In this post I explain step-by-step how I solved the OWASP Mobile Security Testing Guide (MSTG) Crackme Level 1 using Frida (and how I then automated it).
Learn what the Cloudflare “Cloudbleed” bug is, how it impacts mobile apps, and review a list of 200 of the 3,500 most popular iOS apps that may be affected.
An attacker can exploit iOS WebViews to make automatic calls to an attacker-controlled phone number OR FaceTime address. Our research has found that FaceTime URL (facetime://) handlers are frequently overlooked in iOS applications. The oversight allows an attacker to potentially capture a video or snapshot of the affected user by directing them to a webpage from within a vulnerable WebView.
Issues associated with many apps’ CEVs.
We have developed a testing suite for detecting the vulnerabilities of Android devices.
Our security researcher Ryan Welten discovered a vulnerability in the Samsung IME Keyboard / language pack update.