Security News

Learn how to prevent internet trolls from crashing your Zoom video conferences and flooding them with inappropriate content.

As reports of "Zoom bombing" explode, the FBI is cracking down on the issue with a new warning that web conference hijackers could face jail time. These are punishable by fines and even imprisonment, according to the FBI. "You think Zoom bombing is funny? Let's see how funny it is after you get arrested," stated Matthew Schneider, United States Attorney for Eastern Michigan in a Friday public statement.

Popular video-conferencing app Zoom may currently be in the cybersecurity hot seat, but other collaboration tools, such as Slack, Trello, WebEx and Microsoft Teams, are certainly not immune from cybercriminal attention. According to a HackerOne bug-bounty report, a HTTP Request Smuggling bug, in a proof-of-concept, was used to force open-redirects within Slack, leading users to a rogue client outfitted with Slack domain cookies.

Marriott International 2020 data breach: 5.2 million customers affectedMarriott International has suffered a new data breach in mid-January 2020, which affected approximately 5.2 million guests. Are your MS SQL servers part of a cryptomining botnet? Check now!For the last two years or so, attackers have been infecting and reinfecting poorly secured MS SQL servers, booting other criminals' malware from them and exploiting their compute power to mine Vollar and Monero cryptocurrency.

Zoom in its documentation, and in an in-app display message, has claimed its conferencing service is "End-to-end encrypted," meaning that an intermediary, include Zoom itself, cannot intercept and decrypt users' communications as it moves between the sender and receiver. When reports emerged that Zoom Meetings are not actually end-to-end encrypted encrypted, Zoom responded that it wasn't using the commonly accepted definition of the term.

Video conferencing app Zoom has had a meteoric rise in users due to the coronavirus outbreak, and with that rise in users has come security woes and an annoying new trend known as "Zoom bombing." Zoom bombing is, in essence, crashing a digital meeting and doing things like screaming obscenities, broadcasting pornography, and otherwise interrupting people's attempts to talk to coworkers, family, and friends. Even with all of Zoom's security issues, it can't be blamed entirely for the Zoom bombing trend-internet trolls have been using publicly posted meeting links, guessing meeting IDs, and using personal meeting IDs posted online as ways to join meetings uninvited.

It was just a matter of time once people began using Zoom more frequently to collaborate remotely, that their conversations would be hijacked in a phenomenon known as Zoom bombing. Zoom bombing is an emerging trend where attackers find publicly posted Zoom invite links, then join them to screenshare pornography or other inappropriate content, said Paul Bischoff, a privacy advocate with Comparitech, a pro-consumer website that provides information on tech services.

A recent analysis of the Zoom video conferencing application revealed that the keys used to encrypt and decrypt meetings may be sent to servers in China, even if all participants are located in other countries. "A scan shows a total of five servers in China and 68 in the United States that apparently run the same Zoom server software as the Beijing server. We suspect that keys may be distributed through these servers. A company primarily catering to North American clients that sometimes distributes encryption keys through servers in China is potentially concerning, given that Zoom may be legally obligated to disclose these keys to authorities in China," Citizen Lab explained in a report published on Friday.

In Zoom's white paper, there is a list of "Pre-meeting security capabilities" that are available to the meeting host that starts with "Enable an end-to-end encrypted meeting." Later in the white paper, it lists "Secure a meeting with E2E encryption" as an "In-meeting security capability" that's available to meeting hosts. When reached for comment about whether video meetings are actually end-to-end encrypted, a Zoom spokesperson wrote, "Currently, it is not possible to enable E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection."

Zoom, in particular, has witnessed a massive influx of new users, which lead to increased scrutiny from information security researchers. Zoombombing, additionally exacerbated by lax privacy and security choices made by users and vulnerabilities that allow for the creation of tools like zWarDial, which automates Zoom meeting discovery.