...stuff I do and things I like...

Thursday, April 14 2011

Mobile Security News Update April 2011

Conferences:
    SyScan Singapore Mobile Money is not a Ringtonea by The Grugq COSEINC; Targeting the iOS Kernel by Stefan Esser SektionEins; I'm going hunting, I'm the Hunter by Don Bailey iSEC Partners;Telecom Signaling attacks on 3G and LTE networks from SS7 to all-IP, all open by Philippe Langlois P1 Security inc.;

    Infiltrate Rock'm Sock'm Robots: Exploiting the Android Attack Surface by Bas Alberts and Massimiliano Oldani;

    SourceBosten Secure Development Lifecycle in the Mobile World by Marc French and Iron Mountain; Secure Development for iOS by David Thiel iSEC Partners; Tinker, Tailor, Soldier, A-GPS: How Cost Turns Security Devices Into Weapons by Don Bailey iSEC Partners.

    Hack in The Box Amsterdam Attacking 3G and 4G Telecommunication Networks by Enno Ray; I'm Going Hunting. I'm the Hunter. by Don Bailey; Popping Shell On A(ndroid)RM Devices by Itzhak Avrah; iPhone Data Protection in-Depth by Jean-Baptiste Bédrun; iNception Planting and Extracting Sensitive Data From Your iPhone's Subconscious by Laurent Oudot; Antid0te 2.0 - ASLR in iOS by Stefan Esser

    Looks quite okay, I never attended any SourceConference but the speakers are the usual suspects :-) Infiltrate is new. I would be mostly interested to hear Don Bailey's talk but judging from the number of talks he does on the subject I guess I'll catch it at BlackHat or Defcon in summer.


The mTAN trojan problem finally spread over to Europe and Germany. This version is called SpyEye and comes as a developer signed Symbian application.

Nico and myself finally released our Tech Report on SMS filtering recommendations. It's available here: Countering SMS Attacks: Filter Recommendations. Feedback is welcome.

I guess I missed a bunch of stuff but right now I'm kinda busy with work ;-)