Android

·malwarebytes.com·Jan 31, 2023

Analyzing and remediating a malware infested T95 TV box from Amazon

Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)

The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App Store, and users have the option to use either store to install specific applications. Two vulnerabilities were uncovered with the Galaxy App Store application: Technical…

#nccgroup #EN #2023 #Samsung #Galaxy #App #Store #Android #Advisory #CVE-2023-21433 #CVE-2023-21434

·research.nccgroup.com·Jan 21, 2023

Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)

StrongPity espionage campaign targeting Android users

ESET researchers uncover an active StrongPity campaign that spreads a trojanized version of the Android Telegram app posing as the Shagle video chat app.

#welivesecurity #EN #2023 #ESET #Android #Telegram #trojanized #Shagle

·welivesecurity.com·Jan 11, 2023

StrongPity espionage campaign targeting Android users

Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium

Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018 and has spread to over 300,000 victims and is specifically targeting Facebook credentials. To learn more about this new threat, read more on our blog.

#zimperium #EN #2022 #Android #Schoolyard-Bully #Trojan #Facebook #schools

·zimperium.com·Dec 5, 2022

Schoolyard Bully Trojan Facebook Credential Stealer - Zimperium

Samsung, LG, Mediatek certificates compromised to sign Android malware

Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware.

#bleepingcomputer #2022 #Android #Certificates #LG #Malware #MediaTek #Platform-Certificate #Samsung

·bleepingcomputer.com·Dec 2, 2022

Samsung, LG, Mediatek certificates compromised to sign Android malware

Google Online Security Blog: Memory Safe Languages in Android 13

As the amount of new memory-unsafe code entering Android has decreased, so too has the number of memory safety vulnerabilities. From 2019 to 2022 it has dropped from 76% down to 35% of Android’s total vulnerabilities. 2022 is the first year where memory safety vulnerabilities do not represent a majority of Android’s vulnerabilities.

#Google #EN #2022 #memory-safe #Android #statistics #vulnerabilities #memory #safety

·security.googleblog.com·Dec 2, 2022

Google Online Security Blog: Memory Safe Languages in Android 13

Android SharkBot Droppers on Google Play Underline Platform's Security Needs

A common theme we've noticed in the last few months consists of malicious apps distributed directly from the Google Play Store.

#bitdefender #EN #2022 #SharkBot #Android #GooglePlay #malicious #apps

·bitdefender.com·Nov 22, 2022

Android SharkBot Droppers on Google Play Underline Platform's Security Needs

Inside TheTruthSpy, the stalkerware network spying on thousands • TechCrunch

Leaked data obtained by TechCrunch reveals the notorious network of Android spyware apps tracked locations and recorded calls of Americans.

#techcrunch #EN #2022 #stalkerware #android #mobile-spyware #wiretapping #US #privacy

·techcrunch.com·Oct 28, 2022

Inside TheTruthSpy, the stalkerware network spying on thousands • TechCrunch

Cyble Phishing ERMAC Android Malware Increasingly Active

CRIL Investigates the resurgence of ERMAC Android Malware as an increasing number of users are falling prey to their phishing attacks.

#cyble #EN #2022 #ERMAC #Android #Malware #phishing #Analysis

·blog.cyble.com·Oct 18, 2022

Cyble Phishing ERMAC Android Malware Increasingly Active

Poseidon’s Offspring: Charybdis and Scylla

HUMAN's Satori Threat Intelligence and Research Team uncovered a network of 89 Android and iOS apps committing various flavors of ad fraud.

#humansecurity #EN #2022 #Android #iOS #ad-fraud #Charybdis #Scylla

·humansecurity.com·Sep 26, 2022

Poseidon’s Offspring: Charybdis and Scylla

Joker, Facestealer and Coper banking malwares on Google Play store

Joker, Facestealers and Banker swarming Google Play store

#zscaler #EN #2022 #Android #Joker #FaceStealer #Coper #Exobot #Malware #GooglePlay #store #apps #analysis

·zscaler.com·Jul 19, 2022

Joker, Facestealer and Coper banking malwares on Google Play store

Flubot: the evolution of a notorious Android Banking Malware

#foxit #EN #2022 #Flubot #Android #Banking #Malware #evolution #research

·blog.fox-it.com·Jul 1, 2022

Flubot: the evolution of a notorious Android Banking Malware

Lookout Découverte d'un logiciel espion Android déployé au Kazakhstan

Lookout Les chercheurs de Threat Lab ont découvert un logiciel de surveillance Android de niveau entreprise utilisé par le gouvernement du Kazakhstan à l'intérieur de ses frontières. D'après notre analyse, le logiciel espion est probablement développé par le fournisseur italien de logiciels espions RCS Lab S.p.A.

#lookout #FR #2022 #surveillance #spyware #Android #rcslab #Italie #Italy #Kazakhstan #Hermit

·fr.lookout.com·Jun 20, 2022

Lookout Découverte d'un logiciel espion Android déployé au Kazakhstan

Android FluBot enters Switzerland – SWITCH Security-Blog

FluBot is a new Android malware first discovered in December 2020. During the first few months, FluBot has been active in Spain, Hungary and Poland. Since then, the development of the malware advan…

#FluBot #switchCH #EN #2022 #malware #Android

·securityblog.switch.ch·Jun 2, 2022

Android FluBot enters Switzerland – SWITCH Security-Blog

Takedown of SMS-based FluBot spyware infecting Android phones

This technical achievement follows a complex investigation involving law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity carried out by Europol’s European Cybercrime Centre (EC3). The investigation is ongoing to identify the individuals behind this global malware campaign. Here is how FluBot worked First spotted...

#FluBot #europol #Takedown #SMS-based #Android #EN #2022 #spyware

·europol.europa.eu·Jun 2, 2022

Takedown of SMS-based FluBot spyware infecting Android phones