Security News

The "Suspend Participant Activities" feature is enabled by default for all free and paid Zoom users; and, meeting participants can also report a disruptive user directly from the Zoom client by clicking the top-left "Security" badge. That advice includes deleting the vulnerable meeting and creating a new one with a new meeting ID, enabling security settings, or using another Zoom solution, like Zoom Video Webinars or OnZoom.

Follow these steps to better protect your Zoom account with a second layer of authentication. Zoom now provides an extra level of security to your account with two-factor authentication.

Zoom has announced today the rollout of new security enhancements designed to help meeting hosts to block zoombombing attempts and participants to report misbehaving users. Zoombombing happens when Zoom meetings are joined by unauthorized third parties with the goal to disrupt ongoing sessions and harass participants.

Zoom Video Communications, the maker of the popular Zoom video conferencing solution, has agreed to settle allegations made by the US Federal Trade Commission that it "Engaged in a series of deceptive and unfair practices that undermined the security of its users." The settlement requires Zoom to - among other things - establish and implement a comprehensive security program and to not engage in further privacy and security misrepresentations.

Zoom has been forced to agree to a range of security improvements in a settlement with America's consumer watchdog, the Federal Trade Commission, as a result of earlier wrongly claiming it offered true 256-bit end-to-end encryption. The pact [PDF], announced Monday, obliges the video-conferencing giant to carry out an annual security assessment of its software and have its internal security program assessed by a third-party every two years.

Federal regulators are requiring Zoom to strengthen its security in a proposed settlement of allegations that the video conferencing service misled users about its level of security for meetings. A complaint filed by the agency accused Zoom of deceiving users over security since at least 2016.

You've heard of Zoom Bombing, but have you heard of Zoom Snooping? Researchers contend they can extract keystroke data from participants in a video call simply by tracking shoulder movements. "Being security/privacy researchers, and heavy users of such applications ourselves, we wondered what non-obvious private information one can infer by being on the other end of such call/conference videos." Jadliwala told Threatpost by email.

Zoom has finally added what it says is end-to-end encryption to its video conferencing service at no additional cost for all users, whether they are paying subscribers or not. "We're very proud to bring Zoom's new end-to-end encryption to Zoom users globally today," said Zoom CISO Jason Lee.

Video-conferencing giant Zoom is rolling out a technical preview of its end-to-end encryption next week. Zoom has faced various controversies around its encryption policies over the past year, including several lawsuits alleging that the company falsely told users that it offers full encryption.

Starting next week, Zoom users - both those who are on one of the paid plans and those who use it for free - will be able to try out the solution's new end-to-end encryption option. Must join from the Zoom desktop client, mobile app, or Zoom Rooms.