Lukas Stefanko

@LukasStefanko

Malware Researcher at Android security, malware analysis, app vulnerability research

Vrijeme pridruživanja: prosinac 2014.

Tweetovi

Blokirali ste korisnika/cu @LukasStefanko

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @LukasStefanko

  1. Prikvačeni tweet
    30. lis 2019.

    Great! Two of mine contributions for new mobile attack techniques were added to Access Notifications & Input Injection

    Poništi
  2. proslijedio/la je Tweet
    2. velj

    How to create fake traffic jams in Google Maps with bucket full of smartphones Different perspective: 1) Buy mobile bots 2) Spoof GPS location 3) Control traffic

    Poništi
  3. 2. velj

    How to create fake traffic jams in Google Maps with bucket full of smartphones Different perspective: 1) Buy mobile bots 2) Spoof GPS location 3) Control traffic

    Poništi
  4. 31. sij

    Adding Android Adware and it's negative impact via

    Prikaži ovu nit
    Poništi
  5. 31. sij
    Prikaži ovu nit
    Poništi
  6. 30. sij

    It's so common, there are memes already

    Poništi
  7. 28. sij

    Ring doorbell app on Android shares its users personal information with third-party companies according to -names, email -private IP addresses -mobile network carriers -persistent identifiers -sensor data (magnetometer, gyroscope,accelerometer) -etc.

    Poništi
  8. 25. sij

    Android Smali Debugger (under development)

    Poništi
  9. 24. sij

    Security without pentests 2️⃣8️⃣: Jailbreak

    Prikaži ovu nit
    Poništi
  10. 23. sij

    Here is CVE-2019-11932 (double-free vulnerability) analysis + video exploit demo

    Prikaži ovu nit
    Poništi
  11. 23. sij

    Forensic analysis of Jeff Bezos hacked iPhone was exploited via vulnerability that probably triggered RCE. Similar exploit was fixed in October 2019- CVE-2019-11932(double-free vulnerability) but instead of video it was triggered by GIF

    Prikaži ovu nit
    Poništi
  12. 22. sij

    Android app is the first audited open source now✌ Great move, however it also means there could be Trojanized versions distributed in the wild. Because of that, you should download only from Google Play Store

    Poništi
  13. 20. sij

    Malware art My wife painted for my office work related painting. Next time, I will ask for Android custom theme with Anubis 2.5 binary in the background. That would be way more cool :)

    Poništi
  14. 20. sij

    Exploiting SQL Injection in Android's Download Provider (CVE-2019-2198) Blind SQL injection in Android's Download Provider will retrieve user cookies of downloaded file website (e.g. Gmail). Patched in November's 2019 Android Security Bulletin. PoC + info:

    Poništi
  15. 15. sij

    Security without pentests 2️⃣7⃣ Courtesy

    Prikaži ovu nit
    Poništi
  16. 13. sij

    Security without pentests 2️⃣6️⃣

    Prikaži ovu nit
    Poništi
  17. 10. sij

    Good points on why is Joker so successful in getting into Google Play

    Prikaži ovu nit
    Poništi
  18. 9. sij

    Joker Trojan Family history by Google -tracked since 2017 -removed 1.7K unique apps before going public -SMS fraud then WAP billing (as we know Joker now) -at peak, 23 different Jokers submitted in one day to GP check technical analysis by

    Prikaži ovu nit
    Poništi
  19. 8. sij

    CSRF + XSS + SMS spoofing + Android deep link URL redirection Great example of chaining low impact vulnerabilities in to remotely manipulate account content -delete user video -upload user video -make "private" videos "public" via

    Poništi
  20. 8. sij

    What a interesting vulnerability in HockeyApp platform Leaked API key allowed: -fetch internal employee contacts -distribute directly to devices of organization employees as internal app update +PoC Metasploit scenario

    Poništi
  21. 3. sij

    Security without pentests 2️⃣5️⃣: Not tested cheap car carpets

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·