Black Hat Asia 2015 Briefing update preview three sessions that will delve into security issues surrounding our pocket-sized computers. Mobile banking is only getting bigger, and will eventually eclipse more traditional bank-access methods. Attacking SAP Mobile will take you on an exhaustive tour of how to hack SAP products — XSS, XXE, hardcoded static encryption keys, platform-specific vulnerabilities, privilege escalations — and even access compromised phones. Android 4.1 restricted user applications from accessing certain logs, but Ryan Johnson and Angelos Stavrou found a way to circumvent this limitation on Samsung devices.”]
Source: https://www.darkreading.com/black-hat/black-hat-asia-2015-mobile-insecurity/d/d-id/1318937