Your IT Support Experts

We partner with many types of businesses in the area, and strive to eliminate IT issues before they cause expensive downtime, so you can continue to drive your business forward. Our dedicated staff loves seeing our clients succeed. Your success is our success, and as you grow, we grow.

Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

Tailored Networks Blog

How Safe is Zoom?

zoom

Over the past week, new vulnerabilities in Zoom were discovered. If you aren’t familiar with this tool, it is currently one of the leading video conferencing software applications on the market.

What's going on with Zoom?

In these attacks, criminals are sending UNC links in a message. When a user receives the message and clicks the link, the windows credentials are then passed onto the attacker. Cybercriminals can essentially send users an executable script file to run in the same manner, infecting the user with malware.

One of the other biggest security issues facing Zoom is the surge in "Zoombombing," when uninvited attendees break into and disrupt your meeting. 

We've had a lot of clients asking how secure Zoom is, we're going to dicuss what's going on, and what Tailored Networks did!

Is Zoom really secure?

Zoom CEO Eric Yuan responded to increasing security concerns over his company's videoconferencing app Wednesday April 1st 2020, by outlining his plan to address them in the next 90 days. He also revealed that daily meeting participants ballooned from 10 million in December to 200 million in March as the coronavirus outbreak forced people to work from home.

Zoom will enact a 90-day feature freeze, meaning it'll stop adding new features, so it can address those privacy issues. It'll also "a comprehensive review with third-party experts" to make sure it's handling the security of its consumer users appropriately, along with releasing a transparency report outlining requests for user data from law enforcement and governments.

Did you patch Zoom?

Zoom has released 3 updates since April 1st. If you are unsure if you have the lastest, go to https://zoom.us/download and download the latest version. This fixes the UNC links being misused, it also adds passwords to meetings by default, to prevent just anyone from barging into your meeting using the "Zoombombings" method!

Over 500,000 Zoom accounts sold on hack forums. What's this?

These credentials are gathered through credential stuffing attacks, where threat actors attempt to login to Zoom, using passwords leaked in older data breaches. Doesn’t mean that Zoom as a Company was breached. It’s important to “enable” two factor authentication on your account. If you are an Healthcare Provider and looking to use Zoom long term. You need to be on their Health Care product.

More information on the credential stuffing can be found here

How do I enable Multi-factor Authencation on Zoom?

Zoom has instructions under it's support site for enabling MFA (Multi-factor Authencation) on Zoom it can be found here

How did Tailored Networks handle Zoom?

We did something really cool! The security tools we use, we were able to prevent Zoom from accessing our systems files and client data, and launching other applications that could potentialy be used against you. By blocking access to your file system, Zoom will not be able to call on the system if it has a vulnerability or an exploit. If someone sends you a link to malware or a UNC to ransomware sitting on a server, it’s not going to be able to open that either. This was done BEFORE Zoom had a chance to release an update!

IT professionals are constantly looking for threats and trying to solve problems associated with vulnerabilities like this. However, looking for threats isn’t the best way to protect yourself. This is why we choose to limit Zoom in what it can do. With this solutions in place, you effectively harden and reduce your surface areas of attack.

Remember, we're here to help. Security is the most important thing to us! Give us a call at 731.422.3090!

Vendor Relationships Could See Strain
What You Need to Know to Manage a Remote Workforce
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Saturday, June 06, 2020

Captcha Image

Customer Login

About Tailored Networks

Tailored Networks strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges, starting with planning, implementing, and supporting the IT solutions that are critical to your growth and success.

Read More

Contact Us

Learn more about what Tailored Networks can do for your business.

Tailored Networks
1903 N. Highland Ave. Ste 14
Jackson, Tennessee 38305