Security News

ANNKE unveiled its pro-upgrade CZ400, an AI 4MP Super HD 4X optical zoom PoE security camera, challenging the limits of security solutions and delivering flagship monitoring experience. The OmniVision Ultra HD image sensor brings the clearest 4MP Super HD images & 65 ft crystal night vision, enabling users to capture and view exactly what they want.

Taiwan's CERT detected cyber-crooks impersonating medical authorities to attack the country's tech industry during the early stages of the COVID pandemic. "Attackers used COVID-19 social engineering to increase the success rate of their attacks," said TWCERT/CC director Chih-Hung Lin.

Video conferencing platform Zoom this week announced that all user accounts can now benefit from improved protection, courtesy of support for Two-Factor Authentication. With 2FA enabled on their accounts, users should be protected from security breaches, including those that originate from the Zoom platform itself, the company claims.

Video conferencing platform Zoom is finally offering all users the option to enable two-factor authentication to secure their accounts against credential stuffing attacks and attacks leveraging phished login credentials. How to enable Zoom 2FA on a Pro, Business, Education, or Enterprise account.

According to a Tuesday public announcement, Hartford's ransomware attack caused an outage of critical systems, including the school district's software system that delivers real-time information on bus routes. Other recent ransomware attacks include one that hit the Clark County school district, which includes Las Vegas, during its first week of school, potentially exposing personal information of employees.

Zoom announced that Zoom for Home is expanding to smart displays including Amazon Echo Show, Portal from Facebook, and Google Nest Hub Max, bringing Zoom to widely-used devices and broadening their capabilities to the work environment. Zoom on Portal is expected to be available publicly in September; Zoom on Echo Show and Zoom on Assistant-enabled Smart Displays, including Google Nest Hub Max are expected to be available by the end of the year.

Video-conferencing behemoth Zoom has been hit with yet another lawsuit stemming from its claim to offer end-to-end encryption for sessions. Zoom previously said that it offered end-to-end encryption, but that marketing claim came into question after a report from The Intercept said that Zoom's platform actually uses transport layer security encryption, providing only encryption between individual users and service providers instead of encrypting communication directly between the users of a system.

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data-and even run stealthy malware as a sub-process of a trusted application. After Ahmed privately reported the issues to Zoom in April and subsequently in July, the company issued a fix on August 3.

Popular video conferencing app Zoom recently fixed a new security flaw that could have allowed potential attackers to crack the numeric passcode used to secure private meetings on the platform and snoop on participants. Zoom meetings are by default protected by a six-digit numeric password, but according to Tom Anthony, VP Product at SearchPilot who identified the issue, the lack of rate limiting enabled "An attacker to attempt all 1 million passwords in a matter of minutes and gain access to other people's private Zoom meetings."

"I poked about in the Zoom app and noticed the default passwords being six digits and numeric, meaning one million maximum passwords," Anthony explained in a write-up this week. While Anthony focused on the web client for his research, he believed the issue was present in all forms of the Zoom client.