Category: Whatsapp

This is yet another story of commercial spyware being used against journalists and civil society members.

The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the 90 users in question had been targeted and “possibly compromised.”

It is not clear who was behind the attack. Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks.

Experts said the targeting was a “zero-click” attack, which means targets would not have had to click on any malicious links to be infected.

Helldown Ransomware Targets Linux and VMware Server Environments

A new variant of ransomware called Helldown, which emerged earlier this year, is now causing alarm as it begins targeting Linux and VMware server environments. This shift has raised concerns among cybersecurity experts, as many critical IT systems operate on Linux-based servers, which can support millions of virtual machines (VMs). This provides cybercriminals with the opportunity to disable active VMs before encryption occurs.

In March 2024, experts from Halcyon Cyber Resilience, an AI-based security platform, identified Helldown. It appears to be a derivative of the Lockbit 3.0 ransomware family and shares code with Darkrace and Donex. This malware is capable of disrupting Virtual Machines within controlled environments, often avoiding detection by automated security systems.

Security firm Cyfirma reports that the group responsible for spreading this file-encrypting malware has successfully attacked at least 41 victims in the United States and Europe. The attackers are now focusing on expanding their reach to businesses in the UK, Australia, and the Middle East.

Ransomware operators have increasingly used extreme tactics, such as deleting all encrypted data if the victim fails to pay the ransom within the stipulated time. This underscores the importance of taking proactive security measures and staying vigilant to prevent potential attacks that could devastate businesses in the future.

India Imposes Five-Year Ban on WhatsApp Data Sharing

India’s Competent Authority has announced a regulatory order banning WhatsApp from sharing user data with its other services for the next five years. This ban stems from Meta’s January 2021 data-sharing policy, which provided users with little or no choice to opt-out of the practice. Under the new order, WhatsApp is prohibited from sharing user data across its platform and other Meta-owned services.

In addition to the ban, India has imposed a substantial $850 million fine on WhatsApp for failing to adequately inform users that their data would be shared with Facebook’s online marketplace, which is integrated into the Facebook platform in a classified format.

This move follows a similar action taken by the Irish Data Protection Commission, which imposed a €225 million penalty on WhatsApp in 2021 for its integration with Facebook Marketplace. While India’s action is somewhat delayed, it signals a growing effort to enforce stricter data protection policies, with the potential for further appeals.

The post Cybersecurity news headlines trending on Google appeared first on Cybersecurity Insiders.

In recent times, WhatsApp users have typically followed a straightforward process when it comes to managing their contacts: they would save a contact to their mobile device and then access it through the messaging platform whenever necessary. While WhatsApp has included a contact-sharing feature that allows users to save contacts directly via QR codes, this capability has been somewhat limited, available only in select regions.

However, the Meta-owned company is making significant strides to enhance the user experience by introducing a noteworthy update to this feature. With this new development, users logging into WhatsApp’s web service can now seamlessly share and manage their contacts across multiple devices. This enhancement is particularly beneficial for users who prefer the efficiency of using a keyboard on the Web and Windows versions of WhatsApp.

In addition to this, WhatsApp is also introducing a feature that allows users to save contacts exclusively within the WhatsApp platform, which is especially useful for those who frequently use shared devices. This could be relevant in scenarios such as siblings sharing a family device, where concerns about privacy and data security often arise. With this update, users can rest assured that their contacts and messages will remain accessible only to them, secured through encryption. However, it’s worth noting that users will still face limitations regarding the de-duplication of contacts when using multiple SIM cards on a single device.

Looking ahead to November, WhatsApp plans to implement Identity Proof Linked Storage (IPLS). This new feature will enable users to store their contacts securely and restore them on their devices with confidence. In collaboration with Cloudflare, WhatsApp is focusing on validating the cryptographic properties of this system to ensure a robust and secure contact restoration process.

Furthermore, the much-anticipated MetaAI feature, which was initially exclusive to Galaxy and Moto devices, will now be accessible to users across a wider range of manufacturers. This expansion is made possible by the readiness of the Llama engine, which is designed to serve WhatsApp users globally, thereby enhancing the overall functionality and versatility of the messaging platform.

The post WhatsApp offers new contact management for data security appeared first on Cybersecurity Insiders.

These days, online users are increasingly seeking messaging applications that provide end-to-end encryption, allowing them to communicate without the prying eyes of governments and other interested parties. This feature has become a significant selling point for major companies like WhatsApp, Signal, and Telegram.

WhatsApp, owned by Meta (formerly Facebook), proudly offers end-to-end encryption by default for all conversations. However, the same cannot be said for Telegram. A closer look reveals some important distinctions.

Focusing on Telegram, it’s essential to note that many users engaged in questionable activities tend to favor this platform. However, by default, Telegram does not provide encrypted conversations for all chats—it employs a workaround.

Regular chats on Telegram lack encryption; only those initiated with the “Secret Chat” feature are encrypted. Unfortunately, this option is not prominently displayed, making it less accessible. Users who believe all their conversations are private or secure may be under a false impression, so it’s crucial to review the service’s settings to ensure adequate protection.

Without proper encryption, law enforcement can easily monitor conversations, potentially leading to legal consequences for activities like trafficking, child exploitation, and malware distribution. It’s important to note that non-encrypted chats are stored on Telegram’s servers and can be accessed as soon as users sign in. In contrast, messages designated as “Secret Chats” are stored only on the user’s device, a claim made by the company on its website.

The post Is Telegram safer than WhatsApp when it comes to Data Security appeared first on Cybersecurity Insiders.

Google to Revise One-Time Password (OTP) Process

Google is set to introduce new rules for handling One-Time Passwords (OTPs) on Android devices. Starting soon, OTPs will be processed by Google’s spam filters with a delay of 20 seconds before reaching users. This move aims to enhance security by reducing the risk of OTP interception by fraudsters. Additionally, Google plans to remove fake or low-quality mobile applications from its Play Store to combat malware. These changes will initially affect users in India, Australia, Canada, parts of the United States, and Britain, with a broader rollout expected in the future.

WhatsApp to Introduce Usernames and PINs

WhatsApp, a subsidiary of Meta Inc., is preparing to replace mobile phone numbers with usernames and PINs for account access. This update, currently in beta testing in Singapore, Australia, and Canada, will soon be available globally. Initially, the feature will be rolled out to Apple iOS users, with plans to extend to other platforms later.

FBI and CISA Issue Joint Alert on RansomHUB

The FBI and CISA have issued a joint alert concerning RansomHUB, a ransomware group that has targeted approximately 200 companies in the past six months. Known also as Cyclops or Knight, the group is expanding its operations by incorporating members from other ransomware organizations such as BlackCat and Lockbit. Businesses are urged to strengthen their cybersecurity measures to protect against these evolving threats.

Radware Predicts Surge in DDoS Attacks

Radware has forecasted a dramatic increase in DDoS attacks, predicting 1,000 to 2,000 attacks per month for the remainder of 2024. This surge is expected to create public fear and political instability, potentially influencing the upcoming U.S. elections on November 5th, 2024. The rise in AI-driven cyber-attacks is anticipated to have significant political and social ramifications.

Rhysida Ransomware Data Still Usable, Claims Security Expert

In July 2024, the Rhysida Ransomware group announced it had stolen data from Ohio’s Franklin County following an attack on the City of Columbus. Despite claims by Columbus Mayor Andrew Ginther that the data was unusable, security researcher David Leroy Ross has argued that it contains sensitive information, such as names of domestic violence victims and police officers’ SSNs. The data was reportedly sold for $1.7 million on the dark web. The dispute is now under legal scrutiny, with Ross presenting evidence to media outlets to support his claims.

The post Trending Cybersecurity News Headlines on Google appeared first on Cybersecurity Insiders.

In recent years, when a distributed denial of service (DDoS) attack targeted a business or federal entity in Western countries, Russia, China, and North Korea were often the prime suspects. However, the situation has recently shifted. Today, around 2 PM Moscow time (approximately 10:50 GMT), both WhatsApp and Telegram experienced significant outages in Russia due to a DDoS attack.

Roskomnadzor, Russia’s media regulatory authority, confirmed the incident and reported that the disruption was resolved within an hour, preventing a major outage.

For context, WhatsApp is owned by Meta (formerly Facebook) and is based in the United States, while Telegram is a Russian company with alleged ties to the Kremlin.

Over the past 10 months, Russia has ramped up its internet surveillance and imposed strict censorship on media and online content.

In recent months, the Russian government has begun blocking online services that either extensively cover the conflict with Ukraine or support Ukraine’s President Volodymyr Zelensky. This crackdown has included blocking access to Meta, which owns WhatsApp, and Instagram.

This may have prompted pro-Western hackers to target Telegram, which has become a popular platform for various groups, mostly including criminal elements.

But it’s still unclear why the downtime triggering attack was launched on the American entity owned by Mark Zuckerberg….?

As why will the Pro-west hackers launch an attack on their own country owned service.

Vox Pop on this incident is invited!

The other fact that needs clarification is how the country detected the attack, specifically on certain services and thwarted it within no time?

Or was this attack and downtime, just meant to garner media attention?

The post Telegram and WhatsApp suffer downtime in Russia due to DDoS appeared first on Cybersecurity Insiders.

Take That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.