Security News

Zoom is doing the right thing: it's making end-to-end encryption available to all users, paid and unpaid. We have identified a path forward that balances the legitimate right of all users to privacy and the safety of users on our platform.

United States House representatives last week sent a letter to Zoom to demand explanation for the communication platform's decision to close the accounts of U.S.-based Chinese activists. Last week, Zoom confirmed that, at the request of the Chinese government to block four June 4 meetings that were illegal in the country, it closed the accounts of three individuals located outside China, namely Lee Cheuk-yan, Wang Dan, and Zhou Fengsuo.

5G adoption, security and worldwide market trendsWith 5G adoption ramping up all over the world, we sat down with Chris Pearson, President of 5G Americas, to learn more about the current 5G landscape. Zoom to offer end-to-end encryption only to paying customersAs Zoom continues on its path to bring end-to-end encryption to users, the big news is that only paid users will have access to the option.

Reports emerged earlier this week that the Minneapolis police department had been breached by hacktivist group Anonymous. Security expert Troy Hunt debunked the reports, however.

Security experts are up in arms after learning that video conferencing app Zoom will only offer end-to-end encryption to paid users. On Zoom's Wednesday first-quarter financial earnings call, Zoom CEO Eric Yuang said that the upcoming end-to-end encryption feature would not apply for free users.

Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free users won't enjoy that level of privacy, which makes it impossible for third parties to decipher communications. "I wanted to clarify that Zoom does not monitor meeting content. We do not have backdoors where participants, including Zoom employees or law enforcement, can enter meetings without being visible to others. None of this will change."

As Zoom continues on its path to bring end-to-end encryption to users, the big news is that only paid users will have access to the option. "Free users for sure we don't want to give that because we also want to work together with FBI, with local law enforcement in case some people use Zoom for a bad purpose," Zoom CEO Eric Yuan said on a company earnings call on Tuesday.

Members of Cisco's Talos threat intelligence and research group have identified two vulnerabilities in the Zoom client application that can allow a remote attacker to write files to the targeted user's system and possibly achieve arbitrary code execution. CVE-2020-6109 is related to the way Zoom processes GIF image files.

Zoom's chief executive revealed on Tuesday that free users will not be offered end-to-end encryption as the company wants to assist the FBI and local law enforcement in their investigations. Zoom has promised to take action and it has already started implementing measures that would help it address security and privacy concerns.

Does your IT security model take into account things like pacemakers? According to Dr Victoria Baines, speaking at Infosec Europe, "We also perhaps neglect the idea that critical infrastructure might be inside people" as well as merely carried in their pockets. Baines was speaking during a panel webinar about protecting critical national infrastructure.