Israeli cybersecurity firm Check Point Software Technologies has announced the acquisition of threat intelligence company Cyberint, marking its third startup acquisition in a year.
Cyware News – Latest Cyber News – Read More
Lumen researchers identified the bug and reported it to Versa in June, with active exploitation by Volt Typhoon observed since at least June. The attackers use a Web shell called VersaMem to capture credentials and monitor system activity.
Cyware News – Latest Cyber News – Read More
Check Point says the acquisition will enhance its own SOC capabilities and expand its managed threat intelligence offerings.
The post Check Point to Acquire External Cyber Risk Management Firm Cyberint appeared first on SecurityWeek.
SecurityWeek – Read More
Threat actors delivered malware via instant messaging applications, including a malicious Pidgin plugin and an unofficial Signal fork.
The post Malware Delivered via Malicious Pidgin Plugin, Signal Fork appeared first on SecurityWeek.
SecurityWeek – Read More
Web3’s growth demands strong infrastructure. Discover how decentralized security, verified data, and distributed AI are revolutionizing the industry.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The GuidePoint Research and Intelligence Team (GRIT) discovered attacker domain names and IP addresses targeting over 130 US organizations through a campaign that begins by stealing credentials and passcodes using social engineering tactics.
Cyware News – Latest Cyber News – Read More
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections.
“The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since its
The Hacker News – Read More
Runa Sandvik is an inaugural member of CISA’s Technical Advisory Council and the Aspen Institute’s Global Cybersecurity Group, and a board member of the Signals Network. But she is so much more.
The post Rising Tides: Runa Sandvik on Creating Work that Makes a Difference appeared first on SecurityWeek.
SecurityWeek – Read More
At the time of writing, Pavel Durov has been charged in France, but hasn’t appeared in court yet. How things will pan out in court remains very unclear, but in the meantime scammers are already exploiting the massive attention and panic surrounding Telegram, while much dubious advice on social media is circulating regarding what to do now with the app. Our two-cents in a nutshell: Telegram users should remain calm, and act depending only on the facts as they currently stand. Now for what we can recommend today in detail…
Put simply, most chats on Telegram cannot be considered confidential — and this has always been the case. If you’ve been exchanging sensitive information on Telegram without using secret chats, consider it compromised. Move your private communications to another messenger following these recommendations.
Many news outlets suggest that the main complaint against Durov and Telegram is their refusal to cooperate with the French authorities and provide the “keys to Telegram”. Supposedly, Durov possesses some kind of cryptographic keys, which can be used to read users’ messages. In fact, few people really know how the Telegram server is structured, but from the available information, it is known that the bulk of correspondence is stored on servers in minimally encrypted form — that is, the decryption keys are stored within the same Telegram infrastructure. The creators claim that chats are stored in one country, while keys are stored in another, but considering that all the servers communicate with each other, it’s not clear how effective this security measure is in practice. It would help if the servers were confiscated in one country, but that’s about it. End-to-end encryption, which is standard in other messengers (WhatsApp, Signal and even Viber), is called “secret chat” in Telegram. It’s somewhat hidden in the depths of the interface and needs to be manually activated for selected personal chats. All group chats, channels, and standard personal correspondence lack end-to-end encryption and can be read at least on Telegram servers. Moreover, for both secret chats and everything else, Telegram uses its own non-standard protocol — MTProto — which has been found to contain serious cryptographic vulnerabilities. Therefore, Telegram correspondence can theoretically be read by:
Telegram server administrators
Hackers who’ve successfully breached Telegram servers and installed spyware
Third parties with some kind of access granted by Telegram administrators
A third party that has discovered cryptographic vulnerabilities in Telegram protocols and can read (selectively or in full) at least non-secret chats by intercepting the traffic of some users
Some categories of users have been advised to delete old chats in Telegram, such as work-related ones. This advice seems questionable, because in databases (where correspondence is stored on the server), entries are rarely actually deleted; they’re simply marked as such. Moreover, like any major IT infrastructure, Telegram likely implements a robust data backup system, meaning “deleted” messages will be kept at least in database backups. It may be more effective for both chat participants (or group admins) to completely delete the chat. However, the issue of backups would still remain.
A number of observers have expressed concerns that Telegram could be removed from app stores, blocked, or otherwise disrupted. While this seems unlikely, backing up important correspondence, photos and documents is still good practice in digital hygiene.
To save a backup of important personal correspondence, you need to install Telegram on your computer (official client here), log into your account, and then navigate to Settings → Advanced → Export Telegram data.
In the pop-up window, you can select the data you want to export (personal chats, group chats — with or without photos and videos), set download size limits, and choose the data format — HTML, which can be viewed in any browser, or JSON for automated processing by third-party apps.
Downloading the data to your computer could take several hours and may require dozens or even hundreds of gigabytes of free space, depending on how much you use Telegram and the export settings. You can close the export window, but be sure not to exit the app itself or disconnect your computer from the internet or the mains. We recommend only using the backup feature in the official client.
First, let’s look at iOS. The folks at Cupertino don’t remove apps from users’ smartphones — even if apps are removed from the App Store, so any advice about stopping Telegram being deleted from iPhones is bogus. Moreover, a popular method for “Telegram deletion prevention” circulating online — that using the Screen Time menu — doesn’t prevent Apple from deleting apps; it only prevents certain users (e.g., children) from deleting apps themselves: as such it’s a parental control feature. And there’s more: Durov’s arrest has revived the old false claim about Telegram being removed remotely from iPhones, which both Apple and Telegram officially denied back in 2021.
As for Android, Google also doesn’t typically delete apps — except when it’s 100% malicious software. True, such guarantees don’t apply to all holders of other ecosystems (Samsung, Xiaomi and so on), but on Android it’s easy to install Telegram directly from the Telegram website.
There are unofficial but still functional and legal clients for Telegram, and even an “official alternative client” — Telegram X. These clients all use the Telegram API, but it’s unclear whether they provide any additional benefits or increased security. The top five alternative clients on Google Play each talk about “improved security” – but only refer to features like hiding chats on a device.
Of course, you may end up downloading malware disguised as an alternative Telegram client — scammers don’t miss an opportunity to exploit the app’s popularity. If you’re considering alternative clients, follow these safety guidelines:
Download them only from official app stores.
Make sure the app has been around for a while, and has high ratings and a large number of downloads.
Use reliable antivirus protection across all platforms such as Kaspersky Premium.
This isn’t directly related to Telegram chats, but it’s important to beware also of scammers posing as those raising funds for Pavel Durov’s legal defense (like, he really needs the cash), while actually aiming to steal payment information or cryptocurrency donations. Treat such requests with extreme suspicion, and verify whether the alleged organization really exists and really is conducting such a campaign. For more on charity scams, check out our dedicated article.
Kaspersky official blog – Read More
LLM automation tools and vector databases can be rife with sensitive data — and vulnerable to pilfering.
darkreading – Read More
