...stuff I do and things I like...

Wednesday, June 08 2011

Mobile Security News Update June 2011

There seems to be a massive rise in Android malware. Mostly modified versions of legit applications. Again one piece of malware [1] contains a root exploit - the one already used by DroidDream. Many of the new trojans will try sending SMS messages to premium numbers. Other SMS trojans are just funny [2] as they send jokes to every entry in the phonebook.

Conferences:
    BlackHat USA: Ravishankar Borgaonkar + Kevin Redon + Nico Golde: Femtocells: A poisonous needle in the operator's hay stack. Dino Dai Zovi: Apple iOS Security Evaluation: Vulnerability Analysis and Data Encryption. Stefan Esser: Exploiting the iOS Kernel. Anthony Lineberry: Don't Hate the Player, Hate the Game: Inside the Android Security Patch Lifecycle. Tyler Shields: Owning Your Phone at Every Layer - A Mobile Security Panel.

    Don Bailey will do something on mobile infrastructure security.

    Brucon: iOS Data Protection Internals by Andrey Belenko. Smart Phones - The Weak Link in the Security Chain, Hacking a network through an Android device by Nick Walker.

    NinjaCon / BSides vienna: Hacking NFC and NDEF, why I go and look at it again (by myself). A Midsummer Droid's Dream (grab a drink, come around, let's reverse some malware) by Manuel Acanthephyra.

    ToorCon Seattle: Scott Dunlop, Reverse Engineering Using the Android Emulator. Joshua Brashars, Owning the phone system (and why it still matters).

    Defcon: This is REALLY not the droid you're looking for... Nicholas J. Percoco + Sean Schulte.


Every since Google announced Google wallet I'm getting hammered with requests regarding NFC security. Funny part about that I just was getting back working on NFC security because of the Nexus S. First bug reports already filed ;-). Due to the new rising interest in NFC and NFC security I'll decided to give a NFC security talk at NinjaCon / BSides Vienna on June 18th.