Security News

Despite its focus on users' privacy, WhatsApp is now giving its users a harsh ultimatum, with only three options available: to accept sharing their data with Facebook, to stop using the app altogether, or to delete their accounts. With the new changes to the policy, users will now be forced to accept sharing their data with Facebook to continue using their account or, as an alternative, delete their accounts as WhatsApp says.

Facebook subsidiary WhatsApp has received new high-caliber support in its case against Israeli intelligence company NSO Group. The court case aims to hold NSO Group accountable for distributing its Pegasus spyware on the popular WhatsApp messaging service with the intent of planting its spyware on phones of journalists and human rights workers.

Microsoft, Cisco, GitHub, Google, LinkedIn, VMware and the Internet Association have filed an amicus brief in support of WhatsApp in the legal case against the NSO Group. Facebook-owned messaging service WhatsApp filed the lawsuit in October 2019 in California, accusing Israeli technology firm NSO Group of spying on journalists, human rights activists and others.

The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more. In tandem with the sanctions, the FBI released a public threat analysis report that investigated several tools used by Rana Corp. Researchers recently conducted further analysis of one of these malware samples and found that its latest variant showcases several new commands that point to the threat actors sharpening their surveillance capabilities.

Israeli spyware maker NSO Group has taken a leaf out of Hollywood in an attempt to avoid any legal repercussions from making and selling tools that hack WhatsApp users' phones. When NSO failed to turn up in court in the US state, Facebook claimed victory; and NSO accused it of lying and having failed to serve the legal documents.

Konstantin Vishnyak, 42, was cleared by Southwark Crown Court in London, England, of destroying documents relevant to a now-discontinued investigation into insider trading. It was reported that Vishnyak, formerly of VTB Capital, deleted the app and messages from his iPhone - one of two handsets he gave to police - not out of fear of an investigation into insider trading, but rather in an effort to conceal his friendship with Andrei Lugovoi, the Russian politician wanted in connection with the polonium poisoning of Alexander Litvinenko in 2006.

Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media apps WhatsApp and Telegram. APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones.

Facebook-owned WhatsApp has fixed six previously undisclosed vulnerabilities in its chat platform, revealing the move on a new dedicated security advisory site aimed at informing its more than 2 million users about bugs and keeping them updated on app security. The site is part of an effort by WhatsApp to be more transparent about platform vulnerabilities to not just users, but also the security community, and patch them in a timely manner.

The Iran-affiliated APT known as Charming Kitten is back with a new approach, impersonating Persian-speaking journalists via WhatsApp and LinkedIn, in order to con victims into opening malicious links. To lend verisimilitude to their impersonations, the cybercriminals also set up fake LinkedIn profiles corresponding to the journalists' names, and have been sending out LinkedIn messages to corner victims as well.

The hackers used a personalized URL, tailored to the victim's email address, to trick them into accessing the malicious link, and also attempted to send a malicious ZIP file to the victim. "Clearsky alerted 'Deutsche Welle' about the impersonation and the watering hole in their website. A 'Deutsche Welle' representative confirmed that the reporter which Charming Kitten impersonated, did not send any emails to the victim nor any other academic researcher in Israel in the past few weeks," the security firm says.