HackDig : Dig high-quality web security articles for hackers

'LuckyBoy' Malvertising Campaign Hits iOS, Android, XBox Users

A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection.Dubbed LuckyBoy, the multi-stage, tag-based campaign is focused on iOS, Android, and Xbox users. Since December 2020, it penetrated over 10 Demand Side Platforms (DSP), primarily Europe-based, with obse
Publish At:2021-01-20 15:17 | Read:151 | Comments:0 | Tags:Endpoint Security NEWS & INDUSTRY Application Security F

Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole

The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.According to a Wall Street Journal report, TikTok used a banned tactic to bypass the privacy safeguard in Android to collect unique identifiers from millions of
Publish At:2021-01-14 14:59 | Read:151 | Comments:0 | Tags:Endpoint Security Mobile Security NEWS & INDUSTRY Applic

Rogue Android RAT emerges from the darkweb

Experts discovered an Android Remote Access Trojan, dubbed Rogue, that can allow to take over infected devices and steal user data. Rogue is a new mobile RAT discovered by researchers from Check Point while investigating the activity of the darknet threat actors known as Triangulum and HeXaGoN Dev. Both actors are Android malware authors that are offering
Publish At:2021-01-13 16:54 | Read:246 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Mobile An

Google discloses hacking campaign targeting Windows, Android users

Project Zero, Google's 0day bug-hunting team, revealed a hacking campaign coordinated by "a highly sophisticated actor" and targeting Windows and Android users with zero-day and n-day exploits.The Project Zero team, in collaboration with the Google Threat Analysis Group (TAG), discovered a watering hole attack using two exploit servers in early 2020, each of
Publish At:2021-01-13 13:19 | Read:146 | Comments:0 | Tags:Security Google Microsoft android hack

'Rogue' Android RAT Can Take Control of Devices, Steal Data

A recently discovered Mobile Remote Access Trojan (MRAT) can take control of the infected Android devices and exfiltrate a trove of user data, Check Point security researchers warn.Dubbed Rogue, the Trojan is the work of Triangulum and HeXaGoN Dev, known Android malware authors that have been selling their malicious products on underground markets for severa
Publish At:2021-01-13 11:41 | Read:184 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Virus & Threats Viru

Sophisticated hacking campaign uses Windows and Android zero-days

Google Project Zero researchers uncovered a sophisticated hacking campaign that targeted Windows and Android users. The Google Project Zero team has recently launched an initiative aimed at devising new techniques to detect 0-day exploits employed in attacks in the wild. While partnering with the Google Threat Analysis Group (TAG), the experts discovered
Publish At:2021-01-12 21:24 | Read:127 | Comments:0 | Tags:APT Breaking News Hacking Android Chrome hacking news inform

Google fixed a critical Remote Code Execution flaw in Android

Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google released an Android security update that addresses 43 flaws, including a critical remote code execution vulnerability in the Android System component tracked as CVE-2021-0316. Google addressed the flaws with th
Publish At:2021-01-06 17:12 | Read:118 | Comments:0 | Tags:Breaking News Mobile Security Android Google Hacking hacking

Google Releases January 2021 Security Updates for Android

Google this week announced the January 2021 security updates for Android devices, which address 42 vulnerabilities, including four rated critical severity.Addressed as part of the 2021-01-01 security patch level and tracked as CVE-2021-0316, the most important of these flaws is a critical security bug in System that could be exploited to achieve code executi
Publish At:2021-01-05 12:35 | Read:169 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &

An iOS hacker tries Android

@import url('https://themes.googleusercontent.com/fonts/css?kit=lhDjYqiy3mZ0x6ROQEUoUw');ol.lst-kix_m7n4vga7agj0-8.start{counter-reset:lst-ctn-kix_m7n4vga7agj0-8 0}ol.lst-kix_s7qtkfn3qfov-6.start{counter-reset:lst-ctn-kix_s7qtkfn3qfov-6 0}.lst-kix_2atftb74ca0r-5>li{counter-increment:lst-ctn-kix_2atftb74ca0r-5}ol.lst-kix_lgfdoxi035fa-6.start{counter-r
Publish At:2020-12-27 09:03 | Read:304 | Comments:0 | Tags: IOS android hack

remote code execution when open a project in android studio that google refused to fix(still 0day)

Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0When you open a project in android studio, if gradle-wrapper.properties setdistributionUrl=https://services.gradle.org/distributions/gradle-2.6-all.zip<https://www.google.com/url?q=http://services.gradle.org/distributions/gradle-2.6-all.zip&sa=D&usg=AFQjCNHSuog_mDHXLFUDcfXdMkVSqzfLug&
Publish At:2020-12-21 22:57 | Read:182 | Comments:0 | Tags: android

Google Extends Support Period for Android Devices

Google this week announced an extended support period for Android 11 and later devices launching with Qualcomm System-on-Chip (SoC) models.Currently, devices receive support for a period of three years, which includes security patches, but moving forth users will enjoy one additional year of operating system and security updates.The move, the Internet search
Publish At:2020-12-18 07:47 | Read:278 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected de
Publish At:2020-12-16 10:18 | Read:171 | Comments:0 | Tags:Breaking News Hacking Malware Mobile Android Goontact hackin

Samsung fixes critical Android bugs in December 2020 updates

This week Samsung has started rolling out Android's December security updates to mobile devices to patch critical security vulnerabilities in the operating system and related components.This comes after Android had published their December 2020 security updates bulletin, which includes patches for critical vulnerabilities impacting the latest devic
Publish At:2020-12-11 17:31 | Read:285 | Comments:0 | Tags:Security Google android

'Fingerprint-Jacking' Attack Technique Manipulates Android UI

Researchers explore fingerprint-jacking, a user interface-based attack that targets fingerprints scanned into Android apps.Many modern smartphones have a fingerprint scanner to authorize device access and enable account login, payment authorization, and other operations. The scanner is meant for secure authentication, but researchers are finding new ways to
Publish At:2020-12-10 20:20 | Read:349 | Comments:0 | Tags: android

December 2020 Android Updates Patch 46 Vulnerabilities

A total of 46 vulnerabilities were addressed this week with the release of the December 2020 security updates for Android.The vulnerability fixes are split into two patch levels, with the first of them addressing 13 bugs, including a critical flaw in Media Framework. All of the remaining 12 issues resolved by the 2020-12-01 security patch level are high sev
Publish At:2020-12-09 13:11 | Read:224 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &

Tools

Tag Cloud