HackDig : Dig high-quality web security articles for hacker

Checkm8 jailbreak and AltStore put cracks in Apple’s walled garden

byDanny BradburyJailbreaking iPhones has become a lot harder with each new version of the hardware, but this weekend saw two new announcements that enable people to install apps on their phones. One of them is a traditional jailbreak, while the other is an alternative app store that uses a loophole in Apple’s code-signing process.Jailbreaking is a form
Publish At:2019-09-30 12:45 | Read:254 | Comments:0 | Tags:Apple iOS Mobile App Store iPhone jailbreak jailbreaking

Gambling Apps Sneak into Top 100: How Hundreds of Fake Apps Spread on iOS App Store and Google Play

By Todd Han and Junzhi Lu (Mobile Threats Analysts) Google Play and iOS App store are no strangers to fake apps trying to trick users into downloading ad- or malware-ridden versions. We have previously reported on fake Android voice apps on Google Play, which were observed to be impostor apps for voice messenger platforms. Recently, we also uncovered counter
Publish At:2019-09-26 08:20 | Read:232 | Comments:0 | Tags:Mobile App Store fake apps gambling google play IOS

A week in security (September 9 – 15)

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets. Other cybersecurity news The Cobalt Dickens group has returned
Publish At:2019-09-20 11:20 | Read:435 | Comments:0 | Tags:A week in security a week in security infosec malware Mobile

Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You

It’s hard to imagine a world without cellphones. Whether it be a smartphone or a flip phone, these devices have truly shaped the late 20th century and will continue to do so for the foreseeable future. But while users have become accustomed to having almost everything they could ever want at fingertips length, cybercriminals were busy setting up shop. To tri
Publish At:2019-09-19 23:20 | Read:219 | Comments:0 | Tags:Consumer Mobile and IoT Security cellphones fake apps fake n

When PSD2 Opens More Doors: The Risks of Open Banking

By Feike Hacquebord, Robert McArdle, Fernando Mercês, and David Sancho As more industries adapt to cater to the increasingly mobile market, the financial industry is the latest to experience a shake-up. The Revised Payment Service Directive (PSD2) – also known as Open Banking – is a new set of rules for the European Union (EU) that’s expected to affect
Publish At:2019-09-19 14:50 | Read:166 | Comments:0 | Tags:Bad Sites Internet of Things Malware Mobile Ransomware Vulne

Fake WhatsApp app in official Google Play Store downloaded by over a million Android users

A fake WhatsApp version deployed on the Play Store was downloaded by over a million users, a failure for the automated checks implemented by Google. Once again crooks exploited the official Google’s Play Store as a repository for malicious apps. This time a fake WhatsApp version was used to infect over a million users that downloaded it. The fake Whats
Publish At:2017-11-05 16:20 | Read:4291 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile

App Stores that Formerly Coddled ZNIU Found Distributing a New iXintpwn/YJSNPI Variant

by Lilang Wu, Ju Zhu, and Moony Li We covered iXintpwn/YJSNPI in a previous blog post and looked into how it renders an iOS device unresponsive by overflowing it with icons. This threat comes in the form of an unsigned profile that crashes the standard application that manages the iOS home screen when installed. The malicious profile also exploits certain fe
Publish At:2017-11-02 20:40 | Read:4747 | Comments:0 | Tags:Bad Sites Malware Mobile android app stores iOS

White hat hackers earn over $500,000 for mobile exploits at Mobile Pwn2Own 2017 competition

Let’s see what has happened at Mobile Pwn2Own 2017 competition organized by Trend Micro’s Zero Day Initiative (ZDI) at the PacSec conference in Tokyo. Here we are discussing once again of the Mobile Pwn2Own competition organized by Trend Micro’s Zero Day Initiative (ZDI) at the PacSec conference in Tokyo. White hat hackers earned more than half a milli
Publish At:2017-11-02 14:15 | Read:3896 | Comments:0 | Tags:Breaking News Hacking Mobile mobile Mobile Pwn2Own 2017 comp

Coin Miner Mobile Malware Returns, Hits Google Play

By Jason Gu, Veo Zhang, Seven Shen The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful. However, the effects on users of affected devices are clear: increased device wear and tear, reduced battery life, comparably slower performance. Recently, we found that apps with malicious cryptocurrency mining cap
Publish At:2017-10-30 18:55 | Read:3860 | Comments:0 | Tags:Malware Mobile Android malware Coin mining CPUMINER JSMINER

AhMyth Android RAT, another open source Android RAT Tool available on GitHub

The source code of a new Android Remote Administration Tool is available on GitHub, it is dubbed AhMyth Android RAT. You just have to download and test it. The source code of a new Android Remote Administration Tool is available on GitHub, it is dubbed AhMyth Android RAT. The malicious code is still in beta version, the AhMyth Android RAT consists of two par
Publish At:2017-10-23 18:55 | Read:4588 | Comments:0 | Tags:Breaking News Malware Mobile AhMyth Android RAT Android Hack

Google launched Google Play Security Reward bug bounty program to protect apps in Play Store

Google has launched Google Play Security Reward, the bug bounty program that will pay $1,000 rewards for flaws in popular apps. Google has officially launched a bug bounty program for Android apps on Google Play Store, a measure that aims to improve the security of Android apps. The initiative, called Google Play Security Reward, will involve the security c
Publish At:2017-10-22 06:06 | Read:3425 | Comments:0 | Tags:Breaking News Hacking Mobile bug bounty program Google Googl

Which are most frequently blacklisted apps by enterprises?

Mobile security firm Appthority published an interesting report that revealed which Android and iOS applications are most frequently blacklisted by enterprises. The company Appthority has published an interesting report that reveals which mobile apps, both Android and iOS, are most frequently blacklisted by enterprises. “The mobile ecosystem in an ente
Publish At:2017-10-04 22:40 | Read:4463 | Comments:0 | Tags:Breaking News Mobile Reports Security blacklisted apps BYOD

iOS apps can access metadata revealing users’ locations and much more

Developer discovered that iOS apps can read metadata revealing users’ locations and much more, a serious threat to our privacy. The developer Felix Krause, founder of Fastlane.Tools, has discovered that iOS apps can access image metadata revealing users’ location history. Krause published a detailed analysis on the Open Radar community, he explai
Publish At:2017-09-28 18:26 | Read:3943 | Comments:0 | Tags:Breaking News Digital ID Hacking Mobile DetectLocations Exif

Signal announces private contact discovery to improve users’privacy

Open Whisper Systems announced that it’s working on a new private contact discovery service for its popular communications app Signal. Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony: “Use anything by Open Whisper Systems” Snowden says. The Cryptographer and Pr
Publish At:2017-09-28 18:25 | Read:4878 | Comments:0 | Tags:Breaking News Digital ID Mobile mobile privacy private conta

Google publishes PoC Exploit code for iPhone Wi-Fi Chip hack

Google disclosed details and a proof-of-concept exploit for iPhone Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. This week Google disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. The flaw that was patched this week could be exploited by att
Publish At:2017-09-27 23:55 | Read:4235 | Comments:0 | Tags:Breaking News Hacking Mobile CVE-2017-11120 iPhone mobile Wi

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud