Working from home has become the new normal for many technology and knowledge workers, and along with the move to remote work, videoconferencing services — such as Zoom — have become a key technology linking people together.
Yet with popularity comes scrutiny.
Over the past month, researchers have begun turning up security and privacy flaws in the application, which has had success as a brand during the pandemic. In late March, for example, one red-team member found that Zoom would display universal naming convention (UNC) paths as links, which, if clicked, would send a username and password hash to an attacker-controlled system. In another report posted online, a researcher found two vulnerabilities in the Zoom client for MacOS.
Because so many workers continue to work remotely, Zoom and other videoconferencing applications will be examined more closely for security flaws, says Brian Gorenc, director of vulnerability research and head of cybersecurity firm Trend Micro's ZDI program.
"We're in an unprecedented time with regard to the amount of people working remotely," he says. "All of the products that enable this – VPNs, video chat, 2FA [and others] – will receive increased scrutiny from researchers and attackers alike."
Zoom, in particular, has had a rough few weeks. Attackers have started registering domains that appear related to the company, with more than 1,700 Zoom-themed domains registers globally. On March 30, the FBI office in Boston warned videoconferencing platforms and schools that the law enforcement agency had received reports that conferenc ..
Support the originator by clicking the read the rest link below.
