Join our subscribers
Serious vulnerabilities found in WhatsApp, Cisco devices
Tuesday, May 14, 2019
A representative of WhatsApp told the news site Ars Technica that its researchers discovered the vulnerability earlier this month while making security improvements. Ars also said it was told that a “‘select number of users were targeted through this vulnerability by an advanced cyber actor. The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems.”
Officials from several security vendors were quick to comment on the news. “The mere fact that such a vulnerability can be exploited remotely in a default configuration is extremely critical and alarming,” said Ilia Kolochenko, CEO and chief architect at ImmuniWeb. “It is an unprecedented security flaw in terms of its potential to run high-profile targeted attacks. WhatsApp is so popular that virtually everyone is a potential victim. Worse, today, access to someone’s smartphone likely provides access to much more sensitive information than access to a computer for example. The ability to track the victim in real time, to listen to a device’s microphone and read instant communications are all a golden-mine for cybercriminals.
“Rumors about such security flaws were circulating since a while already, but few people took them seriously. All corporate users of WhatsApp should urgently launch forensics on their mobile devices to verify whether they were compromised and backdoored.” Read Full Article
Help Net Security: WhatsApp flaw used to install spyware by simply calling the target
Mirror Online: WhatsApp warning: Here's how to protect yourself from dangerous SPYWARE attack
