![]() Unfortunately, we'll see an increase of such attacks on collaboration tools such as Zoom, Teams, and Slack, as they all have a wide attack surface.” Not worth the riskįor Douglas Jones, co-founder and managing partner at JAG Insurance Group, its recent issues strongly suggest that using Zoom is not worth the risk. “This includes the recently discovered Zoom Client vulnerability that allows a remote attacker on a Zoom call to receive a user’s Windows credentials. Zoom is one of the most popular non-browser apps these days and has new vulnerabilities enterprises should care about. Tal Zamir, co-founder and CTO at Hysolate said: “Enterprises must keep in mind that user devices use a variety of apps that go beyond just email and internet. This particular problem, which has also now been patched, centred on the Zoom Windows client, which is vulnerable to Universal Naming Convention (UNC) path injection in its chat interface, which would let hackers steal the Windows credential of anybody who clicked on a malicious link. “However, if you value either your cyber security or privacy, you may want to think twice about using the macOS version of the app.”Īnother vulnerability affecting Microsoft Windows was disclosed by researchers through Bleeping Computer. ![]() “Zoom, ‘the leader in modern enterprise video communications’ is well on its way to becoming a household verb, and as a result, its stock price has soared,” said Wardle. ![]() One enabled hackers to gain privileged root access to install malware or spyware, the other allowed them to inject malicious code into Zoom to fool it into giving them access to the target’s webcam and microphone. Among them is Patrick Wardle, a former NSA cyber security operative and now principle security researcher at Jamf, who highlighted two dangerous zero day exploits on his blog.īoth these vulnerabilities, which have now been patched, affected the Apple macOS version of Zoom and are easily exploited by an attacker who with physical control of the target machine. Now, more threat researchers have piled in with disclosures of their own, and some go so far as to recommend people stop using Zoom altogether. ![]() Earlier this week Check Point threat researchers reported on a surge in fraudulent Zoom domains being used to lure in unsuspecting users and steal their personal information. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |