Security Alerts & News
by Tymoteusz A. Góral

History
#408 Encrypted WhatsApp voice calls frustrate new court-ordered wiretap
The Department of Justice has opened another legal front in the ongoing war over easy-to-use strong encryption.

According to a Saturday report in The New York Times, prosecutors have gone head-to-head with WhatsApp, the messaging app owned by Facebook. Citing anonymous sources, the Times reported that "as recently as this past week," federal officials have been "discussing how to proceed in a continuing criminal investigation in which a federal judge had approved a wiretap, but
#407 Windows 10 upgrade reportedly starting automatically on sindows 7 PCs
A post on reddit that has received quite a lot of attention in the last few hours reveals that “Windows 7 computers are being reported as automatically starting the Windows 10 upgrade without permission,” with several users confirming in the comment section that this is indeed the case.
#406 Marriott must pay $600,000 for blocking personal WiFi hotspots
Marriott International has to pay $600,000 following a probe into whether it intentionally blocked personal Wi-Fi hotspots in order to force customers to use its own very pricey service.
#405 600,000 TFTP servers can be abused for reflection DDoS attacks
Reflection DDoS attacks, also known as R-DDoS, DRDoS, or Distributed Reflective Denial of Service attacks, are a more dangerous version of regular DDoS attacks.

Reflection DDoS attacks rely on an attacker sending traffic to an intermediary point with a bad return address (the victim's IP). By crafting malformed network traffic packets, and abusing flaws in a protocol or server setup, this traffic is then sent to the return address (the victim's IP) multiple times over. The number of times a p
#404 Critical bug in libotr could open users of ChatSecure, Adium, Pidgin to compromise
A vulnerability in “libotr,” the C code implementation of the Off-the-Record (OTR) protocol that is used in many secure instant messengers such as ChatSecure, Pidgin, Adium and Kopete, could be exploited by attackers to crash an app using libotr or execute remote code on the user’s machine.
#403 Skype co-founder launches end-to-end encrypted 'Wire' app
A group of former Skype, Apple and Microsoft employees, backed by Skype’s co-founder Janus Friis, created a Skype alternative called “Wire” back in 2014, which wasn’t end-to-end encrypted at the time. The team announced that the latest version of the app brings open source end-to-end encryption from everything to chats to video calls, as well as multi-device end-to-end encryption.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12