Security News > 2020 > January > Video: Zoom Researcher Details Web Conference Security Risks, 2020 Threats
"The main takeaway for online conference platforms is that these companies are in charge of the security of their users and they need to work to secure these environments. Zoom added a password but other actions can be taken as well so that people can't really abuse these platforms," she said.
Beyond Zoom's recent flaw, Horowitz also talked to Threatpost about the challenges of hunting down cybercriminals and making attribution, and the top threats she's anticipating in 2020 - from ransomware to cloud-infrastructure attacks.
We were able to actually track the way that Zoom randomize their conference numbers and generate these numbers ourselves, and join many different videos or just different conferences that take place on Zoom.
So the threat actors now understand that we don't only want to stop the attacks, but also to find who they are.
So these ransomware attacks are kind of, I like to call them "Boutique attacks." So they are attacking some very specific organizations that have lots of data and lots of money, which allows the threat actors to ask for a ransom as high as millions of dollars.
News URL
https://threatpost.com/video-zoom-web-conference-security-risks/152337/
Related news
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Germany drafts law to protect researchers who find security flaws (source)
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- AI’s impact on the future of web application security (source)
- Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority (source)
- Here's what happens if you don't layer network security – or remove unused web shells (source)
- Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' (source)
- Are threat feeds masking your biggest security blind spot? (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)