Alerts

WhatsApp vulnerabilities admin 30 Sep 2022

Two "remote code execution" vulnerabilities affecting WhatsApp could allow attackers to gain complete control of a targeted user's mobile application.

The first vulnerability affects the Video Call Handler component where an attacker can exploit the app during a video call with a targeted user to take complete control of their WhatsApp app.

Versions which are affected by this vulnerability are:

HOAX ALERT: Vaccine Feedback Call WhatsApp Message

BACKGROUND
A WhatsApp message is now making its rounds claiming that phones will get hacked if the victim answers the call and follows the instruction given. The message, believed to originate from India, informs about receiving a call from the number “912250041117” for vaccine feedback and upon pressing 1, the phone will be blocked and hacked.

A press release from the Hyderabad Cybercrime Police Department confirmed that the WhatsApp message is a hoax and have advised recipients of the message to not panic.

213,000 Bruneian Facebook Users' Info Leaked Online

Background

The personal data of over 500 million Facebook users has been posted online in a low-level hacking forum, making it widely accessible to anyone. Researchers have found approximately 213,000 Bruneian records might be exposed to data leakage. The leak includes personal information such as phone numbers, full names, location, email address, birthdates, and biographical information.

Impact

[ALERT] ADVISORY ON HELLO (WICKRME) RANSOMWARE

BACKGROUND

A brand new ransomware variant called .hello ransomware or WickrMe Ransomware uses a Microsoft SharePoint 2019 vulnerability (CVE-2019-0604) to enter the victims’ network. From there, the threat actor leverages Cobalt Strike to pivot to the domain controller and launch ransomware attacks.

.hello (WickrMe) ransomware encrypts files and appends the ".hello" extension. For example, it renames a file named "1.jpg" to "1.jpg.hello", "2.jpg" to "2.jpg.hello", etc.