https://community.isc2.org/t5/Industry-News/Whatsapp-Web-browser-quoting-hack/m-p/26641#M3347 <P>Check Point Research has demonstrated a way to <A href="https://9to5mac.com/2019/08/08/whatsapp-security-flaws/" target="_blank" rel="noopener">mess with Whatsapp</A>, particularly in group chats.</P><P>&nbsp;</P><P>The attack mostly seems to involve the function to quote and forward messages, and involves editing, possibly entirely, the messages quoted, without the original sender's knowledge.</P><P>&nbsp;</P><P>The exploit is pretty convoluted, and seems to rely on the process of setting up Whatsapp in a Web browser window for some sessions.&nbsp; Therefore, it probably isn't too dangerous, as long as people know about it.&nbsp; What is more concerning, however, is that Facebook seems to think the problem is inherently unfixable, and therefore does not even intend to try.</P> Fri, 09 Aug 2019 16:43:34 GMT rslade 2019-08-09T16:43:34Z https://community.isc2.org/t5/Industry-News/Whatsapp-Web-browser-quoting-hack/m-p/26641#M3347 <P>Check Point Research has demonstrated a way to <A href="https://9to5mac.com/2019/08/08/whatsapp-security-flaws/" target="_blank" rel="noopener">mess with Whatsapp</A>, particularly in group chats.</P><P>&nbsp;</P><P>The attack mostly seems to involve the function to quote and forward messages, and involves editing, possibly entirely, the messages quoted, without the original sender's knowledge.</P><P>&nbsp;</P><P>The exploit is pretty convoluted, and seems to rely on the process of setting up Whatsapp in a Web browser window for some sessions.&nbsp; Therefore, it probably isn't too dangerous, as long as people know about it.&nbsp; What is more concerning, however, is that Facebook seems to think the problem is inherently unfixable, and therefore does not even intend to try.</P> Fri, 09 Aug 2019 16:43:34 GMT https://community.isc2.org/t5/Industry-News/Whatsapp-Web-browser-quoting-hack/m-p/26641#M3347 rslade 2019-08-09T16:43:34Z https://community.isc2.org/t5/Industry-News/Whatsapp-Web-browser-quoting-hack/m-p/26722#M3356 <P>&nbsp;</P><P>That's interesting --- and scary. When I use my personal WhatsApp account, it's primarily to share humorous posts, &amp; for anything important, I revert to calling the other party, so there's a lower chance of this creating havoc...</P><P>&nbsp;</P><P>However, on the corporate side I've seen parties in the IT departments use WhatsApp groups to communicate with one another, so there's a potential for greater impact...</P><P>&nbsp;</P><P>&nbsp;</P> Mon, 12 Aug 2019 07:51:19 GMT https://community.isc2.org/t5/Industry-News/Whatsapp-Web-browser-quoting-hack/m-p/26722#M3356 Shannon 2019-08-12T07:51:19Z