Malware bug
@themalwarebug
VkdGc2EzTWdZV0p2ZFhRZ1lXNWtjbTlwWkNCdFlXeDNZWEpsQ2tsdWRHVnlaWE4wWldRZ2FXNGdkMlZpTEcxdlltbHNaU3h1WlhSM2IzSnJJR0Z1WkNCaGNHa2dhR0ZqYTJsdVp3bz0=
You might like
🚨Cloudflare WAF Bypass Technique Discussed on Dark Web Forum
We are still here! Always here! Incinerator has been updated and many functionalities have been improved. We have added a changelog to Incinerator Cloud, so you can better view the updates in each version.
We have integrated a dynamic sandbox with our reverse engineering tools, creating a new form of reverse engineering tool. This makes APK reverse engineering and C2 location much more convenient! This is our new version of Incinerator!
Technical Analysis of Multi-layered Obfuscation Techniques in AndroidManifest.xml Aimed at Evading Static Analysis liansecurity.com/#/main/news/H_… by @h4kb4n
📢 #bugbountytip 🛡️ If you can't see HTTP requests on Burp Suite while proxying a mobile device, the app might be built on Dart or Xamarin. Don't worry! Check out this handy trick to reveal all HTTP requests on Burp. Easy peasy bugs lying around. 😃 bhavukjain.com/blog/2023/02/1…
We've discovered a new cyberattack against iOS called Triangulation. The attack starts with iMessage with a malicious attachment, which, using a number of vulnerabilities in iOS installs spyware. No user action is required. #IOSTriangulation
🪲 Interesting Oauth vulnerability (CVE-2023-28131)) affecting multiple companies salt.security/blog/a-new-oau… Great work by @AviadCarmel #bugbountytips #bugbounty #cybersecurity
New Fleckpe Android malware installed 600K times on Google Play - @billtoulas bleepingcomputer.com/news/security/…
Ever wondered how a modded application used to perform malicious activities. Here is my analysis of modded version of metamask wallet used to perform phishing. shorturl.at/adrH5 #android #malware #phishing @malwrhunterteam @ReBensk @0xDanielLopez @mobilesecurity_
medium.com
How does a modded crypto wallet steal credentials of an user?
Hey readers,Hope everyone are safe. This time I am back with another blog after a long time regarding a modded crypto wallet application…
We discovered #Fleckpe - a new family of Android Trojan subscribers on Google Play, which sign up for paid services without the user’s knowledge. The Trojan targets mostly users from Thailand 🇹🇭. Fleckpe is active since at least the beginning of 2022 and is constantly developing…
Check if any WAF github.com/EnableSecurity… github.com/Ekultek/WhatWa… nmap.org/nsedoc/scripts… #bugbountytips #BugBounty
A WAF (Web Application Firewall) is used to protect your websites (& web-apps) but the Alibaba Cloud WAF command injection was bypassed via a wildcard query: infosecwriteups.com/alibaba-cloud-…
infosecwriteups.com
Alibaba Cloud WAF Command Injection Bypass via Wildcard Payload in All 1,462 Built-in Rule Set
Alibaba WAF version 3.0 was tested and very common payload was found bypassing command injection.
#Telegram becoming a hub for #cybercrime! Researchers find threat actors using the platform to sell #phishing kits and set up campaigns. Over 2.5 million malicious URLs generated using phishing kits on Telegram in the past 6 months! Learn more: thehackernews.com/2023/04/resear… #hacking
thehackernews.com
Researchers Uncover Thriving Phishing Kit Market on Telegram Channels
Telegram becoming a hub for cybercrime! Researchers find threat actors using the platform to sell phishing kits and set up campaigns.
Hey guys,Here is my analysis of Facestealer malware which is another prominent malware on playstore. @ni_fi_70 @ReBensk @malwrhunterteam @mobilesecurity_ @LukasStefanko @cryptax #Facestealer #Facebook #trojan #joker #android #malware #PlayStore medium.com/@themalwarebug…
#Android #Joker domains to detect: jumpit[.]shop linkus[.]shop pllink[.]fun urlms[.]site urlns[.]site urlok[.]site IP: 8.211.56[.]129 Ref: Ref: virustotal.com/gui/file/a8014…
#Android #Joker domains to detect: fastlk[.]site qblink[.]site qburl[.]site ukurl[.]site urlnb[.]site usurl[.]site IP: 47.88.33[.]239 Reference: Reference: Reference: virustotal.com/gui/ip-address…
CVE-2023-29218 👀 Twitter Recommendation Algorithm... allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking,...
NEW RELEASE 🎉 The @owasp MASVS V2 is now available in GitHub & the MAS website. Huge thanks to our community for all the feedback, our new MASVS author @Dauntless & special thanks to @NowSecureMobile for making this possible! github.com/OWASP/owasp-ma… @grepharder @bsd_daemon
github.com
Release v2.0.0 · OWASP/masvs
What's Changed We are thrilled to announce the release of the new version of the OWASP Mobile Application Security Verification Standard (MASVS) v2.0.0. With this update, we have set out to ach...
United States Trends
- 1. Good Saturday 30.2K posts
- 2. GAME DAY 11.4K posts
- 3. #SaturdayVibes 4,465 posts
- 4. Massie 78.1K posts
- 5. #Caturday 3,882 posts
- 6. #Varanasi 64.6K posts
- 7. #MeAndTheeSeriesEP1 925K posts
- 8. Willie Green 2,299 posts
- 9. Senior Day 2,260 posts
- 10. Draymond 27.4K posts
- 11. #GlobeTrotter 416K posts
- 12. PONDPHUWIN AT MAT PREMIERE 620K posts
- 13. Marjorie 93.8K posts
- 14. Brooklynn 1,566 posts
- 15. St. Albert N/A
- 16. Va Tech N/A
- 17. Diosa 7,714 posts
- 18. Liz Cheney 5,372 posts
- 19. Bubba 69.1K posts
- 20. For God 183K posts
Something went wrong.
Something went wrong.