Over the past week, new vulnerabilities in Zoom were discovered. If you aren’t familiar with this tool, it is currently one of the leading video conferencing software applications on the market.
What's going on with Zoom?
In these attacks, criminals are sending UNC links in a message. When a user receives the message and clicks the link, the windows credentials are then passed onto the attacker. Cybercriminals can essentially send users an executable script file to run in the same manner, infecting the user with malware.
One of the other biggest security issues facing Zoom is the surge in "Zoombombing," when uninvited attendees break into and disrupt your meeting.
We've had a lot of clients asking how secure Zoom is, we're going to dicuss what's going on, and what Tailored Networks did!
Is Zoom really secure?
Zoom CEO Eric Yuan responded to increasing security concerns over his company's videoconferencing app Wednesday April 1st 2020, by outlining his plan to address them in the next 90 days. He also revealed that daily meeting participants ballooned from 10 million in December to 200 million in March as the coronavirus outbreak forced people to work from home.
Zoom will enact a 90-day feature freeze, meaning it'll stop adding new features, so it can address those privacy issues. It'll also "a comprehensive review with third-party experts" to make sure it's handling the security of its consumer users appropriately, along with releasing a transparency report outlining requests for user data from law enforcement and governments.
Did you patch Zoom?
Zoom has released 3 updates since April 1st. If you are unsure if you have the lastest, go to https://zoom.us/download and download the latest version. This fixes the UNC links being misused, it also adds passwords to meetings by default, to prevent just anyone from barging into your meeting using the "Zoombombings" method!
Over 500,000 Zoom accounts sold on hack forums. What's this?
These credentials are gathered through credential stuffing attacks, where threat actors attempt to login to Zoom, using passwords leaked in older data breaches. Doesn’t mean that Zoom as a Company was breached. It’s important to “enable” two factor authentication on your account. If you are an Healthcare Provider and looking to use Zoom long term. You need to be on their Health Care product.
More information on the credential stuffing can be found here
How do I enable Multi-factor Authencation on Zoom?
Zoom has instructions under it's support site for enabling MFA (Multi-factor Authencation) on Zoom it can be found here
How did Tailored Networks handle Zoom?
We did something really cool! The security tools we use, we were able to prevent Zoom from accessing our systems files and client data, and launching other applications that could potentialy be used against you. By blocking access to your file system, Zoom will not be able to call on the system if it has a vulnerability or an exploit. If someone sends you a link to malware or a UNC to ransomware sitting on a server, it’s not going to be able to open that either. This was done BEFORE Zoom had a chance to release an update!
IT professionals are constantly looking for threats and trying to solve problems associated with vulnerabilities like this. However, looking for threats isn’t the best way to protect yourself. This is why we choose to limit Zoom in what it can do. With this solutions in place, you effectively harden and reduce your surface areas of attack.
Remember, we're here to help. Security is the most important thing to us! Give us a call at 731.422.3090!