Security

WhatsApp CEO Will Cathcart said senior government officials of US allies, including some in national-security roles, were targets of Pegasus phone malware in 2019.

Cathcart's statements, which were featured in an interview by The Guardian on Sunday, followed reports last week from the Pegasus Project, a consortium that included The Guardian, The Washington Post, and Amnesty International.

Researchers Zhi Wang, Chaoge Liu, and Xiang Cui published a paper last Monday demonstrating a new technique for slipping malware past automated detection tools—in this case, by hiding it inside a neural network.

China state hackers are compromising large numbers of home and office routers for use in a vast and ongoing attack against organizations in France, authorities from that county said.

Security researchers have discovered a specific single bit (Trap Flag) in the Intel CPU register that malware can abuse to evade sandbox detection.

According to researchers at Palo Alto Networks’ Unit 42 threat research group, malware can detect whether it is executing in a physical or virtual machine (VM) by monitoring the response of the CPU after setting this single bit.

Barely a couple of days have passed since the revelation of the infamous Pegasus spyware being used to snoop on journalists and politicians in several countries. Now, there’s a tool from Amnesty International to check if your phone has been infected with it. Impressive and alarming all at once.

Researchers from the University of London's Royal Holloway have discovered several flaws in the MTProto protocol used by the popular encrypted messaging app Telegram.

While end-to-end encryption (E2EE) is available in one-on-one chats, the MTProto protocol is used in the service's group chats (also known as cloud chats) as well as when users don't opt-in for E2EE. MTProto is Telegram's version of transport level security (TLS) which is used to secure data in transit and to protect users from man-in-the middle attacks.

The world woke up on Tuesday to two new vulnerabilities—one in Windows and the other in Linux—that allow hackers with a toehold in a vulnerable system to bypass OS security restrictions and access sensitive resources.

Over the weekend, an international consortium of news outlets reported that several authoritarian governments — including Mexico, Morocco and the United Arab Emirates — used spyware developed by NSO Group to hack into the phones of thousands of their most vocal critics, including journalists, activists, politicians and business executives.

The Pentagon sees artificial intelligence as a way to outfox, outmaneuver, and dominate future adversaries. But the brittle nature of AI means that without due care, the technology could perhaps hand enemies a new way to attack.

Smartphones belonging to more than three dozen journalists, human rights activists, and business executives have been infected with powerful spyware that an Israeli firm sells, purportedly to catch terrorists and criminals, The Washington Post and other publications reported.