SyScan360 March, Singapore. Browsers Bug Hunting and Mobile device exploitation by Francisco Alonso.
Black Hat Asia March, Singapore. ANDROID COMMERCIAL SPYWARE DISEASE AND MEDICATION by Mustafa Saad. ENTERPRISE APPS: BYPASSING THE IOS GATEKEEPER by Avi Bashan & Ohad Bobrov. HEY YOUR PARCEL LOOKS BAD - FUZZING AND EXPLOITING PARCEL-IZATION VULNERABILITIES IN ANDROID by Qidan He. SU-A-CYDER: HOMEBREWING MALWARE FOR IOS LIKE A B0$$! by Chilik Tamir.
Mobile Pwn0rama the SyScan version of mobile pwn2own. Very cool!
CopperheadOS beta released for Nexus 5, 9, and 5X. I need to buy a new phone to try this out. For those who don't know about CopperheadOS, it is a hardened Android. I was waiting for something like this for a long time. Not as a user more like somebody should really do this. Anyway, looks pretty cool.
Last weekend I published a write-up on CVE-2016-0728 vs Android. The TL;DR is that this vulnerability was totally over hyped for Android. There is no practical impact for the Android platform.
New Dexguard String decoder for JEB 1.5. Tested on GFE 3.1.3. This release auto parse decoder function.
Android privilege escalation to mediaserver from zero permissions
On SMS logins: an example from Telegram in Iran
URL filtering in kernel land: what could possibly go wrong?
NexMon enables the monitor mode of the bcm4339 Wi-Fi chip on the Nexus 5.
diff of the wifi driver source that nicely shows the bug
Samsung has DBI tool for Android based on Capstone
Android Wifi kernel RC details
FlashFire updated to v0.26 - brings Marshmallow support. Can flash your monthly Nexus OTA and keep root
A Pattern for Remote Code Execution using Arbitrary File Writes and MultiDex Applications
PoC code for android RCE with multidex and ZIP files
Set of scripts to automate AOSP compatible vendor blobs generation from factory images
A few notes on usefully exploiting libstagefright on Android 5.x
LTE security and protocol exploits (slides from ShmooCon 2016)
Dextra for #OAT/#ART/#DEX reversing: now with better disasm,bug fixes.
check the BootUnlocker source for oneplus for details (checks if for tamper flag)
RCE in Open Mobile API
Deoptimize odex from oat.
Android sensord Local Root Exploit
Android ADB Debug Server Remote Payload Execution
HummingBad: A Persistent Mobile Chain Attack
ARTDroid: Simple and easy to use library to intercept virtual-method calls under the Android ART runtime. I totally need to check this out!