Welcome to Bytewavelabs—your premier source for cybersecurity news, tips, and strategies. Our blog is dedicated to providing you with the latest updates on cybersecurity trends, best practices, and practical solutions to protect your digital assets. From detailed guides on how to secure your personal information to expert analysis of emerging cyber threats, CyberSafe Insights covers it all. Stay ahead of the curve with our actionable insights and expert advice tailored for both individuals
Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials. "The mechanisms include using malformed ZIP files in combination with JSONPacker," Cleafy security researchers Michele Roviello and Alessandro Strino said . "In addition, the application is installed through a dropper app that shares the same anti-analysis mechanisms." "These features are designed to evade detection and hinder cybersecurity professionals' efforts to analyze and mitigate the malware." TrickMo, first caught in the wild by CERT-Bund in September 2019, has a history of targeting Android devices, particularly targeting users in Germany to siphon one-time passwords (OTPs) and other two-factor authentication (2FA) codes to facilitate financial fraud. The mobile-focused malware is assessed to be the work of the ...
Get link
Facebook
X
Pinterest
Email
Other Apps
Flipper Zero releases Firmware 1.0 after three years of development
Get link
Facebook
X
Pinterest
Email
Other Apps
-
After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable hacking device.
Flipper Zero is a programmable device for pentesters that has faced controversy after users posted videos online showcasing illegal activities. Because of this, the gadged has been banned or restricted in some countries Canada, Brazil, and on the Amazon e-commerce platform.
At a glance, the first stable major firmware release solidifies support for 89 radio, 4 infrared, and 20 RFID protocols. It adds faster Bluetooth and NFC communications, JavaScript support, dynamic third-party application loading, and a month of battery life in standby mode.
Overview of Firmware 1.0 features Source: Flipper Zero
It is important to underscore that while Flipper Zero's previous firmware versions had introduced some of the features present in the latest revision, such as they were not fully stable and users experienced glitches.
The current release provide more stable operation and better performance.
Firmware 1.0 highlights
The Flipper Zero team highlights the following key features in the Firmware 1.0 release announcement:
Dynamic app loading: Users can now install community-developed apps from an Apps Catalog, saving system memory by running apps from FAP (Flipper Application Package) files on the microSD card.
NFC subsystem overhaul: The NFC system has been completely rewritten, improving card reading speed, adding support for new card types (e.g., ICODE® SLIX, FeliCa™ Lite-S), and enabling a plugin system for user card parsers.
JavaScript support: Flipper Zero now supports JavaScript, making app development more accessible compared to C/C++.
Sub-GHz improvements: Added support for 89 radio protocols, the ability to listen to analog walkie-talkies, and a new BinRAW file format for efficient signal storage and sharing.
Infrared (IR) enhancements: New universal IR remotes for various devices and support for external IR hardware with more powerful LEDs.
New NFC system's card reading performance Source: Flipper Zero
The general system improvements include an extended battery life in standby mode from one week to one month. The new Flipper Zero firmware also comes with double the transfer speed for Bluetooth connections (BLE) with Android devices.
Additionally, firmware updates over Bluetooth are delivered 40% faster because of better compression of the update packages.
Users of the popular penetration testing device are recommended to upgrade their firmware version to the latest release for more reliable afunctionality of the features offered.
The latest firmware is available for free via the official downloads portal on the Flipper Zero site, and its installation is possible either over Bluetooth from a mobile device or from the computer using a USB connection with the qFlipper app.
Regarding the next steps in Flipper Zero's evolution beyond this major release, a member of the team has told BleepingComputer that their primary focus will shift to developing a new product.
However, Flipper Zero will continue to expand in capabilities and the developers will address and fix existing issues, as well as accept community-driven patches.
Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials. "The mechanisms include using malformed ZIP files in combination with JSONPacker," Cleafy security researchers Michele Roviello and Alessandro Strino said . "In addition, the application is installed through a dropper app that shares the same anti-analysis mechanisms." "These features are designed to evade detection and hinder cybersecurity professionals' efforts to analyze and mitigate the malware." TrickMo, first caught in the wild by CERT-Bund in September 2019, has a history of targeting Android devices, particularly targeting users in Germany to siphon one-time passwords (OTPs) and other two-factor authentication (2FA) codes to facilitate financial fraud. The mobile-focused malware is assessed to be the work of the ...
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. In the notification sent to impacted clients, the company says that hackers had access to its network for nearly a year, between August 2023 and June 2024. Slim CD is a provider of payment processing solutions that enables businesses to access electronic and card payments via web-based terminals, mobile, or desktop apps. The firm first detected suspicious activity on its systems this year on June 15. During the investigation, the company discovered that hackers had gained access to its network since August 17, 2023. “The investigation identified unauthorized system access between August 17, 2023, and June 15, 2024,” reads the notification to impacted individuals. However, Slim CD says that the threat actor viewed or obtained access to credit card information this year for two days, between June 14th an...
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again. Meta says that WhatsApp's "View once" feature (introduced three years ago ) enables users to share photos, videos, and voice messages privately, seeing that the recipient shouldn't be able to forward, share, copy, or screenshot their messages because they will automatically disappear from chats after being opened once. "Once you send a view once photo, video, or voice message, you won’t be able to view it again," the company explains on its support website. "Any photos or videos you send won’t be saved to the recipient’s Photos or Gallery. The recipient also can’t take a screenshot of anything you send using view once." However, "View once" will only block WhatsApp users from screenshotting what is being sent on mobile devices because deskt...
Comments
Post a Comment