![]() ![]() In a statement, a Zoom spokesman said that the company appreciates the work of the researchers and takes privacy and security 'very seriously.' The application used a custom extension to name the files, but they were easily viewable directly or simply by changing the custom file extension to the PNG image format, researcher John Jackson told Security Ledger. ![]() 'We addressed the issue identified by the Sakura Samurai researchers on our Keybase platform in version 5.6.0 for Windows and macOS and version 5.6.1 for Linux. Users can help keep themselves secure by applying current updates or downloading the latest Keybase software with all current security updates,' the spokesman said. In most cases, the failure to remove files from cache after they were deleted would count as a 'low priority' security flaw. However, in the context of an end-to-end encrypted communications application like Keybase, the failure takes on added weight, Jackson wrote.As shelter-in-place and lockdown orders were enforced around the world, Zoom meetings replaced classrooms, offices, gaming lobbies and even concert halls. Throughout the month of March alone, over 200 million people used the conferencing platform, compared to the previous monthly maximum of 10 million. 2Īn investigation carried out by the New York Times in April has revealed that a considerable number of social media accounts, including Instagram accounts, Twitter accounts, message boards on Reddit and 4Chan, are used by thousands of people to carry out Zoom disruption campaigns. 3 The people in question create plans and share meeting passwords that they use to join public and private meetings.Įxperts report that 500,000 Zoom accounts are usually being sold on the dark web and hacker forums. Some of those accounts have been broken into using information from older data breaches, known as credential-stuffing attacks. 4 Many users use the same password (or a limited set of passwords) across all accounts that they use on the Internet. Therefore, once an account is compromised in one place, it is highly likely that there will be accounts made by the same user that can be accessed on other platforms, using the same set of credentials. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |