CyberTech

Level 23
Verified
The big picture: Many of us use our phones without living in constant fear that our personal data could be stolen, but a new report should be a big eye opener for many, including big tech. The claims goes that an authentication technique that is used on almost any big cloud service can easily be bypassed by a tool designed by an Israeli company surrounded by controversies related to its ethics.

Earlier this year, news broke that a vulnerability in WhatsApp allowed a spyware tool to be injected into phones with a simple call that wouldn't need to be answered and also wouldn't leave any trace. The software was architected by a secretive Israeli firm called NSO Group, who is also behind the infamous Pegasus spyware, with a history of selling this kind of tools to governments and intelligence agencies.
More information
 

Threadripper

Level 8
This isn't the first WhatsApp vulnerability which has given attackers so much access, way too suspicious for my liking, and to think that people use this heavily obfuscated, closed source instant messenger for "security" reasons which collects so much metadata and a privacy policy allowing data sharing to and from Facebook.
 
  • Like
Reactions: oldschool