#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for Messenger | Breaking Cybersecurity News | The Hacker News

WhatsApp Group Video Call and Instagram Video Chat Are Coming Soon

WhatsApp Group Video Call and Instagram Video Chat Are Coming Soon

May 02, 2018
Facebook announced a whole lot of new features at its 2018 Facebook F8 developers conference, including Dating on Facebook, letting users clear their web browsing history, real-time language translation within Messenger, and many more. Besides announcing exciting features for its social media platform, Facebook CEO Mark Zuckerberg also gave us a quick look at the features Facebook introduced for companies that it owns, like WhatsApp and Instagram. During Facebook's F8 conference on Tuesday, Zuckerberg announced a long-awaited feature for WhatsApp— Group Video Calling . Yes, you heard that right. WhatsApp would soon be adding a group video calling feature to the popular end-to-end messaging app, making it possible for its over billion users to have face-to-face conversations with multiple people at once. Although there are not many details about the WhatsApp group video calling feature at this moment, it is clear that WhatsApp will now allow four people to have one-on-one
Telegram Messenger Adds AI-powered Encrypted Voice Calls

Telegram Messenger Adds AI-powered Encrypted Voice Calls

Mar 31, 2017
Joining the line with rival chat apps WhatsApp, Viber, Facebook Messenger, and Signal, the Telegram instant messaging service has finally rolled out a much-awaited feature for the new beta versions of its Android app: Voice Calling . And what's interesting? Your calls will be secured by Emojis, and quality will be better using Artificial Intelligence. No doubt the company brought the audio calling feature quite late, but it's likely because of its focus on security — the voice calls on Telegram are by default based on the same end-to-end encryption methods as its Secret Chat mode to help users make secure calls. Unlike Signal or WhatsApp, Telegram does not support end-to-end encryption by default; instead, it offers a 'Secret Chat' mode, which users have to enable manually, to completely secure their chats from prying eyes. However, the voice calling feature in Telegram supports end-to-end encryption by default, enabling users to secure their chats in a way
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

Aug 16, 2022
Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users. "For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal," the company  said . "All users can rest assured that their message history, contact lists, profile information, whom they'd blocked, and other personal data remain private and secure and were not affected." Signal, which uses Twilio to send SMS verification codes to users registering with the app, said it's in the process of alerting the affected users directly and prompting them to re-register the service on their devices. The development comes less than a week after Twilio  revealed  that data associated with about 125 customer accounts were accessed by malicious actors through a phishing attack that duped the comp
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Android malware 'Priyanka' spreading rapidly through WhatsApp messenger

Android malware 'Priyanka' spreading rapidly through WhatsApp messenger

Jul 11, 2013
An Android malware is spreading around WhatsApp messenger called ' Priyanka '. It changes all your groups names to Priyanka, and may also change your contact names to Priyanka. Apparently, the malware doesn't actually harm Android devices, but it is very annoying and it spreads manually, relying on victims to accept and install a contact file from a friend, named " Priyanka, ". Just in this week this virus started infecting WhatsApp users. If you receive a contact file from a friend, named 'Priyanka' and install it, your WhatsApp will be infected. If you receive the contact file but don't accept it, nothing will happen. Follow below steps to remove the virus, if your are infected: Go to your contacts, search for Priyanka and DELETE it Go to Settings on your phone Select Apps or App manager and then select Whatsapp from the list Tap on Force stop and then on Clear data Once done. Open Whatsapp on your phone and it'll show up as you've j
Russia asks Apple to remove Telegram Messenger from the App Store

Russia asks Apple to remove Telegram Messenger from the App Store

May 30, 2018
Russia's communications regulator Roskomnadzor has threatened Apple to face the consequences if the company does not remove secure messaging app Telegram from its App Store. Back in April, the Russian government banned Telegram in the country for the company's refusal to hand over private encryption keys to Russian state security services to access messages sent using the secure service. However, so far, the Telegram app is still available in the Russian version of Apple's App Store. So in an effort to entirely ban Telegram, state watchdog Roskomnadzor reportedly sent a legally binding letter to Apple asking it to remove the app from its Russian App Store and block it from sending push notifications to local users who have already downloaded the app. Roskomnadzor's director Alexander Zharov said he is giving the company one month to remove the Telegram app from its App Store before the regulator enforces punishment for violations. For those unfamiliar with
WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages

WARNING: Unpatched Bug in GO SMS Pro App Exposes Millions of Media Messages

Nov 19, 2020
GO SMS Pro, a popular messaging app for Android with over 100 million installs, has been found to have an unpatched security flaw that publicly exposes media transferred between users, including private voice messages, photos, and videos. "This means any sensitive media shared between users of this messenger app is at risk of being compromised by an unauthenticated attacker or curious user," Trustwave Senior Security Consultant Richard Tan said in a report shared with The Hacker News. According to Trustwave SpiderLabs, the shortcoming was spotted in version 7.91 of the app, which was released on the Google Play Store on February 18, 2020. The cybersecurity firm said it attempted to contact the app makers multiple times since August 18, 2020, without receiving a response. But checking the app's changelog, GO SMS Pro received an update (v7.92) on September 29, followed by another subsequent update, which was published yesterday. The latest updates to the app, however
WhatsApp is Now Free For Lifetime

WhatsApp is Now Free For Lifetime

Jan 18, 2016
Good News for WhatsApp users! The widely popular messaging service is going completely free. And you'll be able to use WhatsApp without paying a penny. Old WhatsApp users might not be aware of this, but WhatsApp introduced the subscription fees for its service a few years ago, forcing new users to pay an annual 99 cents (~$1) subscription fee after the first year. However, WhatsApp announced Monday that the Facebook-owned company is dropping its annual subscription fee to make its service free to all users. While announcing the plan today, WhatsApp's founder Jan Koum stated that the annual subscription fee was still a barrier to some users. "As we have grown, we have found that this approach has not worked well," WhatsApp admitted in a company blog post today. "Many WhatsApp users do not have a debit or credit card number, and they worried they'd lose access to their friends and family after their first year." What will be What
 Microsoft Cortana Can Now Read Your Skype Messages to Make Chat Smarter

Microsoft Cortana Can Now Read Your Skype Messages to Make Chat Smarter

Oct 10, 2017
Microsoft today announced built-in support for Cortana—an artificial intelligence-powered smart assistant—in Skype messenger on Android as well as iOS devices. What purpose does it serve? Microsoft wants its AI-based smart assistance to understand your conversations and help you with quick suggestions, ideas and information right inside your chat window. "Cortana can also help you organize your day—no need to leave your conversations. Cortana can detect when you're talking about scheduling events or things you have to do and will recommend setting up a reminder, which you will receive on all your devices that have Cortana enabled," Skype said in a blog post . In other words, it typically means — Microsoft's Cortana can now read your private Skype conversations. Should You Worry About Your Privacy? Yes, Cortana needs continuous monitoring of your private chats in order to come up with useful suggestions such as movie bookings, travel plans, nearby restaura
Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

Hackers Exploit 'Telegram Messenger' Zero-Day Flaw to Spread Malware

Feb 13, 2018
A zero-day vulnerability has been discovered in the desktop version for end-to-end encrypted Telegram messaging app that was being exploited in the wild in order to spread malware that mines cryptocurrencies such as Monero and ZCash. The Telegram vulnerability was uncovered by security researcher Alexey Firsh from Kaspersky Lab last October and affects only the Windows client of Telegram messaging software. The flaw has actively been exploited in the wild since at least March 2017 by attackers who tricked victims into downloading malicious software onto their PCs that used their CPU power to mine cryptocurrencies or serve as a backdoor for attackers to remotely control the affected machine, according to a blogpost on Securelist. Here's How Telegram Vulnerability Works The vulnerability resides in the way Telegram Windows client handles the RLO (right-to-left override) Unicode character (U+202E), which is used for coding languages that are written from right to left, li
Peerio — End-to-End Encrypted Secure Messenger and File Sharing App

Peerio — End-to-End Encrypted Secure Messenger and File Sharing App

Jan 15, 2015
On one end, where governments of countries like U.K is criticizing end-to-end encryption and considering to ban the encrypted communication apps like Snapchat, CryptoCat, WhatsApp and Apple's iMessage. On the other hand, the Internet community has come up with a new and rather more secure encrypted communication app. Dubbed Peerio , an " encrypted productivity suite " designed to offer much more usable alternative to PGP email and file encryption, so that every individual user and business can encrypt everything from Instant Messages to online file storage. Peerio, released on Wednesday, is designed by 24-year-old Nadim Kobeissi – the creator of the end-to-end encrypted group messaging app Cryptocat and the encrypted file-sharing app MiniLock . " With Peerio everything you share or communicate with your team is secured with state-of-the-art encryption , and it's as easy as using Gmail. You don't need to learn to use it, " Kobeissi told Wired. &quo
iOS URL Scheme Could Let App-in-the-Middle Attackers Hijack Your Accounts

iOS URL Scheme Could Let App-in-the-Middle Attackers Hijack Your Accounts

Jul 15, 2019
Security researchers have illustrated a new app-in-the-middle attack that could allow a malicious app installed on your iOS device to steal sensitive information from other apps by exploiting certain implementations of Custom URL Scheme . By default on Apple's iOS operating system, every app runs inside a sandbox of its own, which prevent all apps installed on the same device from accessing each other's data. However, Apple offers some methods that facilitate sending and receiving very limited data between applications. One such mechanism is called URL Scheme, also known as Deep Linking, that allows developers to let users launch their apps through URLs, like facetime:// , whatsapp:// , fb-messenger:// . For example, when you click "Sign in with Facebook" within an e-commerce app, it directly launches the Facebook app installed on your device and automatically process the authentication. In the background, that e-commerce app actually triggers the URL Sch
Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

May 20, 2023 Cyber Crime / Ransomware
The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom," the other being " Chuck from Montreal ." eSentire characterized Jack as the true mastermind behind Golden Chickens. Evidence unearthed by the Canadian company shows that he is also listed as the owner of a vegetable and fruit import and export business. "Like 'Chuck from Montreal,' 'Jack' uses multiple aliases for the underground forums, social media, and Jabber accounts, and he too has gone to great lengths to disguise himself," eSentire researchers Joe Stewart and Keegan Keplinger said . "'Jack' has taken great pa
World's most secure messaging service offers £10,000 if you crack it

World's most secure messaging service offers £10,000 if you crack it

May 01, 2013
Privacy conscious phone users are being offered a new app that claims to be the world's first totally secure messaging service. A London-based iPhone messaging app claims to be unhackable and is offering reward to anyone who can intercept a message sent by it.  Redact believes that messages sent via the app are completely secure, and to prove it a reward of £10,000 has been offered. The application creates a secure and encrypted peer-to-peer network between two iPhones, with messages sent directly from one phone to another and not through the company's servers.  The company has already offered its Secure Messenger service for free to MPs and submitted the technology to CESG, the Government's National Technical Authority for Information Assurance, which provides advice on the security of communications and electronic data. With Redact there are no user names, phone numbers or email addresses. Instead, new users are automatically assigned a unique PIN, simi
Twitter is Testing End-to-End Encrypted Direct Messages

Twitter is Testing End-to-End Encrypted Direct Messages

May 08, 2018
Twitter has been adopting new trends at a snail's pace. But it's better to be late than never. Since 2013 people were speculating that Twitter will bring end-to-end encryption to its direct messages, and finally almost 5 years after the encryption era began, the company is now testing an end-to-end encrypted messaging on Twitter. Dubbed " Secret Conversation ," the feature has been spotted in the latest version of Android application package (APK) for Twitter by Jane Manchun Wong, a computer science student at the University of Massachusetts Dartmouth. End-to-end encryption allows users to send and receive messages in a way that no one, be it an FBI agent with a warrant, hacker or even the service itself, can intercept them. However, it seems like the Secret Conversation feature has currently been available only to a small number of users for testing. So, if you are one of those lucky ones, you will be able to send end-to-end encrypted Secret Conversation thro
Breaking — India Bans Facebook's Free Basics Service

Breaking — India Bans Facebook's Free Basics Service

Feb 08, 2016
Facebook's Free Basics Internet service has been Blocked in India. The Telecom Regulatory Authority of India (TRAI) has banned mobile carriers and broadband providers to charge customers based on what services or content they access over the Internet. Under Prohibition of Discriminatory Tariffs for Data Services Regulations, 2016, "no service provider shall offer or charge discriminatory tariffs for data services on the basis of content." With this, Facebook's Free Basics is dead in India. All Zero-Rated Internet Services are BLOCKED!  It is not just Facebook's Free Basics Internet program that has been blocked inside the country, but also the zero-rated internet services altogether. Zero-rated internet services means those services that allow people access to some websites and web services without utilizing any of their mobile data allowance. Under the new regulation, no such services are now allowed. Free Basics (previously known by Int
New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

New Settings Let Hackers Easily Pentest Facebook, Instagram Mobile Apps

Mar 26, 2019
Facebook has introduced a new feature in its platform that has been designed to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. Since almost all Facebook-owned apps by default use security mechanisms such as Certificate Pinning to ensure integrity and confidentiality of the traffic, it makes it harder for white hat hackers and security researchers to intercept and analyze network traffic to find server-side security vulnerabilities. For those unaware, Certificate Pinning is a security mechanism designed to prevent users of an application from being a victim of network-based attacks by automatically rejecting the whole connection from sites that offer bogus SSL certificates. Dubbed " Whitehat Settings ," the new option now lets researchers easily bypass Certificate Pinning on the Facebook-owned mobile apps by: Disabling Facebook's TLS 1.3 support Enabling proxy for Platform API requests
Facebook Worm Spreads Through Yahoo! Messenger !

Facebook Worm Spreads Through Yahoo! Messenger !

Dec 23, 2010
A computer worm is on the loose that denies Facebook users access to their accounts. The worm, dubbed " W32.Yimfoca " by the security company Symantec, is being spread through Yahoo! Messenger and specifically targets Facebook users, forcing them to fill out surveys before they can log on to their profile pages. First, the worm sends an instant message to users that includes a corrupted link. When a user clicks the link, the worm installs malware on their system. Later, when users visit the Facebook homepage, they are met with a message reading, "Your account is suspended. To make your account active you need to complete one of these surveys," followed by a list of six options, including "Test Your Celebrity IQ here," and "Win a FREE iPhone 4." If you decide to fill out one of the surveys, another box appears reading, "You have only 3 minutes to fill out the selected survey or you will not have access to your account." Each time a
Facebook Collected Your Android Call History and SMS Data For Years

Facebook Collected Your Android Call History and SMS Data For Years

Mar 25, 2018
Facebook knows a lot about you, your likes and dislikes—it's no surprise. But do you know, if you have installed Facebook Messenger app on your Android device, there are chances that the company had been collecting your contacts, SMS, and call history data at least until late last year. A tweet from Dylan McKay, a New Zealand-based programmer, which received more than 38,000 retweets (at the time of writing), showed how he found his year-old data—including complete logs of incoming and outgoing calls and SMS messages—in an archive he downloaded (as a ZIP file) from Facebook. Facebook was collecting this data on its users from last few years, which was even reported earlier in media, but the story did not get much attention at that time. Since Facebook had been embroiled into controversies over its data sharing practices after the Cambridge Analytica scandal last week, tweets from McKay went viral and has now fueled the never-ending privacy debate. A Facebook spokespe
Facebook M: Facebook's Answer to Siri, Cortana and Google Now

Facebook M: Facebook's Answer to Siri, Cortana and Google Now

Aug 27, 2015
Microsoft's 'Cortana', Google's 'Google Now', Apple's 'Siri', Now meet Facebook's 'M.' Facebook's announcement to introduce their Personal Digital Assistant "M" comes with powers within the Facebook Messenger. It is a similar virtual assistant like Google Now, Apple's Siri and Microsoft's smart digital assistant Cortana. It seems that all the intelligence that resides within the personal digital assistants already in the market are nothing in front of M's capabilities, according to the Facebook post by David Marcus , Vice President of Messaging Products at Facebook. Three days ago, Microsoft had boosted the powers of Android users by making Cortana accessible on Android devices. Now listening to Facebook's launch of 'M', rival companies would have definitely face-palmed! What Can I Help You With? The virtual assistant software "M" is truly going to support you by doing the
New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

Sep 02, 2020
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers. "For threat actors, this data exfiltration mechanism is efficient and doesn't require them to keep up infrastructure that could be taken down or blocked by defenders," Jérôme Segura of Malwarebytes said in a Monday analysis . "They can even receive a notification in real time for each new victim, helping them quickly monetize the stolen cards in underground markets." The TTP was first publicly documented by security researcher @AffableKraut in a Twitter thread last week using data from Dutch cybersecurity firm Sansec. Injecting e-skimmers on shopping websites by exploiting a known
Cybersecurity Resources