From 6583c88f56dc3794bfc1690f7fcc5431f3ce7d8e Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Mon, 25 Jul 2022 09:02:26 -0400 Subject: [PATCH 01/15] added reference for APP-3 --- _includes/references.md | 1 + 1 file changed, 1 insertion(+) diff --git a/_includes/references.md b/_includes/references.md index 1fbafac..f1c54ce 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -558,3 +558,4 @@ [^307]: Security Research Labs, _New SIM attacks de-mystified, protection tools now available_, blog; https://srlabs.de/bites/sim_attacks_demystified/ [accessed 12/03/2019] [^308]: Wikipedia, _Side-channel attack_; https://en.wikipedia.org/wiki/Side-channel_attack [accessed 12/09/2019] +[^309]: S. Fahl, "Web & Mobile Security Knowledge Area", The Cyber Security Body of Knowledge, white paper; Jul. 2021, https://www.cybok.org/media/downloads/Web_Mobile_Security_v1.0.1.pdf [accessed 7/25/22] From 888645d811b5f6ec94fd5ad33a367effdb3d089c Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Mon, 25 Jul 2022 09:02:59 -0400 Subject: [PATCH 02/15] added space before reference 309 --- _includes/references.md | 1 + 1 file changed, 1 insertion(+) diff --git a/_includes/references.md b/_includes/references.md index f1c54ce..ef00a0f 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -558,4 +558,5 @@ [^307]: Security Research Labs, _New SIM attacks de-mystified, protection tools now available_, blog; https://srlabs.de/bites/sim_attacks_demystified/ [accessed 12/03/2019] [^308]: Wikipedia, _Side-channel attack_; https://en.wikipedia.org/wiki/Side-channel_attack [accessed 12/09/2019] + [^309]: S. Fahl, "Web & Mobile Security Knowledge Area", The Cyber Security Body of Knowledge, white paper; Jul. 2021, https://www.cybok.org/media/downloads/Web_Mobile_Security_v1.0.1.pdf [accessed 7/25/22] From c71f898b577339502f773dce80230fa88da0fe1e Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Tue, 26 Jul 2022 09:03:07 -0400 Subject: [PATCH 03/15] Updated link for APP-14 [^70] --- _includes/references.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/_includes/references.md b/_includes/references.md index ef00a0f..8cf6f7d 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -129,7 +129,7 @@ [^69]: "[Vulnerability Identifier]: LOOK-11-001, blog, 1 Feb. 2011; https://blog.lookout.com/look-11-001/ [accessed 8/25/2016]" -[^70]: A. Donenfeld, Stumping the Mobile Chipset, presented at DEFCON 24, 7 Aug. 2016; https://media.defcon.org/DEF CON 24/DEF CON 24 presentations/DEFCON-24-Adam-Donenfeld-Stumping-The-Mobile-Chipset.pdf [accessed 8/25/2016] +[^70]: A. Donenfeld, Stumping the Mobile Chipset, presented at DEFCON 24, 7 Aug. 2016; https://kipdf.com/stumping-the-mobile-chipset_5afc4b768ead0ed8128b4574.html [accessed 7/26/2022] [^71]: A. Brandt, "Android Towelroot Exploit Used to Deliver Dogspectus Ransomware", blog, 25 Apr. 2016; www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware [accessed 8/25/2016] @@ -558,5 +558,3 @@ [^307]: Security Research Labs, _New SIM attacks de-mystified, protection tools now available_, blog; https://srlabs.de/bites/sim_attacks_demystified/ [accessed 12/03/2019] [^308]: Wikipedia, _Side-channel attack_; https://en.wikipedia.org/wiki/Side-channel_attack [accessed 12/09/2019] - -[^309]: S. Fahl, "Web & Mobile Security Knowledge Area", The Cyber Security Body of Knowledge, white paper; Jul. 2021, https://www.cybok.org/media/downloads/Web_Mobile_Security_v1.0.1.pdf [accessed 7/25/22] From e41e1dfdfc9796eda8319c16e3b6f647c626d41e Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Tue, 26 Jul 2022 09:49:06 -0400 Subject: [PATCH 04/15] Updated working link in [^71], for APP-5 --- _includes/references.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/references.md b/_includes/references.md index 8cf6f7d..3e08f39 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -131,7 +131,7 @@ [^70]: A. Donenfeld, Stumping the Mobile Chipset, presented at DEFCON 24, 7 Aug. 2016; https://kipdf.com/stumping-the-mobile-chipset_5afc4b768ead0ed8128b4574.html [accessed 7/26/2022] -[^71]: A. Brandt, "Android Towelroot Exploit Used to Deliver Dogspectus Ransomware", blog, 25 Apr. 2016; www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware [accessed 8/25/2016] +[^71]: A. Brandt, Towelroot and Leaked Hacking Team Exploits Used to Deliver “Dogspectus” Ransomware to Android Devices, blog, 26 Apr. 2016; https://www.outlookseries.com/A0977/Security/3695_Towelroot_Leaked_Hacking_Team_Exploits_Dogspectus_Ransomware_Android_Devices.htm [accessed 7/26/2022] [^72]: JailbreakMe; https://jailbreakme.qoid.us [accessed 8/25/2016] From 89b6a7c7a6e235dbc2f9bf7a092844f788c654d1 Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Thu, 28 Jul 2022 09:02:11 -0400 Subject: [PATCH 05/15] #319: PAY-5 [^250] link changed --- _includes/references.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/references.md b/_includes/references.md index 3e08f39..30116df 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -469,7 +469,7 @@ [^243]: S. Skorobogatov, "The bumpy road towards iPhone 5c NAND mirroring," University of Cambridge Computer Laboratory, Cambridge, MA, 2016 -[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; http://simalliance.org/wp-content/uploads/2015/03/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 10/24/2016] +[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; https://www.fintechfutures.com/files/2014/04/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 7/27/2022] [^251]: Host Card Emulation (HCE) 101, white paper MNFCC-14002, Smart Card Alliance Mobile & NFC Council, 2014; http://www.smartcardalliance.org/downloads/HCE-101-WP-FINAL-081114-clean.pdf [accessed 10/24/2016] From a08d6cc625843efdc1a07812a59c007ee2faa384 Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Thu, 28 Jul 2022 09:03:46 -0400 Subject: [PATCH 06/15] #320: PHY-3 [^146] link changed --- _includes/references.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/references.md b/_includes/references.md index 30116df..e7dbbd6 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -279,7 +279,7 @@ [^145]: M. Brignall, "Sim-Swap Fraud Claims Another Mobile Banking Victim", The Guardian, 16 Apr. 2016; www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters [accessed 8/25/2016] -[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; http://get.skycure.com/hubfs/Reports/BYOD_and_Mobile_Security_Report_2016.pdf [accessed 8/25/2016] +[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; https://docs.broadcom.com/doc/byod-and-mobile-security-en [accessed 7/28/22] [^147]: V. Blue, "Researchers Show How to Hack an iPhone in 60 Seconds", ZDNet, 31 July 2013; www.zdnet.com/article/researchers-reveal-how-to-hack-an-iphone-in-60-seconds/ [accessed 8/25/2016] From 25da262a042eb227b70154f11bf23966f0bda05f Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Thu, 28 Jul 2022 09:13:16 -0400 Subject: [PATCH 07/15] #321: PHY-2 and STA-42 [^143] [^144] link changed --- _includes/references.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_includes/references.md b/_includes/references.md index e7dbbd6..62adb2f 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -273,9 +273,9 @@ [^142]: J.F. Miller, "Supply Chain Attack Framework and Attack Patterns", tech. report, MITRE, Dec. 2013; www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf -[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365. +[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] -[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://media.blackhat.com/bh-dc-11/Stavrou-Wang/BlackHat_DC_2011_Stavrou_Zhaohui_USB_exploits-Slides.pdf [accessed 8/25/2016] +[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] [^145]: M. Brignall, "Sim-Swap Fraud Claims Another Mobile Banking Victim", The Guardian, 16 Apr. 2016; www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters [accessed 8/25/2016] From f9876620eea038b309c66b96ab29baebefa2556e Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Thu, 28 Jul 2022 09:15:49 -0400 Subject: [PATCH 08/15] #322: ECO-0 [^193] link changed --- _includes/references.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/references.md b/_includes/references.md index 62adb2f..97bf430 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -367,7 +367,7 @@ [^192]: C. Xiao, "BackStab: Mobile Backup Data Under Attack from Malware", paloalto, 7 Dec. 2015; http://researchcenter.paloaltonetworks.com/2015/12/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 8/29/2016] -[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://www.paloaltonetworks.com/resources/research/unit42-backstab-mobile-backup-data-under-attack-from-malware.html [accessed 8/29/2016] +[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://unit42.paloaltonetworks.com/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 7/28/2022] [^194]: Elcomsoft Phone Breaker; https://www.elcomsoft.com/eppb.html [accessed 8/29/2016] From c00942b26bdb4965beeb3bd5a1ff4c0b9a3abb69 Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Thu, 28 Jul 2022 09:17:20 -0400 Subject: [PATCH 09/15] #323: STA-40 [^S-Konstantaras-1] link changed --- _includes/references.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_includes/references.md b/_includes/references.md index 97bf430..3402cea 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -483,7 +483,7 @@ [^247]: D. Pauli, "Every LTE call, text, can be intercepted, blacked out, hacker finds", The Register, 23 Oct 2016; http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/ [accessed 10/26/2016] -[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://staff.science.uva.nl/j.j.vanderham/cases/wifi-sd-cards.pdf [accessed 10/24/2016] +[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://cupdf.com/document/exploiting-vulnerabilities-of-wi-fi-sd-cards-os3nl-vulnerabilities-of-wi-fi-sd.html?page=1 [accessed 7/28/2022] [^Bunnie-1]: bunnie:studios, "On Hacking MicroSD Cards", blog, Dec. 2013; https://www.bunniestudios.com/blog/?p=3554 [accessed 10/24/2016] From 90987d005e12e19ea97387f5689dc85c7ffdd76e Mon Sep 17 00:00:00 2001 From: samz-cs Date: Thu, 28 Jul 2022 09:51:42 -0400 Subject: [PATCH 10/15] reverting commits that were meant for 316 --- _includes/references.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/_includes/references.md b/_includes/references.md index 3402cea..3e08f39 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -273,13 +273,13 @@ [^142]: J.F. Miller, "Supply Chain Attack Framework and Attack Patterns", tech. report, MITRE, Dec. 2013; www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf -[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] +[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365. -[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] +[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://media.blackhat.com/bh-dc-11/Stavrou-Wang/BlackHat_DC_2011_Stavrou_Zhaohui_USB_exploits-Slides.pdf [accessed 8/25/2016] [^145]: M. Brignall, "Sim-Swap Fraud Claims Another Mobile Banking Victim", The Guardian, 16 Apr. 2016; www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters [accessed 8/25/2016] -[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; https://docs.broadcom.com/doc/byod-and-mobile-security-en [accessed 7/28/22] +[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; http://get.skycure.com/hubfs/Reports/BYOD_and_Mobile_Security_Report_2016.pdf [accessed 8/25/2016] [^147]: V. Blue, "Researchers Show How to Hack an iPhone in 60 Seconds", ZDNet, 31 July 2013; www.zdnet.com/article/researchers-reveal-how-to-hack-an-iphone-in-60-seconds/ [accessed 8/25/2016] @@ -367,7 +367,7 @@ [^192]: C. Xiao, "BackStab: Mobile Backup Data Under Attack from Malware", paloalto, 7 Dec. 2015; http://researchcenter.paloaltonetworks.com/2015/12/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 8/29/2016] -[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://unit42.paloaltonetworks.com/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 7/28/2022] +[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://www.paloaltonetworks.com/resources/research/unit42-backstab-mobile-backup-data-under-attack-from-malware.html [accessed 8/29/2016] [^194]: Elcomsoft Phone Breaker; https://www.elcomsoft.com/eppb.html [accessed 8/29/2016] @@ -469,7 +469,7 @@ [^243]: S. Skorobogatov, "The bumpy road towards iPhone 5c NAND mirroring," University of Cambridge Computer Laboratory, Cambridge, MA, 2016 -[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; https://www.fintechfutures.com/files/2014/04/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 7/27/2022] +[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; http://simalliance.org/wp-content/uploads/2015/03/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 10/24/2016] [^251]: Host Card Emulation (HCE) 101, white paper MNFCC-14002, Smart Card Alliance Mobile & NFC Council, 2014; http://www.smartcardalliance.org/downloads/HCE-101-WP-FINAL-081114-clean.pdf [accessed 10/24/2016] @@ -483,7 +483,7 @@ [^247]: D. Pauli, "Every LTE call, text, can be intercepted, blacked out, hacker finds", The Register, 23 Oct 2016; http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/ [accessed 10/26/2016] -[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://cupdf.com/document/exploiting-vulnerabilities-of-wi-fi-sd-cards-os3nl-vulnerabilities-of-wi-fi-sd.html?page=1 [accessed 7/28/2022] +[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://staff.science.uva.nl/j.j.vanderham/cases/wifi-sd-cards.pdf [accessed 10/24/2016] [^Bunnie-1]: bunnie:studios, "On Hacking MicroSD Cards", blog, Dec. 2013; https://www.bunniestudios.com/blog/?p=3554 [accessed 10/24/2016] From 83a23ac4d881d28746385846905321ed794bec1a Mon Sep 17 00:00:00 2001 From: samz-cs Date: Thu, 28 Jul 2022 10:16:58 -0400 Subject: [PATCH 11/15] undo --- _includes/references.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/_includes/references.md b/_includes/references.md index 3e08f39..3402cea 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -273,13 +273,13 @@ [^142]: J.F. Miller, "Supply Chain Attack Framework and Attack Patterns", tech. report, MITRE, Dec. 2013; www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf -[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365. +[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] -[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://media.blackhat.com/bh-dc-11/Stavrou-Wang/BlackHat_DC_2011_Stavrou_Zhaohui_USB_exploits-Slides.pdf [accessed 8/25/2016] +[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] [^145]: M. Brignall, "Sim-Swap Fraud Claims Another Mobile Banking Victim", The Guardian, 16 Apr. 2016; www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters [accessed 8/25/2016] -[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; http://get.skycure.com/hubfs/Reports/BYOD_and_Mobile_Security_Report_2016.pdf [accessed 8/25/2016] +[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; https://docs.broadcom.com/doc/byod-and-mobile-security-en [accessed 7/28/22] [^147]: V. Blue, "Researchers Show How to Hack an iPhone in 60 Seconds", ZDNet, 31 July 2013; www.zdnet.com/article/researchers-reveal-how-to-hack-an-iphone-in-60-seconds/ [accessed 8/25/2016] @@ -367,7 +367,7 @@ [^192]: C. Xiao, "BackStab: Mobile Backup Data Under Attack from Malware", paloalto, 7 Dec. 2015; http://researchcenter.paloaltonetworks.com/2015/12/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 8/29/2016] -[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://www.paloaltonetworks.com/resources/research/unit42-backstab-mobile-backup-data-under-attack-from-malware.html [accessed 8/29/2016] +[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://unit42.paloaltonetworks.com/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 7/28/2022] [^194]: Elcomsoft Phone Breaker; https://www.elcomsoft.com/eppb.html [accessed 8/29/2016] @@ -469,7 +469,7 @@ [^243]: S. Skorobogatov, "The bumpy road towards iPhone 5c NAND mirroring," University of Cambridge Computer Laboratory, Cambridge, MA, 2016 -[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; http://simalliance.org/wp-content/uploads/2015/03/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 10/24/2016] +[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; https://www.fintechfutures.com/files/2014/04/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 7/27/2022] [^251]: Host Card Emulation (HCE) 101, white paper MNFCC-14002, Smart Card Alliance Mobile & NFC Council, 2014; http://www.smartcardalliance.org/downloads/HCE-101-WP-FINAL-081114-clean.pdf [accessed 10/24/2016] @@ -483,7 +483,7 @@ [^247]: D. Pauli, "Every LTE call, text, can be intercepted, blacked out, hacker finds", The Register, 23 Oct 2016; http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/ [accessed 10/26/2016] -[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://staff.science.uva.nl/j.j.vanderham/cases/wifi-sd-cards.pdf [accessed 10/24/2016] +[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://cupdf.com/document/exploiting-vulnerabilities-of-wi-fi-sd-cards-os3nl-vulnerabilities-of-wi-fi-sd.html?page=1 [accessed 7/28/2022] [^Bunnie-1]: bunnie:studios, "On Hacking MicroSD Cards", blog, Dec. 2013; https://www.bunniestudios.com/blog/?p=3554 [accessed 10/24/2016] From f6a6272c92b1f167098dc9efa6320a77c676b8d1 Mon Sep 17 00:00:00 2001 From: samz-cs Date: Mon, 1 Aug 2022 08:53:05 -0400 Subject: [PATCH 12/15] revert to og nist-pages --- _includes/references.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/_includes/references.md b/_includes/references.md index 3402cea..1fbafac 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -129,9 +129,9 @@ [^69]: "[Vulnerability Identifier]: LOOK-11-001, blog, 1 Feb. 2011; https://blog.lookout.com/look-11-001/ [accessed 8/25/2016]" -[^70]: A. Donenfeld, Stumping the Mobile Chipset, presented at DEFCON 24, 7 Aug. 2016; https://kipdf.com/stumping-the-mobile-chipset_5afc4b768ead0ed8128b4574.html [accessed 7/26/2022] +[^70]: A. Donenfeld, Stumping the Mobile Chipset, presented at DEFCON 24, 7 Aug. 2016; https://media.defcon.org/DEF CON 24/DEF CON 24 presentations/DEFCON-24-Adam-Donenfeld-Stumping-The-Mobile-Chipset.pdf [accessed 8/25/2016] -[^71]: A. Brandt, Towelroot and Leaked Hacking Team Exploits Used to Deliver “Dogspectus” Ransomware to Android Devices, blog, 26 Apr. 2016; https://www.outlookseries.com/A0977/Security/3695_Towelroot_Leaked_Hacking_Team_Exploits_Dogspectus_Ransomware_Android_Devices.htm [accessed 7/26/2022] +[^71]: A. Brandt, "Android Towelroot Exploit Used to Deliver Dogspectus Ransomware", blog, 25 Apr. 2016; www.bluecoat.com/security-blog/2016-04-25/android-exploit-delivers-dogspectus-ransomware [accessed 8/25/2016] [^72]: JailbreakMe; https://jailbreakme.qoid.us [accessed 8/25/2016] @@ -273,13 +273,13 @@ [^142]: J.F. Miller, "Supply Chain Attack Framework and Attack Patterns", tech. report, MITRE, Dec. 2013; www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf -[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] +[^143]: Z. Wang and A. Stavrou, "Exploiting Smart-Phone USB Connectivity for Fun and Profit", in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365. -[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.226.3427&rep=rep1&type=pdf [accessed 7/28/2022] +[^144]: A. Stavrou, Z. Wang, Exploiting Smart-Phone USB Connectivity For Fun And Profit, presented at Blackhat, 4 Aug. 2011; https://media.blackhat.com/bh-dc-11/Stavrou-Wang/BlackHat_DC_2011_Stavrou_Zhaohui_USB_exploits-Slides.pdf [accessed 8/25/2016] [^145]: M. Brignall, "Sim-Swap Fraud Claims Another Mobile Banking Victim", The Guardian, 16 Apr. 2016; www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters [accessed 8/25/2016] -[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; https://docs.broadcom.com/doc/byod-and-mobile-security-en [accessed 7/28/22] +[^146]: BYOD & Mobile Security, Information Security Community on LinkedIn, Apr. 2016; http://get.skycure.com/hubfs/Reports/BYOD_and_Mobile_Security_Report_2016.pdf [accessed 8/25/2016] [^147]: V. Blue, "Researchers Show How to Hack an iPhone in 60 Seconds", ZDNet, 31 July 2013; www.zdnet.com/article/researchers-reveal-how-to-hack-an-iphone-in-60-seconds/ [accessed 8/25/2016] @@ -367,7 +367,7 @@ [^192]: C. Xiao, "BackStab: Mobile Backup Data Under Attack from Malware", paloalto, 7 Dec. 2015; http://researchcenter.paloaltonetworks.com/2015/12/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 8/29/2016] -[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://unit42.paloaltonetworks.com/backstab-mobile-backup-data-under-attack-from-malware/ [accessed 7/28/2022] +[^193]: BackStab: Mobile Backup Data Under Attack From Malware, 7 Dec. 2015; https://www.paloaltonetworks.com/resources/research/unit42-backstab-mobile-backup-data-under-attack-from-malware.html [accessed 8/29/2016] [^194]: Elcomsoft Phone Breaker; https://www.elcomsoft.com/eppb.html [accessed 8/29/2016] @@ -469,7 +469,7 @@ [^243]: S. Skorobogatov, "The bumpy road towards iPhone 5c NAND mirroring," University of Cambridge Computer Laboratory, Cambridge, MA, 2016 -[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; https://www.fintechfutures.com/files/2014/04/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 7/27/2022] +[^250]: Secure Element Deployment & Host Card Emulation v1.0, white paper, SIMalliance, 2014; http://simalliance.org/wp-content/uploads/2015/03/Secure-Element-Deployment-Host-Card-Emulation-v1.0.pdf [accessed 10/24/2016] [^251]: Host Card Emulation (HCE) 101, white paper MNFCC-14002, Smart Card Alliance Mobile & NFC Council, 2014; http://www.smartcardalliance.org/downloads/HCE-101-WP-FINAL-081114-clean.pdf [accessed 10/24/2016] @@ -483,7 +483,7 @@ [^247]: D. Pauli, "Every LTE call, text, can be intercepted, blacked out, hacker finds", The Register, 23 Oct 2016; http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/ [accessed 10/26/2016] -[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://cupdf.com/document/exploiting-vulnerabilities-of-wi-fi-sd-cards-os3nl-vulnerabilities-of-wi-fi-sd.html?page=1 [accessed 7/28/2022] +[^S-Konstantaras-1]: S. Konstantaras and C. Dillon, _Exploiting Vulnerabilities of Wi-Fi SD cards_, project report, Universiteit van Amsterdam, 1 June 2014; https://staff.science.uva.nl/j.j.vanderham/cases/wifi-sd-cards.pdf [accessed 10/24/2016] [^Bunnie-1]: bunnie:studios, "On Hacking MicroSD Cards", blog, Dec. 2013; https://www.bunniestudios.com/blog/?p=3554 [accessed 10/24/2016] From 2445b5ebd52774951a522311444de84c04c7e3cd Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Mon, 1 Aug 2022 10:28:35 -0400 Subject: [PATCH 13/15] added content for new threat --- _application-threats/APP-44.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 _application-threats/APP-44.md diff --git a/_application-threats/APP-44.md b/_application-threats/APP-44.md new file mode 100644 index 0000000..cbd4103 --- /dev/null +++ b/_application-threats/APP-44.md @@ -0,0 +1,22 @@ +--- +layout: threat +ThreatCategory: Malicious or privacy-invasive application +ID: APP-44 +Threat: Hiding Application Icon +ThreatDescription: Malware may hide its icon after installation, making detection by the user more difficult. +ThreatOrigin: Self-Hiding Behavior in Android Apps: Detection and Characterization [^310] +ExploitExample: + - Android Trojan steals money from PayPal accounts even with 2FA on [^311] + - Is Mobile Malware Playing Hide and Steal on Your Device? [^312] +CVEExample: + - Not Applicable +PossibleCountermeasures: + Enterprise: + - Deploy MAM or MDM solutions with policies that prohibit the sideloading of apps, which may bypass security checks on the app. + - Deploy MAM or MDM solutions with policies that prohibit the installation of apps from 3rd party (unofficial) app stores. + - Perform application vetting to identify inappropriate behaviors by apps including permission requests made by the apps + Mobile Device User: + - Consider the use of devices that support Android 10.0 and later, in which getActivityList() was modified to limit the ability for apps to hide their launcher icons. +title: APP-44 +rawID: 44 +--- From 699a300b255c2cea6a29dfd422bc42f36ad3b12d Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Mon, 1 Aug 2022 10:31:48 -0400 Subject: [PATCH 14/15] added references for hiding app threat --- _includes/references.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/_includes/references.md b/_includes/references.md index 1fbafac..991c8fb 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -558,3 +558,12 @@ [^307]: Security Research Labs, _New SIM attacks de-mystified, protection tools now available_, blog; https://srlabs.de/bites/sim_attacks_demystified/ [accessed 12/03/2019] [^308]: Wikipedia, _Side-channel attack_; https://en.wikipedia.org/wiki/Side-channel_attack [accessed 12/09/2019] + + + + +[^310] Z.Shan et al., _Self-Hiding Behavior in Android Apps: Detection and Characterization_; presented at International Conference on Software Engineering, 2018, https://ieeexplore.ieee.org/document/8453145 [accessed 8/1/2022] + +[^311] L. Stefanko, _Android Trojan steals money from PayPal accounts even with 2FA on_; welivesecurity, blog, 11 Dec 2018, https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/ [accessed 8/1/2022] + +[^312] McAfee, _Is Mobile Malware Playing Hide and Steal on Your Device?_; McAfee, blog, https://www.mcafee.com/blogs/mobile-security/mobile-threat-report-q1-2020/ [accessed 8/1/2022] From 4219437049f267ff34de428cf931916bb67be0b4 Mon Sep 17 00:00:00 2001 From: samz-cs <68604439+samz-cs@users.noreply.github.com> Date: Thu, 4 Aug 2022 10:26:18 -0400 Subject: [PATCH 15/15] added spaces --- _includes/references.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/_includes/references.md b/_includes/references.md index 991c8fb..9ecd871 100644 --- a/_includes/references.md +++ b/_includes/references.md @@ -562,8 +562,9 @@ -[^310] Z.Shan et al., _Self-Hiding Behavior in Android Apps: Detection and Characterization_; presented at International Conference on Software Engineering, 2018, https://ieeexplore.ieee.org/document/8453145 [accessed 8/1/2022] -[^311] L. Stefanko, _Android Trojan steals money from PayPal accounts even with 2FA on_; welivesecurity, blog, 11 Dec 2018, https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/ [accessed 8/1/2022] +[^311] Z.Shan et al., _Self-Hiding Behavior in Android Apps: Detection and Characterization_; presented at International Conference on Software Engineering, 2018, https://ieeexplore.ieee.org/document/8453145 [accessed 8/1/2022] -[^312] McAfee, _Is Mobile Malware Playing Hide and Steal on Your Device?_; McAfee, blog, https://www.mcafee.com/blogs/mobile-security/mobile-threat-report-q1-2020/ [accessed 8/1/2022] +[^312] L. Stefanko, _Android Trojan steals money from PayPal accounts even with 2FA on_; welivesecurity, blog, 11 Dec 2018, https://www.welivesecurity.com/2018/12/11/android-trojan-steals-money-paypal-accounts-2fa/ [accessed 8/1/2022] + +[^313] McAfee, _Is Mobile Malware Playing Hide and Steal on Your Device?_; McAfee, blog, https://www.mcafee.com/blogs/mobile-security/mobile-threat-report-q1-2020/ [accessed 8/1/2022]