WhatsApp Registration Notifications shows support for multiple devices coming soon,

Earlier this week we reported that the WhatsApp is working on a multiple-device support feature. Looks like the Facebook-owned messaging platform has already taken the first step for it. WhatsApp starts rolling out a new feature called Registration Notifications to the iPhone users. What is the Registration Notifications feature?

As the name suggests the Registration Notifications feature alerts WhatsApp users if someone else tries to log in to their account. WhatsApp has started rolling out this privacy feature to iPhone users. We at India Today Tech tried this feature and it worked for us. We switched from Google Pixel to iPhone and received the Registration Notifications message that notes “WhatsApp registration code was requested for your phone number”. This means whether you switch from Android phone to iPhone or iPhone to iPhone this feature will work. But for now it will not work with Android.

“To protect your account, WhatsApp will send you a push notification when someone tries to register a WhatsApp account with your phone number. To keep your account safe, don’t share your verification code with others,” WhatsApp notes in an official blog post.

The Registration Notifications will help users protect their WhatsApp accounts from all kinds of malicious activities. With this feature enable the users will get notified if someone tries to log in to their WhatsApp account. This feature will also allow users to use their WhatsApp account on two phones at a time.

As noted, currently the feature is available for iPhones users and we expect it will be rolled out to Android phone users very soon.

How does the Registration Notifications feature works?

–If someone is trying to use your phone number to login to WhatsApp account you’ll get a notification stating “WhatsApp registration code was requested for your phone number”.

–If it’s you the notification can be accepted but id it’s someone else ignore.

–Without the registration come no one can log in to your WhatsApp account. So, don’t share the code with anyone.

In the blogpost, WhatsApp notes that it “doesn’t have sufficient information to identify the individual who is attempting to verify your WhatsApp account.” The messaging platform further said, “WhatsApp is end-to-end encrypted and messages are stored on your device, so someone accessing your account on another device can’t read your past conversations.”

iPhone users should have already received the feature. If not, iPhone users must head to the App store and update the WhatsApp app to the latest version. The Registration Notifications feature should come to Android users soon.

Source: www.indiatoday.in

Google Pay to soon let users check bank accounts on app

Alphabet Inc’s Google said on Wednesday it will offer personal checking accounts next year through its Google Pay app, initially in partnership with Citigroup Inc and a small credit union at Stanford University.

The project, codenamed Cache, comes as rivals Facebook Inc and Apple Inc are expanding their own efforts in consumer finance, a broad area that ranges from digital payment apps to bank accounts, brokerage accounts and loans, and which offer Silicon Valley new sources of revenue and new opportunities to strengthen ties with users.

“We’re exploring how we can partner with banks and credit unions in the U.S. to offer smart checking accounts through Google Pay, helping their customers benefit from useful insights and budgeting tools, while keeping their money in an FDIC or NCUA-insured account,” Ewer said in a statement, referring by acronym to two U.S. agencies that insure deposits.

The move has given Sengupta oversight of several thousand workers worldwide, including those who maintain tools to help Google charge its advertisers and app store users.

Former Google Pay employees said the company faces a massive challenge gaining users for payment tools in locations such as the United States that have robust financial products already. High interest rates on deposits or major loyalty perks could become important incentives for Google to draw consumers, the former employees said.

On Tuesday, Facebook launched a unified payment service through which users across its platforms can make payments without exiting the app, named Facebook Pay.

The effort is separate from Facebook’s plan to launch its Libra cryptocurrency, which has met with skepticism from U.S., European and Australian regulators concerned about the risk of money laundering and the security of transactions and user data.

Source: www.hindustantimes.com

Facebook will now let you turn off notification dots in its mobile app

Facebook is making a wonderful change to its mobile app to ease the pain on our notification-riddled brains: the company is rolling out the ability to turn off notification dots for some icons on the shortcuts bar and will even let you remove some of those shortcuts entirely. The new feature was reported on by TechCrunch.

I tested it on iOS, and hiding notification dots is pretty easy to do. Just tap and hold on an icon on the shortcuts bar, and a menu will pop up that gives you the choice to remove that icon from the bar or turn off the attention-grabbing red dots for it:

You can also manage what’s on your shortcut bar by tapping the hamburger menu icon > Settings & Privacy > Settings > Shortcuts. I was able to hide the icons and notification dots for Watch, Profile, and Groups, and TechCrunch reports you can do so for Marketplace, Events, and Dating as well.

Facebook confirmed to TechCrunch that this has rolled out to most iOS users and that Android users will be getting it in the next few weeks.

Source: www.theverge.com

Just like WhatsApp, chats on Telegram and Signal are also vulnerable to hackers

Facebook-owned WhatsApp is the leader among chat apps having 1.5 billion global users with 400 million of them in India. Russia-headquartered Telegram has 200 million users globally, while Signal has more than 10 million (according to Google Play Store downloads). Both Telegram and Signal record a spike in users whenever there is a security breach or global outage with WhatsApp.

Unlike WhatsApp and Apple iMessage, Telegram conversations aren’t encrypted end-to-end by default. Instead, you have to select the “Secret Chat” feature for an extra layer of security. But even that does not ensure a safety net.

A recent research paper from Massachusetts Institute of Technology (MIT) listed striking flaws in Telegram — founded in 2013 by brothers Nikolai and Pavel Durov. Telegram uses its own proprietary messaging protocol called “MTProto”, which lacks scrutiny from outside cryptographers.

Telegram follows a conventional approach of using a Cloud storage for its data.

“This means that if an adversary is able to gain control of their server system, they will have access to (at least) unencrypted messages and definitely to all the metadata,” wrote MIT researchers Hayk Saribekyan and Akaki Margvelashvili.

Telegram initially asks for the contact list from the phone/desktop and stores them in their servers.

“This provides huge social network information for them that can either be attacked on their servers or can be possibly sold to different authorities without users’ consent,” the researchers added.

The truth is: There will always be loopholes for governments, nation-state bad actors or individual hackers to snoop on you.

“Viruses like Pegasus affect the operating system of the mobile phone and the security provided by these messaging apps is rendered ineffective,” said Virag Gupta, a lawyer who is arguing the case in Supreme Court for data localisation in India.

Source: www.livemint.com

Chrome was hiding another major zero-day flaw

Users of Google Chrome have been warned to watch their security protection following the uncovering of a new zero-day in the popular browser.

Security researchers from Kaspersky have detected a new vulnerability that can hijack a user’s browser to inject malware that could lead to their entire system being put at risk.

The attack used a waterhole-style exploit to inject malicious JavaScript code into the Chrome main page. This then uses a profiling script to analyse the victim’s system and user credentials to see if version 65 or later of Chrome is installed.

The researchers say that the attack, which it named Operation WizardOpium, bears a number of similarities to the hugely damaging Lazarus attacks which swept the globe last year.

“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” said Anton Ivanov, a security expert at Kaspersky.

Kaspersky says it has informed Google of its findings, and a patch has been released. The company is urging users to install the patch as soon as possible and ensure their security software remains updated to the latest version.

Source: www.techradar.com

WhatsApp finally rolls out new group privacy settings for users.

After being in news reports for some time and under beta tests for a really long time, WhatsApp’s much-needed group privacy feature has gone official. The company has announced the rollout of a new privacy setting and invite system to help you decide who can add you to random WhatsApp groups.

The chat app is basically giving you more power in your hand in terms of who can you add you to WhatsApp groups. The move to introduce this new feature is understandable as WhatsApp’s group feature as annoying as much as it has been helpful. The chat app until now gave no control over who can add you to any WhatsApp group. Basically, anyone from your contact list could add you to any group. But this was all the story until today. From now on the picture changes as chat app has added better controls in the app now.

“One of the pieces of feedback we’ve heard is that people want more control over who can add them to groups. This helps prevent people from getting unwanted messages including viral information that can spread through groups. Today, we are introducing a new setting and invite system that will further empower users to have more control over the group messages they receive,” the company said in a statement.

The new group privacy controls include three options for who can add you to a group. These options are- Everyone, My Contacts, or My Contacts Except. My Contacts means only users you have in your address book can add you to groups and My Contacts Except provides additional control for who among your contacts can add you to a group.

In those cases, an admin who can’t add you to a group will be prompted to send a private invite through an individual chat, giving you the choice of joining the group. This invite expires in three days.

Note that the new feature is being launched from today and in the coming days it will be available to all the users across the world who are using the new version of WhatsApp.

Source: www.indiatoday.in

Zero-day vulnerability found in Google Chrome web browser

A new exploited vulnerability in Google Chrome web browser called “CVE-2019-13720”, which is a zero-day vulnerability, has been spotted by Russian cybersecurity firm Kaspersky. The firm has reported it to Google and a patch has been released.

Zero-day vulnerabilities are essentially previously unknown software bugs that can be exploited by attackers to inflict serious and unexpected damage. 

The detected exploit was used in what the cybersecurity firm calls ‘Operation WizardOpium’. 

Certain similarities in the code point to a possible link between this campaign and Lazarus attacks.

“The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors,” Anton Ivanov, Security Expert at Kaspersky, said in a statement.

The new exploit is used in attacks that leverage a waterhole-style injection in a Korean-language news portal. 

A malicious JavaScript code is inserted in the main page, which in turn, loads a profiling script from a remote site to further check if the victim’s system could be infected by examining versions of the browser’s user credentials.

The vulnerability tries to exploit the bug through the Google Chrome browser and the script checks if version 65 or later is being used. 

The exploit gives an attacker a Use-After-Free (UAF) condition, which is very dangerous because it can lead to code execution scenarios.

Source: www.thenewsminute.com


Microsoft has separate apps for Excel, Word and PowerPoint on Android, but it looks like the tech giant is planning to launch a new Microsoft Office app for Android that combines all three, namely, Word, Excel and PowerPoint into one app. Users will also be able to sign and scan PDF files easily using the app

As you can expect, the Microsoft Office Beta for Android allows users to create, edit and work in groups on the same document in real-time. It enables you to easily access recent and frequently used Word, Excel, and PowerPoint files stored in the cloud or on your device. One can search for documents stored on the cloud, on the phone or on the organization’s network (if using a work account).

Further, Microsoft Office Beta for Android lets you take a picture of a document and turn it into an editable Word file. It converts images of tables into Excel spreadsheets so you can work with data quickly. Users can quickly create PDFs from photos or documents of Word, Excel and PowerPoint and sign PDF files with their fingers. 

Microsoft Office Beta app also lets users create quick notes using Sticky Notes. It helps to easily move files between your phone and computer or share instantly with surrounding mobile devices. Users can also scan the QR code to open the file and link.

As of now, the Microsoft Office Beta for Android is down on the Google Play Store. However, you can download the APK from here and sideload it manually. It might be buggy at first since it’s still early access but It could be made available to download on the Play Store soon.

Source: www.digit.in

Facebook to offer end-to-end encrypted audio, video calls in Messenger soon

Facebook introduced Secret Conversation in Messenger back in 2016. The Secret Conversation feature enabled users to share end-to-end encrypted text messages with other users on the company’s messaging platform. Now, nearly three-and-a-half years later the social media giant is planning to extend this feature to other forms of communication on Messenger.

Simply said, Facebook is planning to extend Secret Conversation’s end-to-end encryption on to audio and video calls.

The report comes as a courtesy of Jane Manchun Wong, who shared a screenshot of the unreleased feature on Twitter. The screenshot shared by Wong states that all calls made over Secret Conversations would be “end-to-end encrypted across all your active mobile devices”. This means that when released, this feature would prevent hackers and even Facebook to snoop in users’ private conversations.

That said, this feature is still in the developmental phase and Facebook hasn’t confirmed anything about it either. This means that it would some time before Messenger users are able to enjoy a fully encrypted conversation on Facebook’s platform.

Notably, the report of Facebook working on a feature that expands the scope of encryption on its platforms seems to be in sync with the company’s plan of provide strong protection across all its services. Earlier this year, Facebook chief executive officer Mark Zuckerberg had announced the company’s plans of introducing end-to-end encryption across all its platforms which includes Instagram. WhatsApp already uses E2E encryption technique for all conversations on its platform.

“People’s private communications should be secure. End-to-end encryption prevents anyone — including us — from seeing what people share on our services….At the same time, there are real safety concerns to address before we can implement end-to-end encryption across all of our messaging services,” Zuckerberg had written in a long blog post outlining Facebook’s ‘privacy focused vision’.

Source: www.indiatoday.in

WhatsApp for Android now supports fingerprint unlock

 WhatsApp is the most popular messaging platform on the planet, which means people are using it for all sorts of purposes. In August, WhatsApp started working on a feature for people who wish to put the app behind an extra layer of security. Now, Fingerprint Unlock is ready for primetime and available in the latest stable build.

Fingerprint Unlock was first introduced in beta build version 2.19.221. The feature allows WhatsApp to require a fingerprint before it can be opened. It uses the same fingerprint that you use to unlock your phone. So if someone is able to get into your phone through other methods, at least they won’t be able to open the app and go through your private conversations.

The feature comes with a number of options as well. You can set WhatsApp to automatically lock immediately upon closing, after 1 minute, or after 30 minutes. This is handy if you don’t want to be scanning your fingerprint every single time you open the app. There is also the option to still content to be displayed in notifications if you don’t need to totally lock down the app. To set it up, got to Settings > Account > Privacy > Fingerprint lock.

Source : www.xda-developers.com