Security News

European Police Pounce After Cracking Crime Chat Network
2021-03-10 21:31

Police said Wednesday they had arrested at least 80 people and carried out hundreds of raids in two European countries after shutting down an encrypted phone network used by organised crime groups. Police launched a top-secret operation to crack the SKY ECC network - which operates over a special phone - and "As of mid-February, authorities have been able to monitor the information flow of approximately 70,000 users," the Hague-based law agencies said.

Europol 'unlocks' encrypted Sky ECC chat service to make arrests
2021-03-10 19:03

Image: Sky ECC. European law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels after "Unlocking" Sky ECC chat's encryption. The investigation started after Belgium police seized mobile phones from criminals who used Sky ECC. After "Unlocking" the chat platform's encryption, investigators have been able to monitor communications between roughly 70,000 Sky ECC users.

India's demand to identify people on chat apps will 'break end-to-end encryption', say digital rights warriors
2021-02-26 02:10

After a three-year review process, India has announced strict regulations for instant chat services, social network operators, and video-streaming companies. India's Internet Freedom Foundation has slammed this traceability requirement, claiming it will be impossible to implement strong end-to-end encryption as a result, and thus could harm privacy.

A Sticker Sent On Telegram Could Have Exposed Your Secret Chats
2021-02-16 05:15

Cybersecurity researchers on Monday disclosed details of a now-patched flaw in the Telegram messaging app that could have exposed users' secret messages, photos, and videos to remote malicious actors. Following responsible disclosure, Telegram addressed them in a series of patches on September 30 and October 2, 2020.

Telegram 'Secret Chat' didn't delete self-destructing media files
2021-02-12 19:57

Telegram has fixed a security issue where self-destructing audio and video files were not being deleted from user's macOS devices as expected. Telegram offers a 'Secret Chat' mode that offers increased privacy than the standard chats.

Secret Chat in Telegram Left Self-Destructing Media Files On Devices
2021-02-12 02:18

Popular messaging app Telegram fixed a privacy-defeating bug in its macOS app that made it possible to access self-destructing audio and video messages long after they disappeared from secret chats. Unlike Signal or WhatsApp, conversations on Telegram by default are not end-to-end encrypted, unless users explicitly opt to enable a device-specific feature called "Secret chat," which keeps data encrypted even on Telegram servers.

Bugs in Signal, other video chat apps allowed attackers to listen in on users
2021-01-21 11:28

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users's surroundings. The vulnerabilities - in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha - could be triggered by simply placing a call to the target's device - no other action was needed.

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms
2021-01-20 15:21

Google Project Zero researcher Natalie Silvanovich outlined what she believes is a common theme when it comes to serious vulnerabilities impacting leading chat platforms. The research, published Tuesday, identifies a common denominator within chat platforms, called "Calling state machine", which acts as a type of dial tone for messenger applications.

Bugs in Signal, Facebook, Google chat apps let attackers spy on users
2021-01-19 16:45

Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users' surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.

FBI Warns of Employee Credential Phishing via Phone, Chat
2021-01-18 19:21

The Federal Bureau of Investigation has issued a Private Industry Notification to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms. An observed shift in tactics, the FBI says, is the targeting of all employee credentials, not exclusively of those individuals who might have higher access and privileges based on their corporate position.