Last week cyber news
1. Your smartphone is like a tiny computer in your pocket. It contains many important things, like your photos, messages, and money. Therefore, protecting it from attackers who want to steal your information is super important. Let’s go over some steps you can take to protect your phone:
- Strong locks (biometric is recommended)
- Regular security updates
- Be aware of phishing attempts via email or SMS
- Connect to secure WIFI (preferably not public/free networks)
- Review the permissions granted to apps
- Don’t jailbreak or root your phone
- Backup your data
2. The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against the popular video-sharing platform TikTok for “flagrantly violating” children’s privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service. They also accused it of illegally collecting and retaining a wide variety of personal information from these children without notifying or obtaining consent from their parents, in contravention of the Children’s Online Privacy Protection Act (COPPA).
3. Meta will pay the State of Texas a fine of $1.4 billion after collecting users’ biometric data without explicit consent. The lawsuit against Meta followed the release of a feature in 2012 for Facebook that allowed users to be tagged in photos more quickly (Tag suggestion). To implement this feature, the company scanned and identified the faces of everyone appearing in users’ photos and stored this data on its servers. All of this was done without informing the user and obtaining their consent. These actions violate Texas law concerning collecting and storing biometric information, which led to a lawsuit being filed against the company in 2022.
WhatsApp for Windows operating
The latest version of WhatsApp for Windows operating systems allows Python and PHP files to run without prior warning to the user.
Security researchers have found that while WhatsApp prevents the direct opening of EXE, BAT, DLL, and similar files, it does not do so for Python and PHP files, allowing them to run without any warning. Typically, when someone sends you an EXE file on WhatsApp, you are given the option to save the file or open it directly from the app (Save or Open). Attempting to open the file results in an error message since WhatsApp does not allow such files to be opened directly from the app. The user must save the file locally on their computer and then run it.
In an investigation conducted by BleepingComputer together with another cybersecurity researcher, it was found that WhatsApp operates differently with Python and PHP files. When a user receives a file of this type and clicks on Open, WhatsApp executes the file directly from the app, effectively running the code in the file. The researcher who identified the vulnerability with Python files contacted WhatsApp at the beginning of June, but the issue has not been addressed. In response to BleepingComputer’s inquiry on the matter, a WhatsApp spokesperson provided the following answer:
“We’ve read what the researcher has proposed and appreciate their submission. Malware can take many different forms, including through downloadable files meant to trick a user.”
“It’s why we warn users to never click on or open a file from somebody they don’t know, regardless of how they received it — whether over WhatsApp or any other app.”
The BleepingComputer website continued testing and discovered that PHP files can also be run directly from the app without any warning or error appearing to the user. The website sent a message to WhatsApp about the issue but has not received a response so far. Note that for executable files to run on the computer, the appropriate software must be installed (e.g., Python), meaning the target audience could be developers and the like.
What is the risk?
A developer receives a file from a colleague or a friend whose account has been hacked by an attacker. They open the file through the WhatsApp application and inadvertently run malicious code on their machine.
What should you do? It is recommended not to open files with the following extensions in the WhatsApp app for Windows:
.PYZ (Python ZIP app)
.PYZW (PyInstaller program)
.EVTX (Windows event Log file)
.PHP
