InfoSecBulletin Cybersecurity for mankind
WhatsApp introduces a privacy feature called “Protect IP Address in Calls.” This feature masks users’ IP addresses by relaying the calls through its servers.
WhatsApp stated that calls are end-to-end encrypted, meaning that even if a call goes through their servers, they cannot listen to the calls.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
The main idea is to increase the difficulty for malicious people on the call to figure out the user’s location. This is done by securely sending the connection through WhatsApp servers. But, there is a small decrease in call quality when using the privacy option.
ALSO READ:
Microsoft Authenticator blocks suspicious MFA alerts by default
It’s similar to Apple’s iCloud Private Relay. It adds a layer of anonymity by routing users’ Safari browsing sessions through two secure internet relays.
The “Protect IP Address in Calls” feature has been in development since at least August 2023, according to WABetaInfo.
WhatsApp said that enabling this feature would relay all calls through their servers, protecting your IP address and preventing others from determining your general location.
“This new feature provides an additional layer of privacy and security particularly geared towards our most privacy-conscious users.”
The feature enhances user privacy and security by ensuring unwanted contact is filtered and minimizing the risk of zero-click attacks and spyware.
WhatsApp’s silenced call feature uses a special protocol to minimize the processing of data controlled by attackers. This is done by using a privacy token.
When making a call, the caller includes the recipient’s privacy token in the message. The server then checks the validity of the token and other factors to decide if the recipient allows the caller to call them.
“For privacy reasons, the server does not gain knowledge of the specific relationship between caller and recipient from the token.”
