Wednesday, March 3, 2021
CybersecFill
Advertisement
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
CybersecFill
No Result
View All Result
Home News

WhatsApp Discovers new Vulnerability,Urges Users to Update their Application

Cybersecfill by Cybersecfill
May 14, 2019
in News
0
Whatsapp vulnerability
Share on FacebookShare on Twitter

WhatsApp has revealed a vulnerability in its system could have allowed hackers access to its users’ phones.A London-based human rights lawyer  could possibly be among targets.

WhatsApp, which is owned by Facebook, said the attack targeted a “select number” of users, and was orchestrated by “an advanced cyber actor”.

The attack was first discovered earlier this month.

WhatsApp promotes itself as a “secure” communications app because messages are end-to-end encrypted, meaning they should only be displayed in a legible form on the sender or recipient’s device.

However, the surveillance software would have let an attacker read the messages on the target’s device.

Who did this?

WhatsApp stated that “a select number of users” were targeted by an “advanced cyber actor”, which the Financial Times has identified as the Israeli technology company NSO Group.

NSO Group claims its technology, known as Pegasus, is only used by intelligence and law enforcement agencies.

Critics of the firm, including human rights organisations, have claimed that many of the state agencies it works with are repressive and often target their lawyers and activists.

How do you know if this attack has affected your phone?

There is currently no way to tell if this has affected your phone. However, the attack is expensive and it is unlikely – at the moment – to be carried out by commodity criminals.

According to Citizen Lab, software believed to have been developed by NSO Group has been used to target and persecute political dissidents, human rights defenders, opposition politicians and journalists in 45 countries.

How can you safeguard against the Vulnerability?

The attack is being considered extraordinary by cyber security professionals.

This is not just because it targeted lawyers, who are not usually national security targets and whose communications with those targets – at least in many common law countries – are privileged.

It has caught their attention because there was no way to safeguard against it – not even by training users to spot the dodgy message.

Often cyber attacks require some kind of user input to succeed, whether the user clicks “allow” or “yes” on a pop-up, or follows a link, or downloads and executes a malicious file in a phishing email under the impression that it is innocent.

However, the WhatsApp attack was what was known as a “no-click” attack, meaning there was no user input needed at all – the hackers could just send the voice call, and even if it was not answered, gain access to the target’s phone.

The only protection is to update the version of WhatsApp.

How do I update WhatsApp?

Android

  • Open the Google Play store
  • Tap the menu at the top left of the screen
  • Tap My Apps & Games
  • If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
  • If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
  • The latest version of WhatsApp on Android is 2.19.134

iOS

  • Open the App Store
  • At the bottom of the screen, tap Updates
  • If WhatsApp has recently been updated, it will appear in the list of apps with a button that says Open
  • If WhatsApp has not been automatically updated, the button will say Update. Tap Update to install the new version
  • The latest version of WhatsApp on iOS is 2.19.51

 

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Tags: VulnerabilityWhatsApp
Cybersecfill

Cybersecfill

An independent Nigeria cybersecurity blog aimed at sharing cybersecurity news, articles ,blog and opinins.

Next Post
Contactless Cards

Contactless Cards | Nigeria adopting New Technology

0 0 vote
Article Rating
Login
guest
guest
0 Comments
Inline Feedbacks
View all comments

Subscribe

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

  • Trending
  • Comments
  • Latest
credit card cloning

How Credit/Debit Cards are Cloned / Preventing Card Cloning

December 26, 2019
Wifi 6 Security

Did Wi-Fi 6 come with an Improvement In Security?

May 13, 2019
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

July 1, 2019
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

August 3, 2019
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

8
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

6
Cybersecurity Jobs

Cybersecurity Jobs – You can create your own Cybersecurity Role

4
open Source intelligence tools

Open Source Intelligence tools – OSINT

4
5G Dangers: What are the Cybersecurity implications?

5G Dangers: What are the Cybersecurity implications?

March 1, 2021
Key Differences Between Firewall And Antivirus

Key Differences Between Firewall And Antivirus

February 27, 2021
Cybersecurity for Remote Workers: 8 ways to work safer…

Cybersecurity for Remote Workers: 8 ways to work safer…

February 24, 2021
Cloud Account Hijacking

Cloud Account Hijacking

February 22, 2021

Recommended

5G Dangers: What are the Cybersecurity implications?

5G Dangers: What are the Cybersecurity implications?

March 1, 2021
Key Differences Between Firewall And Antivirus

Key Differences Between Firewall And Antivirus

February 27, 2021
Cybersecurity for Remote Workers: 8 ways to work safer…

Cybersecurity for Remote Workers: 8 ways to work safer…

February 24, 2021
Cloud Account Hijacking

Cloud Account Hijacking

February 22, 2021

© 2020 CybersecFill. All Rights Reserved.

No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us

© 2020 CybersecFill. All Rights Reserved.

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply