Afternoon Dessert - 2022-08-12

Welcome to another Afternoon Dessert breakout:

Facebook Testing Default End-to-End Encryption and Encrypted Backups in Messenger
Social media company Meta said it will begin testing end-to-end encryption (E2EE) on its Messenger platform this week for select users as the default option, as the company continues to slowly add security layers to its various chat services. "If you're in the test group, some of your most frequent chats may be automatically end-to-end encrypted, which means you won't have to opt in to the
Read more....

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments
Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices. Check Point said it found the flaws in devices powered by MediaTek chipsets during a security analysis of the Chinese handset maker's "Kinibi" Trusted Execution
Read more....

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
Latest episode - listen now! (Or read the transcript if you prefer.)
Read more....

Palo Alto Networks: New PAN-OS DDoS flaw exploited in attacks
Palo Alto Networks has issued a security advisory warning of an actively exploited high-severity vulnerability impacting PAN-OS, the operating system used by the company's networking hardware products. [...]
Read more....

Twilio: 125 customers affected by data breach, no passwords stolen
Cloud communications giant Twilio, the owner of the highly popular two-factor authentication (2FA) provider Authy, says that it has so far identified 125 customers who had their data accessed during a security breach discovered last week. [...]
Read more....