An issue related to the Zoom feature that allows for the customization of meeting URLs could have been exploited for phishing attacks, Check Point reveals.
Zoom is a video conferencing service that has come under intense scrutiny after being widely adopted as the collaboration tool of choice by numerous organizations and end-users worldwide, amid the COVID-19 pandemic.
The recently identified security issue, Check Point says, is related to the Zoom Vanity URL, a custom URL (e.g. companyname.zoom.us) that organizations are required to use when looking to enable single sign-on (SSO).
The customizable vanity pages are rarely accessed by users, as they don’t normally need to type in the URL for the page to access a video meeting, but click on a provided link for that.
According to Check Point, an attacker looking to exploit the discovered issue would have pretend to be a legitimate employee within a company, then send invitations that appear to come from the company’s Vanity URL to individuals of interest.
However, although the invitation would seem as being sent from the legitimate Vanity URL of the spoofed organization, the URL would actually point to a subdomain registered by the attacker with a name similar to the one of the target.
By manipulating the link, the attacker could lure the user to their own meeting and trick them into handing over credentials or other sensitive information by making them believe that they are actually in a meeting with someone from the targeted company.
An attacker could also target the dedicated Zoom web interfaces that some ..
Support the originator by clicking the read the rest link below.
