When performing the analysis of a malicious Android program directly on the device, often can be required to dump some network traffic.
In digital forensics, the term logical extraction is typically used to refer to extractions that do not recover deleted data, or do not include a full bit-by-bit copy of the evidence, analogously to copying and pasting a folder in order to extract data from a system. So, this process will only copy files that the […]
Security patch available only for Nexus & iOS A stack buffer overflow issue that affects all devices using Broadcom’s Wi-Fi stack was discovered by Google’s Project Zero researcher Gal Beniamini. The flaw affects Apple devices and also all android devices using Broadcom’s Wi-Fi stack: an attacker within the smartphone’s WiFi range could remotely execute malicious code […]
On Android and iOS I found it on GitHub, a really useful list of tools and techniques to perform penetration tests on mobile applications: The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. Table of Contents Mobile Application Security Testing Distributions All-in-one Mobile Security […]
The backdoor was discovered by Kryptowire According to the analysis made by security firm Kryptowire, some commercial firmware pre-installed on Android smartphone models sold in the US has been found to be secretly sending personal data to a third party company based in China, without users’ knowledge or consent.The stolen data include text messages, call […]