cybersecurity

5982 readers

6 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

Russian-backed hackers have gained access to Signal and WhatsApp accounts used ‌by officials, military personnel and journalists, as claimed by two intelligence agencies in the Netherlands. (www.reuters.com)

submitted 1 week ago by cm0002@libretechni.ca to c/cybersecurity@infosec.pub

3 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Kissaki@programming.dev 3 points 1 week ago

Classic phishing. Secure channels are only as good as the gate and key handling surrounding them.

For official org-based accounts like that, I could imagine a messaging system where you can only see and share security codes with a second-person factor. If the user wants to access it, at least another authorized trained person must take part, acknowledge, and authorize the action. As long as users can access key information relatively easily, they are phishable.