An analysis of WeChat's network protocol MMTLS finds that it is a modified version of TLS 1.3 and WeChat developers' changes to its cryptography add weaknesses
Key contributions — We performed the first public analysis of the security and privacy properties of MMTLS … X: @citizenlab , @thegrugq , @jsrailton , and @citizenlab X: @citizenlab : WeChat messages...
Research details how vulnerabilities in signaling protocols used by mobile network operators for international roaming can be exploited to geolocate devices
Gary Miller / The Citizen Lab :
An analysis of WeChat's tracking ecosystem using reverse engineering: the app records and tracks user behavior when executing Mini Programs, a privacy risk
The Citizen Lab : Twitter: @citizenlab Twitter: @citizenlab : 🚨NEW REPORT Should We Chat? Privacy in the WeChat Ecosystem. Report by @m0namon @2Pellaeon and Jeffrey Knockel finds #WeChat records user...
Investigation finds 65+ people were targeted by Pegasus and Candiru, including Catalans, likely by Spanish authorities, and details a new iOS zero-click, HOMAGE
Key Findings — The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted …
Citizen Lab: the iPhone of Ben Hubbard, an American reporter for NYT, was hacked in 2020 and 2021, likely by Saudi Arabia using NSO's Pegasus; NSO denies claim
Invasive hacking software sold to countries to fight terrorism is easily abused. Researchers say my phone was hacked twice, probably by Saudi Arabia. Source: The Citizen Lab .
Citizen Lab says it found evidence of ForcedEntry on an activist's iPhone and the exploit worked on iPads, Macs, and Watches as well, prior to recent updates
Citizen Lab says the ForcedEntry flaw affects all iPhones, iPads, Macs and Watches — Apple has released security updates … Source: The Citizen Lab .