#messagingsecurity — Public Fediverse posts

Gen Digital researchers have disclosed GhostPairing, a technique that leverages WhatsApp’s multi-device functionality via social engineering to enable persistent, low-noise access to user communications.

The case highlights how legitimate features can become attack surfaces when paired with deception rather than technical exploitation.

Open discussion: how can platforms mitigate abuse of trusted workflows without degrading user experience?

Follow TechNadu for objective threat analysis and security research updates.

Source: https://www.techrepublic.com/article/news-whatsapp-ghostpairing/

#InfoSec #ThreatResearch #SocialEngineering #MessagingSecurity #PrivacyEngineering #CyberRisk

WhatsApp accounts targeted in ‘GhostPairing’ attack https://www.csoonline.com/article/4108925/whatsapp-accounts-targeted-in-ghostpairing-attack.html #CommunicationsSecurity #EndpointProtection #MessagingSecurity #NetworkSecurity #MobileSecurity #Security

Researchers disclosed that delivery-receipt behavior in WhatsApp and Signal can be leveraged to observe device activity using silent reactions, edits, and deletions.

Only a phone number is needed, and there’s no user control to disable receipts.
What types of safeguards would you consider appropriate here?

Source: https://gbhackers.com/hackers-exploit-delivery-receipts-in-messaging-app/

Follow us for measured, research-driven cybersecurity reporting.

#InfoSec #Cybersecurity #MobileSecurity #ThreatResearch #Privacy #MessagingSecurity #SecurityAwareness #TechNews #CyberRisk #DigitalSafety

WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform https://www.csoonline.com/article/4093249/whatsapp-flaw-allowed-discovery-of-the-3-5-billion-mobile-numbers-registered-to-the-platform.html #CommunicationsSecurity #MessagingSecurity #NetworkSecurity #Vulnerabilities #Security

US House reportedly bans WhatsApp from staffers’ devices over security concerns – Source: www.computerworld.com https://ciso2ciso.com/us-house-reportedly-bans-whatsapp-from-staffers-devices-over-security-concerns-source-www-computerworld-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MessagingSecurity #GovernmentIT #CSOonline #CSOOnline

CISA adds the notorious TeleMessage flaw to KEV list https://www.csoonline.com/article/3985565/cisa-adds-the-notorious-telemessage-flaw-to-kev-list.html #MessagingSecurity #Vulnerabilities #Security

Meta wins $168M judgment against spyware seller NSO Group – Source: www.computerworld.com https://ciso2ciso.com/meta-wins-168m-judgment-against-spyware-seller-nso-group-source-www-computerworld-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MessagingSecurity #surveillance #CSOonline #CSOOnline #Malware

Company behind modified Signal app used by Mike Waltz allegedly hacked – Source: www.csoonline.com https://ciso2ciso.com/company-behind-modified-signal-app-used-by-mike-waltz-allegedly-hacked-source-www-csoonline-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MessagingSecurity #Encryption #CSOonline #CSOOnline #Security

Company behind modified Signal app used by Mike Walz allegedly hacked https://www.csoonline.com/article/3977385/company-behind-modified-signal-app-used-by-mike-walz-allegedly-hacked.html #MessagingSecurity #Encryption #Security

Governments won’t like this: encrypted messaging between Android and iOS devices coming, says GSMA – Source: www.computerworld.com https://ciso2ciso.com/governments-wont-like-this-encrypted-messaging-between-android-and-ios-devices-coming-says-gsma-source-www-computerworld-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MessagingSecurity #Encryption #CSOonline #CSOOnline

Governments won’t like this: encrypted messaging between Android and iOS devices coming, says GSMA https://www.computerworld.com/article/3846138/governments-wont-like-this-encrypted-messaging-between-android-and-ios-devices-coming-says-gsma.html #MessagingSecurity #Encryption

Swedish government wants to get access to your encrypted messaging communication.
Exactly how are they thinking of doing that?
I am no tech specialist, even I have been online since early 1990s. I may very well miss something or be ignorant of some aspects, but..

OK, let's say Swedish government wants backdoors to messaging apps.
Signal refuses and leaves Sweden.
So, is the Swedish government going to demand that of everyone messaging app?
Signal, WhatsApp, etc, they are centralised, so could perhaps work.

But what about smaller, "unknown", decentralised messaging services? Like SimpleX? How are you going to get them to comply?

Or XMPP/Jabber with OMEMO encryption? That is a not an app, not even a messaging service, but a protocol, similar to email.
Do you think every developer of an XMPP app is going to comply? That is, if you are even capable of finding them? And that goes for the XMPP servers, as well. "Anyone" can set up an encrypted XMPP server.

1/2

#signal #MessagingSecurity #chatcontrol #XMPP #backdoors

Gearing up for some more development on encrypting and decrypting messages for kids.

Just renamed my one-time pad encryptio library to something that was possible to remember:

otp-encryption-js

First thing is to make emojis unique over different versions of unicode emoji versions.

Then look at one-time pad exchange between phones.

#onetimepad #encryption #JavaScript #development #messaging #MessagingSecurity

https://github.com/eklem/otp-encrypt-js

Russian cyberespionage groups target Signal users with fake group invites https://www.csoonline.com/article/3828182/russian-cyberespionage-groups-target-signal-users-with-fake-group-invites.html #AdvancedPersistentThreats #CommunicationsSecurity #MessagingSecurity #Hacking

Encryption backdoor debates rage across the planet, promising a difficult 2025 for CISOs https://www.csoonline.com/article/3555354/encryption-backdoor-debates-rage-across-the-planet-promising-a-difficult-2025-for-cisos.html #MessagingSecurity #DataPrivacy #Encryption

Encryption backdoor debates rage across the planet, promising a difficult 2025 for CISOs https://www.csoonline.com/article/3555354/encryption-backdoor-debates-rage-across-the-planet-promising-a-difficult-2025-for-cisos.html #MessagingSecurity #DataPrivacy #Encryption

Two weeks on from Pavel Durov’s arrest, Telegram ramps up moderation of ‘illegal content’ https://www.csoonline.com/article/3509035/two-weeks-on-from-pavel-durovs-arrest-telegram-ramps-up-moderation-of-illegal-content.html #MessagingSecurity #Encryption

Telegram CEO allowed platform to be abused by criminals, French prosecutors allege https://www.csoonline.com/article/3498345/telegram-ceo-allowed-platform-to-be-abused-by-criminals-french-prosecutors-allege.html #MessagingSecurity #Encryption

Telegram founder’s arrest raises anxiety about future of end-to-end encryption https://www.csoonline.com/article/3496861/telegram-founders-arrest-raises-anxiety-about-future-of-end-to-end-encryption.html #MessagingSecurity #Encryption

Chat apps’ end-to-end encryption threatened by EU legislation https://www.csoonline.com/article/2154094/chat-apps-end-to-end-encryption-threatened-by-eu-legislation.html #MessagingSecurity #Encryption #Regulation