Security News

Microsoft has suspended free trials of their newly launched Windows 365 Cloud PC service after running out of available servers. Windows 11's October 2021 release date hinted in support docs.

Microsoft has suspended free trials of their newly launched Windows 365 Cloud PC service after running out of available servers. Windows 11's October 2021 release date hinted in support docs.

Microsoft's security services grew by $10 billion in 2020, as more companies began utilizing their cloud-based security services. Microsoft released the second quarter of the fiscal year 2021 earnings this week and beat consensus estimates by 7.36%. While most of this growth is attributed to Azure and Xbox, Microsoft's new blog post shows that security services are becoming a larger part of their revenue stream.

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users's surroundings. The vulnerabilities - in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha - could be triggered by simply placing a call to the target's device - no other action was needed.

Although a majority of the messaging apps today rely on WebRTC for communication, the connections themselves are created by exchanging call set-up information using Session Description Protocol between peers in what's called signaling, which typically works by sending an SDP offer from the caller's end, to which the callee responds with an SDP answer. Not only did the flaws in the apps allow calls to be connected without interaction from the callee, but they also potentially permitted the caller to force a callee device to transmit audio or video data.

Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users' surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now all fixed.

Signal is experiencing a partial outage as tens of millions of netizens flood the free secure messaging service. Those technical difficulties come as at least 30 million people joined the non-profit end-to-end encrypted communications platform in a matter of days this week.

Signal users are currently experiencing issues around the world, with users unable to send and receive messages. When attempting to send messages via Signal, users are seeing loading screen and error message "502".

Signal's encrypted messaging service has recovered from delays affecting its new user verification process after a mass exodus of WhatsApp users to their platform. When setting up Signal for the first time, users must verify their mobile number using verification codes sent by the encrypted messaging provider.

Cellebrite's details will make it easier for the Signal developers to patch the vulnerability. So either Cellebrite believes it is so good that it can break whatever Signal does, or the original blog post was a mistake.