Security News

Law Enforcement Access to Chat Data and Metadata
2021-12-10 12:37

A January 2021 FBI document outlines what types of data and metadata can be lawfully obtained by the FBI from messaging apps. Rolling Stone broke the story and it’s been written about elsewhere. I...

Oz Feds reveal distribution model behind backdoored 'An0m' chat app spread by crims
2021-12-09 03:43

Australia's Federal Police force has revealed more about how it distributed a backdoored chat app to criminals. The app, named An0m, was revealed in June 2021 when Australia's Feds, the FBI and European authorities revealed they'd combined to convince crims the software allowed secure communications.

WhatsApp adds default disappearing messages for new chats
2021-12-06 16:17

WhatsApp announced today that it had expanded the privacy control features with the addition of default disappearing messages for all newly initiated chats. Today, with the launch of default disappearing messages, the company also added two new durations that allow setting up messages to disappear after 24 hours or 90 days.

Fake end-to-end encrypted chat app distributes Android spyware
2021-11-13 16:12

The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. In 2020, the malware was targeting people via an Android app named 'Travel Mate Pro,' but since the pandemic has slowed down traveling, the actors moved to a new guise.

UK data watchdog calls for end-to-end encryption across video chat apps by default
2021-10-29 14:28

Britain's new Information Commissioner has called for video conferencing companies to enable end-to-end encryption on their products - even as police managers and politicians condemn the technology and demand its removal. This week the ICO urged tech companies to make end-to-end encryption "Available to all users" regardless if they're "Enterprise, consumer, paid or free" in a statement jointly backed by seven countries' data protection regulators - even including China.

WhatsApp rolls out iOS, Android end-to-end encrypted chat backups
2021-10-14 20:31

WhatsApp is rolling out end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing your chats, regardless of where they are stored. Currently, WhatsApp allows you to create backups of all your chats and store them on online storage services.

Emails, chat logs, more leaked online from far-right militia linked to US Capitol riot
2021-09-28 06:17

FBI accused of withholding ransomware key as part of REvil probe. The FBI had obtained a key to undo a flood of ransomware infections but sat on it for a while in an attempt to strike at the malware operators, it's claimed.

Cybersecurity posture validation: Fireside chat with Arkadiy Goykhberg, CISO of DMGT
2021-09-28 02:30

Recently I was fortunate enough to facilitate a fireside chat with Arkadiy Goykhberg, CISO of news media and business services giant DMGT. The challenge: Enterprise Drift due to Ongoing Threats. Change in security posture grows daily as threat actors, whether financially motivated or nation-state actors, evolve their tactics, tools and Procedures.

How a glitch in the Matrix led to apps potentially exposing encrypted chats
2021-09-13 20:22

The Matrix.org Foundation, which oversees the Matrix decentralized communication protocol, said on Monday multiple Matrix clients and libraries contain a vulnerability that can potentially be abused to expose encrypted messages. The organization said a blunder in an implementation of the Matrix key sharing scheme - designed to allow a user's newly logged-in device to obtain the keys to decrypt old messages - led to the creation of client code that fails to adequately verify device identity.

WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud
2021-09-12 23:58

WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and iOS users, paving the way for storing information such as chat messages and photos in Apple iCloud or Google Drive in a cryptographically secure manner. "With the introduction of end-to-end encrypted backups, WhatsApp has created an HSM based Backup Key Vault to securely store per-user encryption keys for user backups in tamper-resistant storage, thus ensuring stronger security of users' message history," the company said in a whitepaper.