Actualiza WhatsApp ya: un bug en los videos MP4 expone los mensajes

Credit to Author: Naked Security| Date: Fri, 22 Nov 2019 15:14:30 +0000

El eslogan de WhatsApp: simple, seguro, mensajería fiable. Anexo necesario de marketing: agujero, actualizar, inmediatamente, vulnerabilidad, MP4. Facebook publicó un aviso de seguridad sobre una vulnerabilidad de desbordamiento de búfer muy peligrosa en WhatsApp, CVE-2019-11931, que podría ser desencadenada por un vídeo MP4 comprometido. Está calificada como una vulnerabilidad de alto riesgo – 7,8 &#8211; [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/aIFTlPehi4A” height=”1″ width=”1″ alt=””/>

Read more

Stalkerware’s legal enforcement problem

Credit to Author: David Ruiz| Date: Mon, 18 Nov 2019 15:47:58 +0000

Those who install stalkerware with the intent to monitor, control, harass, or otherwise abuse their victims typically get away with it, avoiding legal penalty even if there’s plenty of evidence to suggest their guilt.

Categories:

Tags:

(Read more…)

The post Stalkerware’s legal enforcement problem appeared first on Malwarebytes Labs.

Read more

ACCESS Act might improve data privacy through interoperability

Credit to Author: David Ruiz| Date: Wed, 06 Nov 2019 16:00:00 +0000

Data privacy is back in Congressional lawmakers’ sights, as proposed legislation called the ACCESS Act focuses not on data collection, storage, and selling, but on the idea that Americans should be able to easily pack up their data and take it to a competing service. But will this actually protect privacy?

Categories:

Tags:

(Read more…)

The post ACCESS Act might improve data privacy through interoperability appeared first on Malwarebytes Labs.

Read more

The infamous Spyware – Pegasus, The NSO Group and The WhatsApp snooping saga

Credit to Author: Prachi Sudame| Date: Sat, 02 Nov 2019 07:41:18 +0000

The Indian media is abuzz these days with several news and allegations around snooping on several Indian citizens through a spyware named Pegasus, allegedly delivered through WhatsApp. It’s reported widely that Facebook Inc., the parent company of popular messaging app -WhatsApp, reached out to few users from India (and other…

Read more

Una vulnerabilidad de WhatsApp podría comprometer dispositivos Android

Credit to Author: Naked Security| Date: Mon, 07 Oct 2019 14:02:16 +0000

Un investigador ha publicado detalles de una vulnerabilidad de ejecución remota de código (RCE) de WhatsApp que, según afirma, podría usarse para comprometer no solo la aplicación sino también el dispositivo móvil en el que se ejecuta la aplicación. Reportado a Facebook hace unas semanas por un investigador llamado “Awakened”, el problema crítico (CVE-2019-11932) afecta [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/iVBKxwFsBps” height=”1″ width=”1″ alt=””/>

Read more

Data and device security for domestic abuse survivors

Credit to Author: David Ruiz| Date: Tue, 13 Aug 2019 16:33:22 +0000

Many domestic abuse survivors need help before stalkerware strikes. Here, we give basic advice on device security and protecting sensitive data.

Categories:

Tags:

(Read more…)

The post Data and device security for domestic abuse survivors appeared first on Malwarebytes Labs.

Read more

Backdoors are a security vulnerability

Credit to Author: David Ruiz| Date: Fri, 09 Aug 2019 16:10:27 +0000

Upset by their inability to access potentially vital evidence for criminal investigations, the federal government has, for years, pushed to convince tech companies to build backdoors that will, allegedly, only be used by law enforcement agencies. The problem, cybersecurity researchers say, is that those backdoors can easily be exploited by criminals.

Categories:

Tags:

(Read more…)

The post Backdoors are a security vulnerability appeared first on Malwarebytes Labs.

Read more

A week in security (July 15 – 21)

Credit to Author: Malwarebytes Labs| Date: Mon, 22 Jul 2019 15:50:35 +0000

A roundup of cybersecurity news from July 15–21, including the Zoom camera vulnerability, Extenbro, Sodinokibi, Magecart, and cybersecurity challenges facing the education sector.

Categories:

Tags:

(Read more…)

The post A week in security (July 15 – 21) appeared first on Malwarebytes Labs.

Read more