#MobSec5: Week of April 11

Revue
 
What you'll find in this week's issue: a vulnerability that threatens mobile 2FA, Washington Post rep
 
April 14 · Issue #4 · View online
NowSecure #MobSec5
What you’ll find in this week’s issue: a vulnerability that threatens mobile 2FA, Washington Post reports it wasn’t Cellebrite that cracked the San Bernardino iPhone, an Android variant of Apple’s Swift, reacting to mobile security issues by limiting mobile device owners’ access to filesystems, and more.

Samsung Mobile Security Maintenance Release for April 2016
iOS and Android vulnerable to 2FA attack
FBI paid professional hackers one-time fee to crack San Bernardino iPhone - The Washington Post
Port to Android by modocache · Pull Request #1442 · apple/swift · GitHub
Bluetooth Pairing Authentication Bypass
Samsung Android phones expose modem interface via USB · ud2/advisories · GitHub
Overly restrictive SELinux filesystem permissions in Android N - Android Open Source Project - Issue Tracker - Google Project Hosting
GitHub - synack/chaoticmarch: A mechanism for automating input events on iOS
If You Can't Break Crypto, Break the Client: Recovery of Plaintext iMessage Data - Bishop Fox
GitHub - facebook/redex: A bytecode optimizer for Android apps
Did you enjoy this issue?
Thumbs up 1ae5a7bdfcd3220e2b376aa0c1607bc5edaba758e5dd83b482d03965219a220b Thumbs down e13779fa29e2935b47488fb8f82977fedcf689a0cc0cc3c19fa3c6bb14d1493b
Carefully curated by NowSecure #MobSec5 with Revue.
If you were forwarded this newsletter and you like it, you can subscribe here.
If you don't want these updates anymore, please unsubscribe here.