Tweets from November 2015

RT @ax330d: Friends been asking me regarding browser sec, so I made this - “Browser mitigations against memory corruption...” - https://t.co/hF7RZNyuwV

10:35pm November 30th 2015 via FalconPro3

RT @wooyunsec: A Research on general auto-unpacking methods for Android applications https://t.co/6nxM45cOem

9:08am November 30th 2015 via FalconPro3

RT @radareorg: It's no longer a surprise! Frida and Radare hackaton will happen in Barcelona during the @NoConName congress. Are you ready for it?

10:51pm November 29th 2015 via Twitter for Android

RT @Fuzion24: Qualcomm Trustzone (QSEE) vulnerability writeup. Awesome work @firewaterdevs https://t.co/UBrj1WMwPm

4:23am November 29th 2015 via FalconPro3

RT @jcase: The trustzone vulnerability that unlocked the droid turbo https://t.co/TZPaZmqR6p by beaups of @firewaterdevs and @TheRootNinja

4:23am November 29th 2015 via FalconPro3

RT @MDSecLabs: We've just released an advisory on a vulnerability found in the Samsung Voice app on the Galaxy S6 https://t.co/h2yQxm4KJK

4:19am November 29th 2015 via FalconPro3

RT @maldr0id: Let's try again: my talk from @hesconference about #Android #malware with corrected link: https://t.co/KbhWMmSQCx :)

4:33pm November 27th 2015 via FalconPro3

The Nexus 6P and the (free) new Chromecast just arrived \o/ https://t.co/fw43L9EdmN

9:49am November 27th 2015 via FalconPro3

RT @oleavr: Got 35 minutes to spare and want a crash-course on how to use Frida? Watch my @nluug presentation here: https://t.co/AEUyKDVkZY

7:58pm November 26th 2015 via Twitter Web Client

RT @Heathcliff74XDA: Windows Phone Internals - Unlock bootloader, Enable Root Access and create Custom ROM's on selected Lumia's https://t.co/LkTpzXQTXx

2:40pm November 26th 2015 via FalconPro3

RT @Mobile_Sec: A talk about Android permissions at @AndroidDev Summit 2015 "Mother, May I?" Asking for Permissions" https://t.co/u0GEqSe4Ab

6:39am November 26th 2015 via FalconPro3

RT @Mobile_Sec: A talk about TLS, TSL Mistakes and misconfigurations, at @AndroidDev Summit 2015 "Keep it Secret, Keep it Safe" https://t.co/m71yyL2N15

6:39am November 26th 2015 via FalconPro3

RT @jebdec: JEB2 Cluster script demo at https://t.co/SEqIlGtc8a gives an idea of how to auto. rebuild flat DEX code hierarchies https://t.co/qqSa5VF2OH

9:22pm November 25th 2015 via FalconPro3

RT @jcase: A Holiday gift to everyone, details of the root exploit we used in SunShine: https://t.co/xYiijb0bZD + other vulns https://t.co/B0IgELfFKk

8:22pm November 25th 2015 via FalconPro3

RT @CopperheadSec: Since OEM unlocking needs to be enabled within the OS and then triggered via fastboot over USB. So there's really no drawback...

8:21pm November 25th 2015 via FalconPro3

RT @CopperheadSec: Unlocking the current generation of Nexus devices (9, 5x, 6p) requires having both system-level access in the OS and physical access.

8:21pm November 25th 2015 via FalconPro3

RT @raviborgaonkar: Huawei doing great in disclosing 'Security Advisory' for baseband bugs too.Hope Qualcomm/MediaTek/Samsung to follow https://t.co/AgKMtx8wkC

8:21pm November 25th 2015 via FalconPro3

RT @mountainmanjed: CPS2 Song format in the simplest way to explain it. 0x00 ~ 0x1F commands 0x20 ~ 0xFF Rests and Notes

6:18pm November 24th 2015 via FalconPro3

RT @radareorg: Pushed updates for all the 4 android architectures (arm, arm64, mips, x86) (thx @pof for the shot) https://t.co/yBLY3Ay8fm

9:53am November 24th 2015 via FalconPro3

@jcase @mhelmer2 @jcasap you can't imagine the amount of mentions I get that are actually for @PlentyOfFish :P

9:06pm November 23rd 2015 via FalconPro3 in reply to jcase

RT @AndroidDev: Introducing Android Studio 2.0 with Instant Run, dramatically improving your app build and deploy times: https://t.co/rY8AJZL3vc

7:21pm November 23rd 2015 via FalconPro3

RT @Mobile_Sec: Web Authentication Protocols and New Backup Attack Surface Against Web Authentication on Android: https://t.co/4hV4Enamgd @BlackHatEvents

7:12pm November 23rd 2015 via FalconPro3

RT @opexxx: Botanist - APK toolchain fingerprinting and clustering program. Based on Androguard, radare2. https://t.co/Izs9p7Cwb0 — PythonArsenal (Py…

11:35am November 23rd 2015 via Twitter Web Client

@Maijin212 @betherat oh, i'll check if I still have the source in some old backup... those were made many years ago :/

10:11pm November 21st 2015 via FalconPro3 in reply to Maijin212

@collinrm exfat for filesystem, for encryption i guess truecrypt or some magic with docker & dm-crypt

8:29pm November 21st 2015 via FalconPro3 in reply to collinrm

RT @NowSecureMobile: VTS has 70K+ downloads on Google Play. @Fuzion24 offers actions to improve device security https://t.co/XSEktYRGNE https://t.co/FtGNcGlJBD

8:05pm November 20th 2015 via FalconPro3

RT @AndroidTamer: Fuzzing Android: a recipe for uncovering vulnerabilities inside system components in Android: https://t.co/H0SoDPPeJb

8:00pm November 20th 2015 via FalconPro3

RT @virqdroid: File Format Fuzzing in Android – Giving a Stagefright to the Android Installer - https://t.co/19ghfK8uNp

7:59pm November 20th 2015 via FalconPro3

RT @oleavr: Slides for my @nluug talk on @fridadotre can be found at: https://t.co/DUhgVjA2IJ Demos are at: https://t.co/ORfas9HiSl

9:33pm November 19th 2015 via FalconPro3

RT @collinrm: Mobile Security News November 2015 https://t.co/CNYk4XUWyC mobile pwn2own and LTE security \o/

7:01am November 19th 2015 via FalconPro3

RT @Fuzion24: Android VTS now has checks for CVE-2015-6608 (released earlier this month) : https://t.co/G79FmoG50x

7:00am November 19th 2015 via FalconPro3

RT @Fuzion24: https://t.co/Mk17o76eXQ "SVE-2015-4363: Inputmethod vulnerability. Reported on: Blackhat London 2015" Except no. It was reported Nov 2014.

10:47pm November 17th 2015 via FalconPro3

RT @claud_xiao: FakeDebuggerd.D, AFAIK the first Android Trojan infecting system binaries just like traditional virus: https://t.co/ZDiV2LJV4F (in Chinese)

7:57am November 17th 2015 via FalconPro3

RT @andremoulu: Samsung Android Security Update - November 2015 https://t.co/Cm6MO7DjDe

7:57am November 17th 2015 via FalconPro3

RT @natashenka: Cool, @quarkslab independently discovered CVE-2015-7888 from the Samsung bug bash, and exploited it too! https://t.co/pZsNnvRw4t

4:15am November 17th 2015 via FalconPro3

RT @oldfresher: PoC for CVE-2015-6612 https://t.co/Tw8pErclcG, Google said i wasn't the first reporter, I reported it at Aug 21,the first reporter at Aug 23

4:14am November 17th 2015 via FalconPro3

@edcrossed sí, apúntate aquí: https://t.co/CLHTOg2v4Y o entra a la sala de Super Turbo en @FightCade (hacemos un torneo cada mes)

3:19pm November 16th 2015 via Twitter Web Client in reply to edcrossed

@edcrossed me eliminaron en la 5a (jugué fatal), ahora acabo de ver que tú también estabas! https://t.co/fvRSoeh1JS

2:35pm November 16th 2015 via Twitter for Android in reply to edcrossed

RT @AndroidPolice: PSA: Unlocking The Nexus 6P Bootloader Requires The New 'Flashing' Command, Likely To Become Common For Many… https://t.co/VbcFUW4J9s

2:13am November 16th 2015 via FalconPro3

RT @AndroidPolice: The Xposed Framework And Installer Are Now Available For Android 6.0 Devices https://t.co/FCpUBFg0Pn

2:09am November 16th 2015 via FalconPro3

RT @psifertex: Released the full source and built ROMs for the Pwn Adventure Z NES game/CTF challenge over on https://t.co/6oN0cQD8aY Enjoy!

2:09am November 16th 2015 via FalconPro3

RT @PatrickMcCanna: I found this #BHEU Security of Backend as a Service talk insightful on new classes of mobile dev security errors https://t.co/mtV3XiKqun

2:00am November 16th 2015 via FalconPro3

RT @CopperheadSec: Interview with Tom's Hardware on Android security, CopperheadOS and the BlackBerry Priv: https://t.co/CI8fOsEkE4.

1:51am November 16th 2015 via FalconPro3

RT @_jsoo_: AUTHENTICATOR LEAKAGE THROUGH BACKUP CHANNELS ON ANDROID - https://t.co/ekQxAl4q16

1:47am November 16th 2015 via FalconPro3

RT @SwiftOnSecurity: uh some Android apps are hijacking your microphone and uploading what commercials you watch using audio signatures? https://t.co/0jvzvRI2Hz

1:41am November 16th 2015 via FalconPro3

RT @rotlogix: I wanna beat the dead horse too! - ZipInputStream Armageddon - https://t.co/C8LQPzKJ4D /cc @andremoulu @Fuzion24 #mobile #android #security

1:37am November 16th 2015 via FalconPro3

RT @CopperheadSec: Started work on securing @CyanogenMod's root implementation with @tehjh. Local privilege escalation via a race: https://t.co/pG7kE5h8JV.

3:18pm November 13th 2015 via Twitter Web Client

RT @FightCade: Posters and flyers ready for @RetroBarcelona tomorrow! Come and say 'hi' to #FightCade crew in the 2XBCN stand! :) https://t.co/Bqjae3kfAj

2:38pm November 13th 2015 via FalconPro3

RT @mwrlabs: Automated EMV Protocol Fuzzer device with python interface, video demos included https://t.co/71WpnSccVi

4:15pm November 12th 2015 via FalconPro3

RT @dragosr: PWN2OWN Mobile: After powering up patched S6 Edge near their base station any phone number I called rang on their cellphone

4:15pm November 12th 2015 via FalconPro3

RT @Dinosn: Snooping Samsung S6 calls with bogus base stations https://t.co/OqbIxvmccE

4:14pm November 12th 2015 via FalconPro3

RT @andremoulu: A bit late but: RCE as System User on Android 5 Samsung Devices abusing WifiCredService (Hotspot 2.0) - https://t.co/rmzkOXRPaA cc @Fuzion24

4:14pm November 12th 2015 via FalconPro3

RT @quarkslab: [BLOG] Remote Code Execution as System User on Android 5 Samsung Devices abusing WifiCredService by @andremoulu https://t.co/MYeGUZEfLd

4:12pm November 12th 2015 via FalconPro3

RT @AndroBugs: AndroBugs Framework (an efficient Android App vulnerability scanner) is now open-sourced on Github: https://t.co/zI2JBqPmcc

7:40am November 12th 2015 via FalconPro3

RT @dragosr: PWN2OWN Moblie: @kutyacica @iamnion just pwned baseband processor Samsung Edge with their SDR base station. https://t.co/YE5cYAs743

5:28am November 12th 2015 via FalconPro3

RT @kutyacica: so @iamnion & I won #pwn2own @PacSecjp exploiting the Samsung Galaxy S6 Edge baseband. RCE turned into wiretap implant,invisible to Android.

5:26am November 12th 2015 via FalconPro3

RT @timstrazz: Interesting #Android Packer/Protector sample NagaProtect (seems heavily changed than before) https://t.co/kFSGtUA0TQ

5:11am November 12th 2015 via FalconPro3

RT @CopperheadSec: AOSP adopted hidepid=2 based on our implementation: https://t.co/qLWiMCoHX8. They wanted to do this but didn't know about the gid option.

8:49am November 10th 2015 via FalconPro3

RT @caleb_fenton: android app capable of "self-compilation, mutation and viral spreading", looks neat: https://t.co/LH9fREejYC and https://t.co/QaXsy7Lk6e

4:08pm November 9th 2015 via FalconPro3

RT @CopperheadSec: The changes proposed in https://t.co/KwqqCOIA1P and https://t.co/Yh8tnyk5VQ would be major game changers for the app security model.

8:05pm November 8th 2015 via FalconPro3

RT @CopperheadSec: And https://t.co/42ArXpHLM9 completely killed off text relocations for the base system. Only allowed for 32-bit apps below API level 23 now.

8:05pm November 8th 2015 via FalconPro3

RT @CopperheadSec: https://t.co/YfLsH2DIjy was a nice improvement. We mentioned that system apps can ptrace each other and nnk fixed it within 10 minutes.

8:04pm November 8th 2015 via FalconPro3

RT @SecuringApps: My slides on terrible android appsec at #cybsec15 : https://t.co/s4rGrJtRBF

12:28am November 8th 2015 via FalconPro3

RT @ahoog42: Android VTS is the newest open source tool from @NowSecureMobile - now on @GooglePlay https://t.co/86cpjAvavL https://t.co/1f3HdtN50t

2:42am November 7th 2015 via FalconPro3

RT @AndroidPolice: Why Does My Android Phone Have eFuses And Why Should I Care About Them? https://t.co/kig8M9K09H

2:42am November 7th 2015 via FalconPro3

@timstrazz been using adbfs for certain tasks since long ago, works well but sadly adb is sloooooow for file transfers

7:31am November 6th 2015 via FalconPro3 in reply to timstrazz

RT @claud_xiao: Ha, I like this "Homebrew NES game built for a 2015 CSAW CTF Finals": https://t.co/TdqJOwkP1D

6:21am November 4th 2015 via FalconPro3

RT @AndroidPolice: As Of Android 6.0, OEMs Will Be Required To Provide Secure Factory Reset On Their Devices (If They Haven't Already) https://t.co/LTkg56WasA

5:41am November 4th 2015 via FalconPro3

@minid jejeje gracias x acordarte! Cheeee (OvO)

6:42am November 3rd 2015 via Twitter for Android in reply to minid

RT @Fuzion24: Samsung S6 ownage by Project Zero. Many critical flaws in < a week of research. OEM modifications are bad. https://t.co/81K3ReL3Qd

5:48am November 3rd 2015 via FalconPro3

RT @andremoulu: Nexus Security Bulletin - November 2015 https://t.co/zj8hlm0466

9:23pm November 2nd 2015 via FalconPro3

RT @AndroidPolice: RootJunky Shows Off Just How Easy It Is To Bypass The Factory Reset Protection On Samsung Phones Due To A Flaw In… https://t.co/GZYthp8l9T

9:23pm November 2nd 2015 via FalconPro3

RT @Fuzion24: ZipFury: *ANOTHER* Arbitrary file write as system via zip directory traversal on Samsung devices: https://t.co/709zy7yyzA via @marcograss

9:16pm November 2nd 2015 via FalconPro3