Black Hat USA July 26-27 Las Vegas. 'GHOST TELEPHONIST' LINK HIJACK EXPLOITATIONS IN 4G LTE CS FALLBACK by Haoqi Shan, Jun Li, Lin Huang, Qing Yang, Yuwei Zheng. ALL YOUR SMS & CONTACTS BELONG TO ADUPS & OTHERS by Angelos Stavrou, Azzedine Benameur, Ryan Johnson. BROADPWN: REMOTELY COMPROMISING ANDROID AND IOS VIA A BUG IN BROADCOM'S WI-FI CHIPSETS by Nitay Artenstein. CLOAK & DAGGER: FROM TWO PERMISSIONS TO COMPLETE CONTROL OF THE UI FEEDBACK LOOP by Chenxiong Qian, Simon Pak Ho Chung, Wenke Lee, Yanick Fratantonio. DEFEATING SAMSUNG KNOX WITH ZERO PRIVILEGE by Di Shen. FIGHTING TARGETED MALWARE IN THE MOBILE ECOSYSTEM by Andrew Blaich, Megan Ruthven. HONEY, I SHRUNK THE ATTACK SURFACE – ADVENTURES IN ANDROID SECURITY HARDENING by Nick Kralevich. NEW ADVENTURES IN SPYING 3G AND 4G USERS: LOCATE, TRACK & MONITOR by Altaf Shaik, Andrew Martin, Jean-Pierre Seifert, Lucca Hirschi, Ravishankar Borgaonkar, Shinjo Park. SONIC GUN TO SMART DEVICES: YOUR DEVICES LOSE CONTROL UNDER ULTRASOUND/SOUND by Aimin Pan, Bo Yang, Shangyuan LI, Wang Kang, Zhengbo Wang. SS7 ATTACKER HEAVEN TURNS INTO RIOT: HOW TO MAKE NATION-STATE AND INTELLIGENCE ATTACKERS' LIVES MUCH HARDER ON MOBILE NETWORKS by Martin Kacer, Philippe Langlois. THE FUTURE OF APPLEPWN - HOW TO SAVE YOUR MONEY by Timur Yunusov.This took a long time again. It gets harder and harder do to this since this stuff is not directly what I do on a day to day basis currently.
(Black Hat has a very strong mobile security line up this year.)
Defcon July 27-30 Las Vegas. Man in the NFC by Haoqi Shan & Jian Yuan. (speaker selection not final)
MOSEC June, Shanghai added a bunch of talks (all mobile security related, obviously).
Recon June 16-18 Montreal, Canada. FreeCalypso: a fully liberated GSM baseband by Mychaela Falconia. Hacking Cell Phone Embedded Systems by Keegan Ryan.
The Qualcomm Mobile Security summit was excellent again! Fantastic talks and again I met a bunch of people I mostly knew from email and/or twitter or haven't seen in quite some time. This conference still is unparalleled!
I had a minute to play with the BlackBerry KeyOne and it feels like a super solid device. The screen is bigger then I thought it would be and this makes the device almost too big for my taste - but this is hard to say from playing with it for just a minute.
So iOS will finally support NDEF tags.
This talk is really interesting for anybody interested in mobile application security. This is not about mobile app reverse engineering but about app, backend, phone infrastructure interaction.
Detect NFC tags on iOS 11.0! pic.twitter.com/70szXo1yny— Aaron (@iosaaron) June 5, 2017Pictures of the month:
Previously top secret #TR16 talk on pwning Uber & Lyft (w/ live demos!) by @vlad_penetrator & @gramx is finally out! https://t.co/cqtAC69p7w— Kelly Shortridge (@swagitda_) May 31, 2017
Some old PalmOS devices on street in my hood <3 pic.twitter.com/gkePP0Uzd8— Collin Mulliner (@collinrm) May 28, 2017
A Symbian phone appears #QPSISummit2017 pic.twitter.com/MFHiAEKl4T— Collin Mulliner (@collinrm) May 18, 2017
So basically set your smartphone's name to %x%x%x%x and test for format string vulns in connected devices . here's a 2011 BMW 330i #Hackers pic.twitter.com/vhLKRnKYud— Eهاb Huسein (@__Obzy__) May 17, 2017
Papers and Slides from MOBILE SECURITY TECHNOLOGIES (MOST) 2017 an Academic Workshop
Android Security Bulletin - June 2017
LazyDroid - bash script to facilitate some aspects of an Android application assessment
factory and OTA images for Nexus devices
Android: Multiple Android devices do not revoke QSEE trustlets
Brazilian phishers are now asking for victim's IMEI in their fake bank pages, aiming to steal their accounts via mobile access
50+ iOS 11 Features Apple Didn't Announce On Stage [List]
Android Mazar 3.0 targets 41 banking apps
Google Publishes List of 42 Phones Running Latest Android Security Updates 42 is not a lot!
City-Wide IMSI-Catcher Detection
Up to $200,000 for Android exploits!
Mobile subscriber WiFi privacy (WiFi IMSI catcher!!) (paper)
Collection of the most common vulnerabilities found in iOS applications
Android O feature spotlight: Android tells you if an app is displaying a screen overlay
Priorities for Securing the Mobile Ecosystem (slides)
Cloak & Dagger Android Overlay attacks
Cloak & Dagger (slides)
Cloak & Dagger talk(youtube)
Honey, I Shrunk the Attack Surface Adventures in Android Security Hardening (slides)
With great speed comes great leakage - How processor performance is tied to side-channel leakage (slides)
Pwning the Nexus of Every Pixel (slides)
initroot: Bypassing Nexus 6 Secure Boot through Kernel Command-line Injection
Android Encryption Demystified
iPhone 7 and 7 Plus get a stable jailbreak on iOS 10.1.1 with extra_recipe+yaluX
The Shadow over Android (slides)
Apparently Google Play Store can now manage your app signing keys, and 'opt-in is permanent (via Nikolay Elenkov)
Hacking iOS Applications a detailed testing guide (doc)
Android malware that infected 3500 devices/day
iOS/macOS bugs slaughter list by P0's Ian Beer
Hacking the Samsung Galaxy S8 Irisscanner
Learning about Bluetooth protocols and reverse-engineering them.
A Simple Tool for Linux Kernel Audits
Google VS Root: Why SafetyNet is now standard for developers
Google Play can now restrict app distribution based on SafetyNet Attestation results, SoC vendor etc (via John Kozyrakis)
US Senate Adopts Signal, HTTPS A Year After Trying To Kill Encryption
Alarming Security Defects in SS7, the Global Cellular Network - and How to Fix Them
iOS Kernel utilities
Dutch Cops Bust Another PGP BlackBerry Company for Alleged Money Laundering
Multiple MediaTek vulnerabilities
Google Working on Fix for Android Permission Weakness
More Android phones than ever are covertly listening for inaudible sounds in ads
The Jiu-Jitsu of Detecting Frida
Thieves drain 2fa-protected bank accounts by abusing SS7 routing protocol
Over 100 CF-Auto-Roots were updated by ChainfireXDA
Android Security Bulletin - May 2017
de-obfuscate Android Ztorg obfuscated strings
Android Applications Reversing 101
A diagram of the Android Activity / Fragment lifecycle
Example of a powerful overlay attack executed by Android banker (video)
Identifying an Android Device - Available Identifiers
Diving Deeper into Android O
How To Put Any Android Smartphone Into Monitor Mode Using Custom Script Without bcmon
Android app analysis and feature extraction library
Introduction to Fridump
Here's How To Track The Smartphone Apps That Are Tracking You
AssetHook: A Redirector for Android Asset Files Using Old Dogs and Modern Tricks
Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices (paper)
Dirty COW and why lying is bad even if you are the Linux kernel
How to build and integrate OpenSSL into your Android NDK project
iOS DeviceCheck. Access per-device, per-developer data that your associated server can use in its business logic.
Changes to Trusted Certificate Authorities in Android Nougat