tldrdaily.news logo
Tag

Mobile Security Privacy

All articles tagged with #mobile security privacy

mobile-security-privacy2 years ago

Google Messages Implements Cross-Platform End-to-End Encryption with MLS Protocol

Google plans to introduce support for Message Layer Security (MLS) in its Messages service for Android, enabling cross-platform end-to-end encryption. MLS is a security layer that allows interoperability across messaging services and platforms. The protocol, approved by the Internet Engineering Task Force (IETF), facilitates continuous group key agreement and provides advanced security features such as post-compromise security and robust authentication. Major companies supporting MLS include Amazon Web Services, Wickr, Cisco, Cloudflare, The Matrix.org Foundation, Mozilla, Phoenix R&D, and Wire. However, Apple's iMessage is notably absent from the list.

via The Hacker News|
#end-to-end-encryption#google-messages#interoperability
mobile-security-privacy2 years ago

LetMeSpy Data Breach Exposes Android Users' Personal Information

Android monitoring app LetMeSpy has suffered a major data breach, exposing the personal data of thousands of users. The breach, which occurred on June 21, 2023, allowed unauthorized access to email addresses, telephone numbers, and message content. LetMeSpy has suspended account-related functions and notified law enforcement and data protection authorities. The app, offered by Polish company Radeal, allows users to monitor others' devices and has been used to track over 236,000 phones worldwide, collecting millions of text messages, call logs, and locations. The stolen data includes email addresses, SMS messages, and victim locations, dating back to 2013.

via The Hacker News|
#android#data-breach#letmespy
mobile-security-privacy2 years ago

Beware: Android Malware Stealing WhatsApp Backups and Chats

GravityRAT, a cross-platform malware capable of targeting Windows, Android, and macOS devices, has been found masquerading as messaging apps BingeChat and Chatico in a narrowly targeted campaign since June 2022. The updated version of the Android remote access trojan can exfiltrate WhatsApp backups and receive commands to delete files. The threat actor is suspected to be based in Pakistan, with recent attacks involving GravityRAT targeting military personnel in India and among the Pakistan Air Force by camouflaging it as cloud storage and entertainment apps.

via The Hacker News|
#android-trojan#backups#gravityrat
mobile-security-privacy2 years ago

"WhatsApp Enhances Security with Device Verification Feature"

WhatsApp has introduced a new account verification feature called Device Verification to prevent account takeover attacks by blocking the threat actor's connection and allowing targets of the malware infection to use the app without any interruption. The security measure is designed to help prevent malware running on a user's mobile device from impacting their account. The feature is part of a broader set of new enhancements that are designed to authenticate and verify users' identities, including displaying alerts when there is an attempt to migrate a WhatsApp account from one device to another.

via The Hacker News|
#account-takeover-attacks#authentication#device-verification