I'm still waiting for the 31C3 program to be released, but since I was reviewing the security submissions I can tell you that there will be a bunch of good mobile security related talks this year. As usual I will be in Hamburg to attend CCC.
So far there are no upcoming conferences that have released their program yet.
I've recently updated to Android 5.0. Overall I think it turned out quite nice. The changes related to notifications suck really badly. Apparently you cannot turn off audio and vibration but still get the visual notification (LED). I really liked the old way to set notifications: ring/vibrate/off. The extended battery time everybody is talking about I don't recognize (Nexus 5). The more tight integration with googles services sucks too. Why does it need to show my google account logo on the top right of my status bar? This is useful for what?
Links and Stories:
Android Device Inventory collect information about Android devices. Created by @thuxnderAndroid bugs:
Owning a computer via 4G modem an SMS I want more details, I couldn't find the slides of the talk.
RED ALERT: Dangerous Exploit Poses Major Threat To All Android Users a browser extension from an Ad company tries to push an APK to your phone.
Android IMSI Catcher Detector seems like an interesting project, they seem to have an early alpha release.
Lollipop stops Chromium bugs from endangering Android History of Android Browser engines and security. via @jduck
broadAnyWhere seems like you can send broadcast events to any receiver. I still haven't figured out the details yet.
CVE-2014-7911: Android <5.0 Privilege Escalation using ObjectInputStream looks pretty interesting, I would like to see a working exploit for this.
Samsung Galaxy KNOX Android Browser RCE
Abusing Samsung KNOX to remotely install a malicious application: story of a half patched vulnerability