Help Net Security newsletters: Latest news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
black hat
Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32

I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security …

danger
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

UPDATE (September 28, 2023, 03:15 a.m. ET): The CVE-2023-5129 ID has been either rejected or withdrawn by the CVE Numbering Authority (Google), since it’s a duplicate of …

Signal app
Signal takes a quantum leap with E2EE protocol upgrade

Signal has announced an upgrade to its end-to-end encryption (E2EE) protocol to protect users of its popular messaging app from encryption-breaking attacks through quantum …

Android malware
Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …

Signal app
Researchers publish post-quantum upgrade to the Signal protocol

PQShield published a white paper that lays out the quantum threat to secure end-to-end messaging and explains how post-quantum cryptography (PQC) can be added to the Signal …

phishing
0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations

Group-IB has discovered that the recently disclosed phishing attacks on the employees of Twilio and Cloudflare were part of the massive phishing campaign that resulted in …

Signal app
1,900 Signal users exposed following Twilio breach

The attacker behind the recent Twilio data breach may have accessed phone numbers and SMS registration codes for 1,900 users of the popular secure messaging app Signal. …

eavesdropping
Bugs in Signal, other video chat apps allowed attackers to listen in on users

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook …

WhatsApp Telegram
Mobile messengers expose billions of users to privacy attacks

Popular mobile messengers expose personal data via discovery services that allow users to find contacts based on phone numbers from their address book, according to …

money
Cybercriminals are using IM platforms as marketplaces

Cybercriminals are increasingly using IM platforms like Telegram, Discord, Jabber, WhatsApp, IRC and others to advertise and sell their goods and services, IntSight …

Signal
Signal fixes location-revealing flaw, introduces Signal PINs

Signal has fixed a vulnerability affecting its popular eponymous secure communications app that allowed bad actors to discover and track a user’s location. The non …

stop
Amazon to kill off censorship-foiling domain fronting option

Secure messaging services and other privacy-oriented tools that rely on domain fronting to foil censorship efforts by various countries have been dealt a severe blow in the …

Don't miss

Cybersecurity news