Dane Solutions Ltd

04/02/2026

WARNING …… A WhatsApp bug lets malicious media files spread through group chats

WhatsApp is going through a rough patch. Some users would argue it has been ever since Meta acquired the once widely trusted messaging platform. User sentiment has shifted from “trusted default messenger” to a grudgingly necessary Meta product.

Privacy-aware users still see WhatsApp as one of the more secure mass-market messaging platforms if you lock down its settings. Even then, many remain uneasy about Meta’s broader ecosystem, and wish all their contacts would switch to a more secure platform.

Back to current affairs, which will only reinforce that sentiment.

Google’s Project Zero has just disclosed a WhatsApp vulnerability where a malicious media file, sent into a newly created group chat, can be automatically downloaded and used as an attack vector.

The bug affects WhatsApp on Android and involves zero‑click media downloads in group chats. You can be attacked simply by being added to a group and having a malicious file sent to you.

According to Project Zero, the attack is most likely to be used in targeted campaigns, since the attacker needs to know or guess at least one contact. While focused, it is relatively easy to repeat once an attacker has a likely target list.

And to put a cherry on top for WhatsApp’s competitors, a potentially even more serious concern for the popular messaging platform, an international group of plaintiffs sued Meta Platforms, alleging the WhatsApp owner can store, analyze, and access virtually all of users’ private communications, despite WhatsApp’s end-to-end encryption claims.

How to secure WhatsApp

Reportedly, Meta pushed a server change on November 11, 2025, but Google says that only partially resolved the issue. So, Meta is working on a comprehensive fix.

Google’s advice is to disable Automatic Download or enable WhatsApp’s Advanced Privacy Mode so that media is not automatically downloaded to your phone.

And you’ll need to keep WhatsApp updated to get the latest patches, which is true for any app and for Android itself.

Turn off auto-download of media

Goal: ensure that no photos, videos, audio, or documents are pulled to the device without an explicit decision.

Open WhatsApp on your Android device.
Tap the three‑dot menu in the top‑right corner, then tap Settings.
Go to Storage and data (sometimes labeled Data and storage usage).
Under Media auto-download, you will see When using mobile data, when connected on Wi‑Fi. and when roaming.
For each of these three entries, tap it and uncheck all media types: Photos, Audio, Videos, Documents. Then tap OK.
Confirm that each category now shows something like “No media” under it.
Doing this directly implements Project Zero’s guidance to “disable Automatic Download” so that malicious media can’t silently land on your storage as soon as you are dropped into a hostile group.

Stop WhatsApp from saving media to your Android gallery

Even if WhatsApp still downloads some content, you can stop it from leaking into shared storage where other apps and system components see it.

In Settings, go to Chats.
Turn off Media visibility (or similar option such as Show media in gallery). For particularly sensitive chats, open the chat, tap the contact or group name, find Media visibility, and set it to No for that thread.
WhatsApp is a sandbox, and should contain the threat. Which means, keeping media inside WhatsApp makes it harder for a malicious file to be processed by other, possibly more vulnerable components.

Lock down who can add you to groups

The attack chain requires the attacker to add you and one of your contacts to a new group. Reducing who can do that lowers risk.

​In Settings,
tap Privacy.
Tap Groups.
Change from Everyone to My contacts or ideally My contacts except… and exclude any numbers you do not fully trust.

If you use WhatsApp for work, consider keeping group membership strictly to known contacts and approved admins.

Also ….Set up two-step verification on your WhatsApp accoun

10/01/2026

Breaking news: ‘Instagram security breach'

This week, Malwarebytes discovered that hackers stole the sensitive information of 17.5 million Instagram accounts. Complete with usernames, physical addresses, phone numbers, email addresses, and more, this data can be abused by cybercriminals to impersonate trusted brands, trick users, and steal their passwords.

Critically, this data is already being offered on the dark web, with individual users also receiving legitimate password reset notifications from Instagram ⚠️

11/11/2024

This report is worrying;

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Posted: November 5, 2024 by Pieter Arntz

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up.

Here’s how it works.

Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified your authentication—straight away or after using MFA–the server creates a session and generates a unique session ID. This session ID is stored in a session cookie (or a “Remember-Me cookie” as the FBI calls it) on your browser, which is typically valid for 30 days.

Every time you return to that website within the time frame, you don’t need to log in. That’s really convenient… unless someone manages to steal that cookie from your system.

If someone steals the session cookie, they can log in as you—even if you have MFA enabled.

This is particularly relevant for email handlers that have an online—webmail—component. This includes major players like Gmail, Outlook, Yahoo, and AOL.

With access to your email account, a cybercriminal can find a lot of useful information about you, such as where you bank, your account numbers, your favorite shops, and more. This information could then be used for targeted cyberattacks that mention information that’s relevant to you only, leaving you more likely to fall for them.

Cybercriminals could use your account to spread spam and phishing emails to your contacts. And perhaps most worrying of all, once an attacker is in your email account they can reset your passwords to your other accounts and login as you there too.

How do these criminals get their hands on your session cookies? There are several ways.

On very rare occasions, session cookies can be stolen by you visiting a malicious website, or via a Machine-in-the-Middle (MitM) attack where a cybercriminal can intercept traffic and steal cookies if they’re not protected by HTTPS on an unsecured network.

However, session cookies are usually stolen by malware on the your device. Modern information-stealing malware is capable of, and even focuses on, stealing session cookies as part of its activity.

How to keep your email account safe

There are a few things you can do to stay safe from the cookie thieves:

Use security software on every device you use.
Keep your devices and the software on them up to date, so there aren’t any known vulnerabilities on them.
Decide whether you think it’s worth using the Remember me option. Is convenience worth the risk in this situation?
Delete cookies, or—even better—log out when you are done. That should also remove or invalidate the session ID from the server, so nobody can use it to log in, even if they have the session cookie.
Only visit sites with a secure connection (HTTPS) to protect your data from being intercepted during transmission.
For important accounts regularly check the log in history where you can see which devices logged in when and from where. You should be able to find this option in your account settings.

10/07/2024

⚠️⚠️ Watch out Folks M$ have taken it on themselves to install the new W11 feature COPILOT ( which takes automatic snapshots of your system ) on W10 based machines !!!!

30/05/2024

Yet another data breach announced - Ticketmaster;

MAJOR BREACH ALERT
BREAKING NEWS

This week, news broke that Ticketmaster had allegedly been breached and 560 million customers’ data had been put up for sale online. The data is said to include full names, addresses, email addresses, phone numbers, credit card details, order information, and more.
Ticketmaster is yet to comment on the incident. However, whether the data is real or not, scammers are likely to use this as an opportunity to line their pockets.

What to do:
Be on your guard for texts, calls or emails that claim to be from Ticketmaster or about a future event you bought a ticket to. They could be fake, aimed at getting you to download malware or go to a phishing site.

Keep an eye on your transactions. If you’ve bought anything through Ticketmaster, monitor your bank and credit card accounts and report any suspicious transactions.

Consider identity monitoring. This alerts you if your personal information is found being traded illegally online, and helps you recover after.

Keep updated on this developing story on the Malwarebytes Labs blog.

Check what data is already exposed
You can check what personal information of yours has already been exposed online with our Digital Footprint portal. Just enter your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report. (Note, the Ticketmaster data is yet to be released so won’t appear in the scan.)

© 2024 Malwarebytes

20/05/2024

New Scam - beware !

“”More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. That’s a great thing. But as security evolves, so do cybercriminals who are always looking for new ways to scam us.

A type of phishing we’re calling authentication-in-the-middle is showing up in online media. While these techniques, named after man-in-the-middle (MitM) attacks, have existed for a while, they appear to be gaining traction now.

It works like this: A user gets lured to a phishing site masquerading as a site they normally use, such as a bank, email or social media account. Once the user enters their login into the fake site, that information gets redirected by the cybercriminals to the actual site, without the user knowing.

The user is then prompted for their MFA step. They complete this, usually by entering a code or accepting a push notification, and this information is then relayed to the criminals, allowing them to login to the site.

Once the criminals are into an account, they can start changing settings like the account’s email address, phone number, and password, so the user can no longer log in, or they can simply clean out a bank account. This may help you understand why many platforms ask for your PIN or other authentication again when you try to change one of these important settings.

Victims are lured to phishing sites like these via links from social media or emails where it can be hard to identify the real link. Phishing sites can even show up in sponsored search results, in the same way as we reported about tech support scams.””

13/04/2024

So countdown has started and users will begin to start receiving this message !

29/01/2024

Check your digital footprint now as more data breaches are happening more regularly now 🙁

Has your personal data been exposed? Get a free personal exposure report to your inbox. For best results, enter the email...

07/12/2023

Windows 10 End of life date issued;

The day that Windows 10 machines will get their last security updates is set for October 14, 2025. So if you want to stay secure, you’d have to upgrade to a newer version. Either to Windows 11, which is not all that different, but more demanding when it comes to system requirements. Or to the rumored Windows 12 which might be out by then.

Despite the fact that Windows 11 has been around for a while, market share would have it that Windows 10 is still far more popular. Windows 11 shows a slight increase in usage, but not a very significant one.

07/12/2023

RIP to one of my favorite loopholes: Microsoft quietly announced recently (via Neowin ) that users will no longer be able to install and activate Windows 10 or Windows 11 with old Windows 7 & Windows 8 product codes 😡

07/09/2023

Dont be fooled by scam emails like this who use this technique or hide different urls behind given web addresses !

16/06/2023

Becareful out there - more than normal amounts of online & emails scams curvulating like this one supposingly from Apple ;

Looks real …..but on closer inspection of the sending email address is a complete give away unless you have fallen foul and clicked on the enclosed link ☹️