Android Mobile Security
In part two of this series, we’ll dive deeper into the technical specifications of the CarLinkBT module. We’ll also discuss the dynamic analysis and testing performed to confirm our findings. Finally, we’ll walk through the process of developing an exploit for this vulnerability.
Read more
Fabius Watson
Attack Surface
The Android operating system and the mobile devices it runs on dominate the market in comparison to other device manufactures. Along with the market share, the Android ecosystem is heavily fragmented; that is to say many individuals are still using older versions of the Android operating system.
Versprite
In this blog post, we will cover the types of memory corruption scenarios that can be triggered through deserializing untrusted JSON in the Jackson, FlexJSON, and json-io libraries on Android.
The trend of automotive security research began in the 2010s and has resulted in the discovery of several critical security issues within modern vehicles. Hackers have repeatedly demonstrated their ability to remotely track, steal, and control a variety of unaltered vehicles.
JEA Just-Enough-Administration
VerSprite’s Director of Security Research, Ben Watson, takes a deep dive into the Dalvik Virtual Machine’s JIT implementation and how it can be used and abused to execute shellcode.
On the shoulders of giants, this presentation will take a deep dive into the Dalvik Virtual Machine’s JIT implementation and how it can be used and abused to execute shellcode.
Exploit Development
In this blog post, we will cover the vulnerability’s technical details on exploiting the Dolphin Browser for Android’s Backup and Restore feature.
Frida Engage
In part two of the series we are going to explore and leverage Frida’s new Arm64Writer API to build an in-memory reverse TCP shell.
Reverse Engineering
In this blog series we will be covering the endless possibilities and power of Frida. For those of you who have never heard of Frida…
As the title states, the Android Titan SMS Trojan utilizes Trojan functionality in order to steal SMS and exfiltrate them off of the target user’s device.
Security Vulnerabilities
An insecure implementation of the intent URL scheme revolves around theIntent.parseUri() method. The first thing we did when reversing the Mercury Browser..
From the description on contagio mobile this Android InfoStealer malware, Godwon, is used by an online criminal group for ‘sextortion’.
We are an international squad of professionals working as one.
Email
Phone
