Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

2020-04-07 00:08

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal.

Zoom came under the lens for its "Attendee tracking" feature, which, when enabled, lets a host check if participants are clicking away from the main Zoom window during a call.

On April 3, 2020, the Washington Post reported that it was trivial to find video recordings made in Zoom by searching the common file-naming pattern that Zoom applies automatically.

Subsequent research by Citizen Lab found that they were also vague about the type of encryption used, with the keys generated for cryptographic operations "Delivered to participants in a Zoom meeting through servers in China, even when all meeting participants, and the Zoom subscriber's company, are outside of China." The audio and video in each Zoom meeting is encrypted and decrypted with a single AES-128 used in ECB mode that's shared among all the participants.

Should You Use Zoom or Not? To give credit where it's due, Zoom largely responded to these disclosures swiftly and transparently, and it has already patched a number of issues highlighted by the security community.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/YQQ7Tzj3lVY/zoom-cybersecurity-hacking.html

#cybersecurity #zoom

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Zoom		56	4	67	57	10	138