Facebook-owned WhatsApp is the latest to become a victim of today’s online security black hole. While no organizations big or small are safe from potential attacks, the messaging service has long been touted as a safe place to send fully encrypted messages, and is a top choice for users in nations across the globe when it comes to messaging and chat.
That all changed earlier this month when news was released that the application had been compromised. The company is urging its 1.5B users worldwide to now update the applications on their devices as a precaution.
Here’s What We Know
Israeli company NSO’s Pegasus spyware created the vulnerability, which essentially installed malware on devices that could spy on everything from messages, to activating the microphone and even logging keystrokes. Facebook confirmed the malware installation could happen on any operating system and didn’t require a target to click a phishing link to install it. A simple phone call to the device could begin the attack.
The company is yet to determine exactly who was the main target for these attacks and how many people were affected but does believe it was a very targeted attack at a specific group.
Its programs are typically used by government groups to fight crimes and terrorism.
In an advisory submitted to security specialists, the company described the vulnerability as being, “a buffer overflow vulnerability in WhatsApp VOIP stack permitted remote code execution via specially crafted series of SRTCP packets which were sent to target phone number.”
The company included a patch in its latest version so it’s vital all users update to the latest version to eliminate the chances of a breach.
For the every-day user, end-to-end encryption for chat and messaging are still the best route when it comes to having secure conversations - so don’t go deleting the app just yet. However, this is a good reminder to keep your operating systems updated and to download the latest patches and versions for any software you run to ensure the best protection.
Antivirus software is not enough. Apex Technology Services used its decades of IT and cybersecurity
experience to create budget-friendly network security packages every company needs.
Please take a moment to fill out your information so we can contact you directly regarding your request.
Generative AI Expo is the starting point for you research the countless potentially game-changing pillars that may solidify generative AI as THE indis…
A machine learning model is a mathematical representation of a system or process that is trained to make predictions or decisions based on data. It is…
Continuous deployment (CD) is a software development practice where code changes are automatically built, tested, and deployed to production without h…
A master data management (MDM) platform is invaluable for any business. By centralizing data into one cohesive system, companies can improve their ope…
An SBOM, or software bill of materials, is a list of all the components and dependencies that make up a piece of software. This can include things lik…