HackDig : Dig high-quality web security articles for hacker

Validating Machine Learning Detection of Mobile Malware

Zimperium’s core machine learning engine, z9, has a proven track record of detecting zero-day exploits. We recently announced an extension of the framework that detects previously unknown mobile malware. This extension is known as “z9 for Mobile Malware”, and was officially announced in September 2017. Internally, the code name has been “Cogito”, so this res
Publish At:2017-10-21 13:50 | Read:76 | Comments:0 | Tags:Android Mobile Malware Mobile security Mobile Threat Defense

ZNIU, the first Android malware family to exploit the Dirty COW vulnerability

Security experts at Trend Micro have recently spotted a new strain of Android malware, dubbed ZNIU, that exploits the Dirty COW Linux kernel vulnerability. The Dirty COW vulnerability was discovered by the security expert Phil Oester in October 2016, it could be exploited by a local attacker to escalate privileges. The name ‘Dirty COW’ is due to
Publish At:2017-09-27 05:25 | Read:260 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android CVE-2016-51

ZNIU: First Android Malware to Exploit Dirty COW Vulnerability

By Jason Gu, Veo Zhang, and Seven Shen We have disclosed this security issue to Google, who verified that they have protections in place against ZNIU courtesy of Google Play Protect. The Linux vulnerability called Dirty COW (CVE-2016-5195) was first disclosed to the public in 2016. The vulnerability was discovered in upstream Linux platforms such as Redhat,
Publish At:2017-09-25 23:15 | Read:143 | Comments:0 | Tags:Bad Sites Malware Mobile Vulnerabilities android Dirty COW L

Android Nougat’s worst anti-security mechanism

If you are a pentester like me, you are doing mobile application reviews on Android. One of the most important things to check is the server API. On the other hand we might want to see what possibilities a server has to influence the Android app with its responses. For both the easiest and most straight forward method is to do a Man-In-The-Middle attack in t
Publish At:2017-09-24 07:00 | Read:136 | Comments:0 | Tags:Android Fails Android Nougat Burp CA install fail snakeoil s

New Android Banking Trojan Red Alert 2.0 available for sale on crime forums

Researchers discovered a new Android banking Trojan, dubbed Red Alert 2.0, that is being offered for rent on many dark websites for $500 per month. Researchers with security firm SfyLabs have discovered a new Android banking Trojan, dubbed Red Alert 2.0, that is being offered for rent on many dark websites for $500 per month. “The last several months a
Publish At:2017-09-19 13:05 | Read:200 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Malware Android banking t

Premium SMS malware EXPENSIVEWALL infected millions of Android handsets

Google removed 50 malicious apps from the official Play Store after experts discovered a new malware, dubbed ExpensiveWall, eluded Google Bouncer checks. Google has removed 50 malicious apps from the official Play Store after experts with security firm Check Point discovered a new malware, dubbed ExpensiveWall,  eluded the checks of the Google’s Bounce
Publish At:2017-09-15 16:40 | Read:254 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android ExpensiveWa

BlueBorne Bluetooth hack could affect millions of smartphones

Bluetooth is an important smartphone technology, allowing us to transfer files, or to listen to music, wirelessly. It’s so useful that many people leave it switched on all the time. But researchers have discovered a vulnerability in the technology that allows hackers to take control of a victim’s phone remotely. Known as “BlueBorne”, the technique can be use
Publish At:2017-09-15 08:00 | Read:223 | Comments:0 | Tags:Mobile News Mobile Security Android Hackers Malware

BankBot Found on Google Play and Targets Ten New UAE Banking Apps

By Kevin Sun The Android-targeting BankBot malware (all variants detected by Trend Micro as ANDROIDOS_BANKBOT) first surfaced January of this year and is reportedly the improved version of an unnamed open source banking malware that was leaked in an underground hacking forum. BankBot is particularly risky because it disguises itself as legitimate banking app
Publish At:2017-09-13 15:50 | Read:205 | Comments:0 | Tags:Malware Mobile android bankbot google play

Toast Overlay attacks, a Cloak and Dagger with No Permissions, fixed by Google

Google just fixed a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. Security researchers with Palo Alto Networks Unit 42, warned of a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the “toast attack” overlay vulnerability. The experts reported that it is possible to abuse
Publish At:2017-09-11 20:31 | Read:191 | Comments:0 | Tags:Breaking News Hacking Mobile Android CVE-2017-0752 mobile To

CVE-2017-0780: Denial-of-Service Vulnerability can Crash Android Messages App

by Jason Gu and Seven Shen Just about anyone can appreciate a good old meme GIF every now and then, but what if one caused your Android Messages to crash? A denial-of-service vulnerability we recently disclosed to Google can do exactly that and more. Designated as CVE-2017-0780, we’ve confirmed it to be in the latest Nexus and Pixel devices. The security fla
Publish At:2017-09-07 07:30 | Read:360 | Comments:0 | Tags:Mobile Vulnerabilities android Android Messages CVE-2017-078

Boffins found multiple flaws in Mobile Bootloaders using custom tool BootStomp

Boffins have discovered a series of code execution and denial of service flaws in the bootloaders of popular mobile platforms using custom tool BootStomp. A group of nine researchers from the University of California Santa Barbara researchers has discovered a number of code execution and denial of service flaw in the bootloaders of Android chipsets from six
Publish At:2017-09-06 21:45 | Read:317 | Comments:0 | Tags:Breaking News Hacking Mobile Android Bootloaders BootStomp m

Google removed almost 300 Android apps involved in DDoS attack

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with the issue, blocked them from
Publish At:2017-09-03 18:25 | Read:230 | Comments:0 | Tags:Breaking News Hacking Malware Mobile Android botnet DDoS Ese

Android Banking Trojan MoqHao targets South Korea users

Security researchers from McAfee have spotted a new Android banking Trojan dubbed MoqHao, targeting South Korean users via SMS phishing messages. Attackers send phishing emails with a malicious code link that tricks victims into believing that it points to a lost private picture or a Chrome update. When victims click on the shortened links in the SMS message
Publish At:2017-08-30 05:45 | Read:340 | Comments:0 | Tags:Breaking News Malware Mobile Android banking trojan MoqHao S

Oreo and the sweet history of Android versions

Oreo Android, the sweetest version? What does an Oreo cookie, a donut, a marshmallow or a lollipop have to do with your smartphone? Well, believe it or not, the names of all those sweets indicate the Android operating system installed on your cell phone. After months of speculation about the new features to be included in the new Android operating system, Au
Publish At:2017-08-29 02:40 | Read:334 | Comments:0 | Tags:Mobile News Mobile Security Technology Android smartphones

Mobile Trojan Development Kits allow creating ransomware without the need to write code

Researchers at Symantec have discovered Trojan Development Kits that allow creating Android ransomware without the need to write code. Ransomware continues to represent a serious threat to users and organizations. Unfortunately, it is easy for crooks arranging their own ransomware campaign by using numerous RaaS services offered online. Recently researchers
Publish At:2017-08-25 15:15 | Read:611 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android Hacking mal

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud