Cyber Security News (17th May 2018)

  1. Another severe flaw in Signal desktop app lets hackers steal your chats in plaintext

Using Signal, you can communicate instantly while avoiding SMS fees, create groups so that you can chat in real time with all your friends at once, and share media or attachments all with complete privacy. According to the latest news published by hacker news, another vulnerability Discovered on Monday by the same team of security researchers, the newly discovered vulnerability poses the same threat as the previous one, allowing remote attackers to inject malicious code on the recipients’ Signal desktop app just by sending them a message without requiring any user interaction. To exploit this newly patched bug, an attacker needs to send a malicious HTML/javascript code as a message to the victim, and then quote/reply to that same message with any random text. If the victim receives this quoted message containing the malicious payload on its vulnerable Signal desktop app, it will automatically execute the payload, without requiring any user interaction. Successful exploitation could allowing remote attackers to easily get the hold on users’ plain-text conversations without breaking the encryption.

Cyber Security Tips: Users are strongly recommended that you should immediately update your Signal for desktop as soon as possible.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: