#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Search results for Messenger | Breaking Cybersecurity News | The Hacker News

YAHOO! Now Encrypts Everything; Encrypted Yahoo Messenger Coming Soon

YAHOO! Now Encrypts Everything; Encrypted Yahoo Messenger Coming Soon

Apr 03, 2014
ON HIGH-PRIORITY YAHOO! is finally rolling out encryption implementation over their site and services in order to protect users. Yahoo is rapidly becoming one of the most aggressive supporters of encryption, as in January this year Yahoo enabled the HTTPS connections by default, that automatically encrypts the connections between users and its email service. November last year, Yahoo revealed plans to encrypt all information that moves between its data centers and finally from 31st March Yahoo has taken another leap in user-data protection through the deployment of new encryption technologies. NSA TARGET LIST -  GMAIL, YAHOO, ... many more. Last year, It was revealed by  Edward Snowden  that under MUSCULAR program , the spy agency NSA was infiltrating the private data links between Google and Yahoo data centers. After finding themselves in the NSA's target list, Yahoo! and Google forced to think hard about the security and privacy of its users. Google had replied back
Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger

Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger

Aug 14, 2021
Facebook on Friday said it's extending end-to-end encryption (E2EE) for voice and video calls in Messenger, along with testing a new opt-in setting that will turn on end-to-end encryption for Instagram DMs. "The content of your messages and calls in an end-to-end encrypted conversation is protected from the moment it leaves your device to the moment it reaches the receiver's device," Messenger's Ruth Kricheli  said  in a post. "This means that nobody else, including Facebook, can see or listen to what's sent or said. Keep in mind, you can report an end-to-end encrypted message to us if something's wrong." The social media behemoth said E2EE is becoming the industry standard for improved privacy and security. It's worth noting that the company's flagship messaging service gained support for E2EE in text chats in 2016, when it added a " secret conversation " option to its app, while communications on its sister platform What
How to Get Going with CTEM When You Don't Know Where to Start

How to Get Going with CTEM When You Don't Know Where to Start

Oct 04, 2024Vulnerability Management / Security Posture
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities - before they can be exploited by attackers.  On paper, CTEM sounds great . But where the rubber meets the road – especially for CTEM neophytes - implementing CTEM can seem overwhelming. The process of putting CTEM principles into practice can look prohibitively complex at first. However, with the right tools and a clear understanding of each stage, CTEM can be an effective method for strengthening your organization's security posture.  That's why I've put together a step-by-step guide on which tools to use for which stage. Want to learn more? Read on… Stage 1: Scoping  When you're defin
Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers' Interaction

Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers' Interaction

Oct 04, 2019
Almost every application contains security vulnerabilities, some of which you may find today, but others would remain invisible until someone else finds and exploits them—which is the harsh reality of cybersecurity and its current state. And when we say this, Signal Private Messenger —promoted as one of the most secure messengers in the world—isn't any exception. Google Project Zero researcher Natalie Silvanovich discovered a logical vulnerability in the Signal messaging app for Android that could allow malicious caller to force a call to be answered at the receiver's end without requiring his/her interaction. In other words, the flaw could be exploited to turn on the microphone of a targeted Signal user's device and listen to all surrounding conversations. However, the Signal vulnerability can only be exploited if the receiver fails to answer an audio call over Signal, eventually forcing the incoming call to be automatically answered on the receiver's device
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Facebook Starts WhatsApp Integration for Android Users

Facebook Starts WhatsApp Integration for Android Users

Apr 06, 2015
Is Facebook planning to integrate WhatsApp Messenger into its ' Facebook for Android ' app? Yes, this might be possible soon. According to latest rumours, Facebook is reportedly working on it. The social network giant, Facebook has begun testing a new feature in its Facebook app for Android that includes the first integration of WhatsApp Messenger, according to a blogger. WHATSAPP INTEGRATION INTO FACEBOOK APP According to this update, a year after of acquiring WhatsApp Messenger, Facebook has only added a 'Send' button with the WhatsApp icon. This WhatsApp ' send ' will work as part of the status actions options that appear under each status update. It means that Facebook for Android users soon may have this particular version of Facebook app with a dedicated WhatsApp button that would allow an Android user to share posts, status and anything else directly through WhatsApp by just clicking the Share button. If rumours are true, th
Telegram Calling Feature Leaks Your IP Addresses—Patch Released

Telegram Calling Feature Leaks Your IP Addresses—Patch Released

Oct 01, 2018
The desktop version of the security and privacy-focused, end-to-end encrypted messaging app, Telegram , has been found leaking both users' private and public IP addresses by default during voice calls. With 200 million monthly active users as of March 2018, Telegram promotes itself as an ultra-secure instant messaging service that lets its users make end-to-end encrypted chat and voice call with other users over the Internet. Security researcher Dhiraj Mishra uncovered a vulnerability (CVE-2018-17780) in the official Desktop version of Telegram (tdesktop) for Windows, Mac, and Linux, and Telegram Messenger for Windows apps that was leaking users' IP addresses by default during voice calls due to its peer-to-peer (P2P) framework. To improve voice quality, Telegram by default uses a P2P framework for establishing a direct connection between the two users while initiating a voice call, exposing the IP addresses of the two participants. Telegram Calls Could Leak Your
Facebook Introduces New Features for End-to-End Encrypted Messenger App

Facebook Introduces New Features for End-to-End Encrypted Messenger App

Jan 24, 2023 Encryption / Privacy
Meta Platforms on Monday announced that it has started to expand global testing of end-to-end encryption ( E2EE ) in Messenger chats by default. "Over the next few months, more people will continue to see some of their chats gradually being upgraded with an extra layer of protection provided by end-to-end encryption," Meta's Melissa Miranda  said . The social media behemoth said it intends to notify users in select individual chat threads as the security feature is enabled, while emphasizing that the process of choosing and upgrading the conversations to support E2EE is random. "It's designed to be random so that there isn't a negative impact on our infrastructure and people's chat experience," Miranda further explained. Along with flipping the switch on E2EE, Meta has also added more features into its encrypted chat experience, including support for themes, custom emojis and reactions, group profile photos, link previews, and active status. T
Researcher finds a way to Delete and Modify Facebook Messages Sent to Other Users

Researcher finds a way to Delete and Modify Facebook Messages Sent to Other Users

Jun 07, 2016
Sometimes I receive emails from our readers who wanted to know how to hack Facebook account , but just to delete some of their messages they have sent to their friends or colleagues mistakenly or under wrong circumstances like aggression. How to hack a Facebook account? It is probably the biggest "n00b" question you will see on the Internet. The solution for this query is hard to find — but recently researchers have shown that how you can modify or alter your messages once you have pressed the SEND button in Facebook Messenger. According to the researcher  Roman Zaikin  from cyber security firm Check Point , a simple HTML tweak can be used to exploit Facebook online chat as well as its Messenger app, potentially allowing anyone to modify or delete any of his/her sent message, photo, file, and link. Though the bug is simple, it could be exploited by malicious users to send a legitimate link in a Facebook chat or group chat, and later change it to a malicious link t
8 Best Android Apps To Improve Privacy and Security

8 Best Android Apps To Improve Privacy and Security

Apr 30, 2015
Just to have a good anti-virus protection app in your smartphone doesn't mean a complete Security. As Mobile Device Security is comprised of security of different features, such as: Data privacy and security features Permission restrictions for snoopy apps A blacklist for undesired calls An excellent backup capability, in case your smartphone gets deteriorated. As well as encryption functionality. Google's Android is a very flexible mobile operating system that can fulfill all these mobile device security challenges if you select the right security applications from Google Play Store. No doubt, Google Play Store has an abundance of suitable options, and it's quite difficult for you to select the ones that meet all your expectations. So, I decided to help you by making a short list of the best mobile device security applications that I always carry in my Android smartphone. Here are the best security apps you must have in your Android smartphone; have a look
Facebook Fired An Intern After He Exposes How to Track Users' Location

Facebook Fired An Intern After He Exposes How to Track Users' Location

Aug 14, 2015
Previously, we posted about a privacy issue in Facebook messenger ; Aran Khanna , a Harvard University student, discovered ' A Marauder's Map ' that could sense and give the geolocations of your friends on the messenger. Khanna had received an opportunity to work as an intern for Facebook… …But destiny had planned something else for him, as after publicly stating the risk associated with the app; Facebook withdrew his candidature as a summer intern. Why Facebook Fired Him? Khanna himself confessed to be an avid user of the Facebook Messenger app , as it is an integral part of his social life. However, one day, while going through his chat history he found that a location is attached to each message he has sent and received from his device. Also, the location is shared with the ' power of default ' even if you choose to turn the location sharing option off. This made him look for the complete inside story, which brought him to a strange thing while writing the
WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users

WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users

Sep 16, 2019
Mistakenly sent a picture to someone via WhatsApp that you shouldn't have? Well, we've all been there, but what's more unfortunate is that the 'Delete for Everyone' feature WhatsApp introduced two years ago contains an unpatched privacy bug, leaving its users with false sense of privacy. WhatsApp and its rival Telegram messenger offer "Delete for Everyone," a potentially life-saving feature on which millions of people today rely to escape the awkwardness of mistakenly sending messages / pictures / videos to the wrong person. As the name indicates, the ' Delete for Everyone ' feature is intended to unsend mistakenly sent inappropriate messages—including text, photos and videos—from the recipient's phone, or from the phones of all members of a group. In the case of WhatsApp, the feature is only available within 1 hour, 8 minutes, and 16 seconds of sending a message you want to delete, which is fine and a fair use case. However, it tur
How to Unlock (and Play) Hidden Chess Game Inside Facebook Messenger

How to Unlock (and Play) Hidden Chess Game Inside Facebook Messenger

Feb 05, 2016
What can you do with Facebook Messenger? Chat with your friends Send GIFs, stickers, and photos Make video calls Send people money in Messenger Have you ever wondered to Play a game while you chat with friends? Yes, it is possible. Facebook had made it to the reality by building a hidden built-in functionality in Facebook Messenger that lets you play Chess with your friends without having to install a third-party app. It just takes one simple step to unlock this hidden game. All you need to do is: type " @fbchess play " and hit Enter, during a conversation, and a small square box would appear in the chat box. Here's how to play: The person who initiated the game would be assigned "White" side, to make the first movement. Although there is some standard algebraic notation like:- B for "Bishop" R for "Rook" Q for "Queen" K for "King" N for "Knight" P for "Pawn" Pawns could be moved by issuing the simple commands
Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger

Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger

Sep 11, 2023 Malware / Social Media
A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets' Business accounts. "Originating yet again from a Vietnamese-based group, this campaign uses a tiny compressed file attachment that packs a powerful Python-based stealer dropped in a multi-stage process full of simple yet effective obfuscation methods," Guardio Labs researcher Oleg Zaytsev  said  in an analysis published over the weekend. In these attacks, dubbed MrTonyScam, potential victims are sent messages that entice them into clicking on the RAR and ZIP archive attachments, leading to the deployment of a dropper that fetches the next-stage from a GitHub or GitLab repository. This payload is another archive file that contains a CMD file, which, in turn, harbors an obfuscated Python-based stealer to exfiltrate all cookies and login credentials from d
Ricochet — Most Secure Peer-to-Peer Encrypted Messenger that Sends No Metadata

Ricochet — Most Secure Peer-to-Peer Encrypted Messenger that Sends No Metadata

Feb 23, 2016
There are several encrypted messaging apps for mobile and desktop platforms that shipped with "The Most Secure" tagline but ends up in de-anonymizing the real identity of its users in some or the other way. In fact, very few encrypted messaging apps available today deal with the core problem of Metadata .  The majority of apps offer end-to-end encryption that kept the content of your messages away from prying eyes, but your metadata will still be accessible to them, which is enough to know who you really are, and who you're talking to. But, one messenger app stands out of the crowd by providing superb anonymity to its users, and it is dubbed as " Ricochet ." Ricochet is a peer-to-peer instant messaging system available for Windows, Mac, and Linux and you can trust it as the app has already cleared its first professional security audit carried out by cyber security company NCC Group . What's so Promising about Ricochet? Unlike
Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Experts Warn of Privacy Risks Caused by Link Previews in Messaging Apps

Oct 26, 2020
Cybersecurity researchers over the weekend disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the background. "Links shared in chats may contain private information intended only for the recipients," researchers Talal Haj Bakry and Tommy Mysk  said . "This could be bills, contracts, medical records, or anything that may be confidential." "Apps that rely on servers to generate link previews may be violating the privacy of their users by sending links shared in a private chat to their servers." Generating Link Previews at the Sender/Receiver Side Link previews are a common feature in most chat apps, making it easy to display a visual preview and a brief description of the shared link. Although apps like  Signal  and  Wire  give users the option to turn on/off l
WhatsApp Will Disable Your Account If You Don't Agree Sharing Data With Facebook

WhatsApp Will Disable Your Account If You Don't Agree Sharing Data With Facebook

Jan 06, 2021
"Respect for your privacy is coded into our DNA," opens WhatsApp's  privacy policy . "Since we started WhatsApp, we've aspired to build our Services with a set of strong privacy principles in mind." But come February 8, 2021, this opening statement will no longer find a place in the policy. The Facebook-owned messaging service is alerting users in India of an update to its  terms of service  and  privacy policy  that's expected to go into effect next month. The "key updates" concern how it processes user data, "how businesses can use Facebook hosted services to store and manage their WhatsApp chats," and "how we partner with Facebook to offer integrations across the Facebook Company Products." The mandatory changes allow WhatsApp to  share  more user data with other Facebook companies, including account registration information, phone numbers, transaction data, service-related information, interactions on the platform,
Expert Insights / Articles Videos
Cybersecurity Resources