Security News
Cybersecurity researchers from Cisco Talos unveiled today that it discovered two critical vulnerabilities in the Zoom software that could have allowed attackers to hack into the systems of group chat participants or an individual recipient remotely. According to the researchers, successful exploitation of both flaws requires no or very little interaction from targeted chat participants and can be executed just by sending specially crafted messages through the chat feature to an individual or a group.
The campaign impersonates Zoom emails, but steals the Microsoft account credentials of its victims, says security firm Abnormal Security.
Schools, paying customers and potentially high-risk users could be offered stronger encryption for video meetings under new plans being explored by Zoom. Zoom is reported to be planning to strengthen its encryption for paying customers and other institutions such as schools.
Zoom meetings currently offer encryption but with certain limitations. Encryption is used to protect the identity of users, call data between Zoom clients and Zoom's infrastructure, and meeting contents.
Zoom announced this week that on May 22 it will publish a detailed draft of the cryptographic design it plans on using for its upcoming end-to-end encryption feature. As a result of increased scrutiny from privacy and security experts - as well as hackers targeting meetings - Zoom has started making improvements to its platform and it has promised to implement changes and new features that would significantly enhance security and privacy.
In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.
In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.
The campaign impersonates Zoom emails, but steals the Microsoft account credentials of its victims, says security firm Abnormal Security. A new phishing campaign spotted by Abormal Security takes advantage of the popularity of Zoom to try to capture account credentials of unsuspecting users.
Zoom has acquired Keybase, a secure messaging and file-sharing service. "There are end-to-end encrypted communications platforms. There are communications platforms with easily deployable security. There are enterprise-scale communications platforms. We believe that no current platform offers all of these. This is what Zoom plans to build, giving our users security, ease of use, and scale, all at once," said Eric S. Yuan, CEO of Zoom.
New York state's top prosecutor on Thursday announced that the company Zoom would improve security measures, after flaws were detected as the video conferencing platform soared in popularity amid the coronavirus pandemic. In a statement, James said Zoom would institute new security measures for the millions of users using the platform, including enhanced privacy controls.