Tag Archive for: messenger

Facebook Messenger is testing secure storage for end-to-end encrypted chats

/in


What you need to know

  • Meta is testing secure backups for end-to-end encrypted Messenger chats.
  • Messenger will also make chats E2E encrypted by default for some people.
  • The company is also rolling out more tests on its E2E encrypted messages.

Meta is rolling out a number of tests to make end-to-end encryption a dominant security feature in Facebook Messenger, including secure storage to back up your end-to-end encrypted chat history.

This week, Facebook began testing a secure storage feature that makes it easier to access your Messenger conversation history if you lose your device or want to restore chat history on a new phone. 

Source…

Finland warns of Facebook accounts hijacked via Messenger phishing

/in


Facebook

Finland’s National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims’ friends in Facebook Messenger chats.

In the alert, the NCSC-FI says that all Facebook users who received messages from online acquaintances asking for their phone numbers and a verification number delivered via SMS are the targets of this ongoing scam.

If they provide the information they’re asked for, the attackers will take control of their accounts by changing the password and associated email address.

Once hijacked, the Facebook accounts will target other potential victims from their friend list in similar scams.

“In the attempts, a hacked account is used to send messages with the aim of obtaining the recipients’ telephone numbers and two-factor authentication codes to hijack their Facebook accounts,” the cybersecurity agency explained.

To successfully hijack their targets’ Facebook accounts, the scammers will go through the following steps:

  1. They first send a message from the previously compromised friend’s account via Facebook Messenger.
  2. They ask for the target’s phone number, saying they want to help with registering for an online contest promising prizes of thousands of euros.
  3. The next stage involves asking for a code sent via SMS allegedly sent by the contest’s organizers to confirm the entry.
  4. If the SMS confirmation code is shared with the scammers, they will use it together with the phone number to access and hijack the victim’s Facebook account.
  5. Next, they will change the account password and email address and start forwarding similar scams to the victims’ friends.

“The best way to protect yourself from this scam is to be wary of Facebook messages from all senders, including people you know,” the NCSC-FI advised.

“If the message sender is a friend, you can contact him, for example, by phone and ask if he is aware of this message. This information should not be disclosed to strangers.”

Meta (formerly known as Facebook) has recently filed a federal lawsuit in a California court to disrupt other ongoing phishing attacks targeting Facebook, Messenger, Instagram, and WhatsApp users.

The threat actors behind these…

Source…

Messenger: Missouri has an award-winning cybersecurity team. Why is Parson calling such work a crime? | Tony Messenger

/in


That’s what the news release with the dead link says. I copied and pasted the link into an internet site called the “Wayback Machine,” which captures websites in real time, so that when future links go dead, for whatever reason, the information is still archived. Here’s what it says about why state workers looked at publicly available HTML code at government and private business sites:

“The program identifies high-risk systems that, if left insecure, could lead to disruptions within critical infrastructure or significant data loss, and contacts the owners of the impacted systems to mitigate risks. … The primary business goal of this program is to protect the critical infrastructure belonging to governments, businesses, utilities, and academic institutions across the State of Missouri. Critical infrastructure provides the foundation of many life sustaining services such as healthcare, government, public safety, energy, transportation, communication, food/agriculture, and manufacturing. Keeping these services available around the clock are critical to today’s way of life. A secondary business goal is to safeguard the data belonging to Missouri citizens, students, and customers. Our data lives online as much as we do, and to safeguard it has become essential to prevent identify theft, financial loss, and brand reputation impact.”

This is the same sort of motivation that drives data journalists to check state websites, and, when they find something that could lead to citizens’ personal information being insecure, letting government officials know of the potential weakness. That’s what Renaud found out. He discovered the state’s Department of Elementary and Secondary Education was storing social security numbers of teachers in publicly available HTML code. Then he told the state about it so they could fix the problem.

Source…

Urgent warning to QUIT Facebook Messenger right now on iPhone and Android

/in


A SECURITY update for Facebook Messenger is said to be delayed causing experts to call for users to avoid the app.

Messenger has come under fire for not using end-to-end encryption like WhatsApp, another Facebook owned app.

Messenger isn't yet using end-to-end encrypted

2

Messenger isn’t yet using end-to-end encryptedCredit: Alamy

The delay is related to concerns that encrypting Messenger would lead to child exploitation going unnoticed.

Right now, harmful messages and content in Facebook Messenger chats can be flagged.

Encryption could mean many of these messages go unnoticed.

This has left Facebook in a difficult situation as not fully encrypting chats could be crucial for lawful intervention.

Cyber-security expert Zak Doffman wrote in a Forbes article: “Messenger users reading this should switch their personal chats to WhatsApp (or Signal) and leave Messenger for trivial comms and kids.

“You should certainly not be using it as the default messaging platform if you’re on Android, where switching from the OS default is an option—unlike on iOS.”

However, the expert doesn’t think we need to encrypt all social chatting platforms and agrees that not encrypting does have some positives, including protecting children from predators.

He suggests Messenger could be left so that lawful interception can take place but users should have the option to choose end-to-end encrypted services.

Facebook is still working on its Messenger privacy update amid the backlash.

The tech giant told Forbes: “We’re building strong safety measures that are designed to prevent harm from happening in the first place and give people controls to respond if it does.

“Working together also gives us more information to identify abusive accounts and allows us to introduce safety features behind the scenes like restricting interactions between adults and minors.”

Facebook Messenger chats can help law enforcement uncover child abuse

2

Facebook Messenger chats can help law enforcement uncover child abuseCredit: Getty
Donald Trump CPAC 2021 speech – Former president accuses Facebook of ‘election meddling’ as he blasts big tech

In other news, nine apps have had to be removed from the Google Play Store after they were caught stealing Facebook passwords.

Facebook is facing backlash in the US over plans to create a…

Source…