May 29, 2023

Zoom was in the limelight for past one year during ongoing pandemic, lot has changed after the bugs to hand hold the market shares. But again the doubt arising wheather zoom is protecting user privacy.

Cybercriminals exploited a vulnerability and undertook a distant code execution (RCE) assault to take management of host PCs. During Pwn2Own this has been identified.

The hacker has to be a part of the same organizational domain as the host PC’s user has to get permission from the host to join the meeting; When the attackers become part of a meeting, they will be able to execute a chain of three malware that will install an RCE backdoor on the victim’s PC.

The threat actors can get access to your PC, and simultaneously will able to be able to implement remote commands that will then give access to your sensitive data. This doesn’t requires the victim consent which is alarming and essential Security layer should be in place

The aforementioned operation runs on Mac, Windows, but on Zoom’s iOS and Android apps, it has not been checked yet. Notably, the browser version is safe. Zoom is yet to take measures, and the technical details of the attack have not been reported to the public, yet. Reportedly, the patch will arrive on Zoom for Mac and Windows within the next 90 days.

Tags:

Leave a Reply

You may have missed

CrowdStrike strategy dominates MDR Market

CrowdStrike strategy dominates MDR Market

May 28, 2023
TheCyberThrone Security Week In Review–May 27, 2023

TheCyberThrone Security Week In Review–May 27, 2023

May 28, 2023
Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
Apria Data Breach affects 2 million customers

Apria Data Breach affects 2 million customers

May 27, 2023
CosmicEnergy Malware Shutting Electric grid

CosmicEnergy Malware Shutting Electric grid

May 27, 2023
Operation Magalenha from Brazil

Operation Magalenha from Brazil

May 27, 2023
%d bloggers like this: