Security News
An analysis of the manner in which popular chat applications handle link previews has revealed several privacy and security issues, including some that still need addressing, security researchers warn. Link previews provide users with information on what a link received in chat would lead them to, regardless of whether it is a file or a web page.
A voice-activated TV remote can be turned into a covert home surveillance device, according to researchers from infosec firm Guardicore who probed the device to show that a man-in-the-middle attack could compromise it. Guardicore discovered an attack vector on US telco giant Comcast's Xfinity XR11 voice remote - of which around 18 million units have been sold - that allowed malicious people to turn it into an eavesdropping device.
In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders. Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized Android-based handset with GPS, camera, and microphone functionality removed for anonymity and security.
Zoom today said it will make end-to-end encryption available to all of its users, regardless of whether they pay for it or not. We note that Google Meet and other rival services do not offer E2EE. "Today, Zoom released an updated E2EE design on GitHub," Zoom CEO Eric Yuan said.
Cybersecurity researchers from Cisco Talos unveiled today that it discovered two critical vulnerabilities in the Zoom software that could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely. According to the researchers, successful exploitation of both flaws requires no or very little interaction from targeted chat participants and can be executed just by sending specially crafted messages through the chat feature to an individual or a group.
Cybersecurity researchers from Cisco Talos unveiled today that it discovered two critical vulnerabilities in the Zoom software that could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely. According to the researchers, successful exploitation of both flaws requires no or very little interaction from targeted chat participants and can be executed just by sending specially crafted messages through the chat feature to an individual or a group.
Adult live-streaming site CAM4 has spilt millions of users' private chats, emails, names, email addresses, sexual preferences, password hashes, IP addresses and more. A streaming site for amateurs to watch live, explicit performances, it offers customers the ability to buy virtual tokens if they want to tip performers or watch private shows.
Version 5.0 gains the ability to display conversation histories and secret chats in Telegram, one of the world's most popular instant messaging apps. Elcomsoft Phone Viewer 5.0 gains the ability to display Telegram conversations by analyzing the iPhone file system image.
Zoom's security catch-up sprint has seen it announce its users will soon be able to choose where their traffic goes. The new feature will help users in places like Taiwan, where the government banned Zoom after learning traffic could go through its frenemies in Beijing.
Facebook on Tuesday released a new couples-only messaging app that gives you a place to get "As mushy, quirky, and silly" with your bae as you do in front of each other even when you're apart, keeping it to yourselves and thus avoiding setting off nausea in others. You can use the app - which Facebook has dubbed "Tuned" - to chat and to share your mood, photos, music, love notes and more, or to create a shared, daily "Diary of special moments."