U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

WhatsApp made available end-to-end encrypted chat backups

WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats. WhatsApp is rolling out end-to-end encrypted chat backups on both iOS and Android devices, the move aims at implementing an optional layer of security to protect backups stored on Google Drive or iCloud cloud storage. Currently, WhatsApp […]

WhatsApp E2EE

WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats.

WhatsApp is rolling out end-to-end encrypted chat backups on both iOS and Android devices, the move aims at implementing an optional layer of security to protect backups stored on Google Drive or iCloud cloud storage.

Currently, WhatsApp allows users to backup their chats on cloud storage services, but these backups are not end-to-end encrypted. An attacker carrying out a SIM swapping attack could theoretically access the conversations in the backups.

If the attacker installs the popular messaging app on a new device, the app will restore the chat backup available on the storage.

The implementation of the new feature will allow to secure this process by introducing end-to-end encryption of user chat backups. Users will be able to choose a 64-digit password to protect the backup that will allow them to restore backups in future installations.

WhatsApp E2EE

“You can now secure your end-to-end encrypted backup with either a password of your choice or a 64-digit encryption key that only you know. Neither WhatsApp nor your backup service provider will be able to read your backups or access the key required to unlock it. ” reads the announcement published by WhatsApp.

The feature will be initially available only to the users with the latest version of WhatsApp.

Users for which the feature will be available can enable it following this procedure:

  1. Open WhatsApp.
  2. Open Settings.
  3. Tap Chats > Chat Backup > End-to-end Encrypted Backup.
  4. Tap Continue, then follow the prompts and enter a password or key when asked.
  5. Tap Done, and wait for WhatsApp to prepare your end-to-end encrypted backup. While creating an encrypted backup, the app may prompt you to connect your device to power.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, end-to-end encrypted chat backups)

[adrotate banner=”5″]

[adrotate banner=”13″]