Expert Comments

Expert Comments: A Flaw In Webex And Zoom Let Researchers Snoop On Users’ Video Calls

Expert(s): Security Experts
Expert(s): Security Experts

It has been reported that a team of security researchers found they could tap into Webex and Zoom video meetings because many weren’t protected with a code. Researchers programmed a bot to cycle through lists of valid meeting IDs and get access to active conference calls. The vulnerability works because many companies and users don’t protect their meetings with a password, either for convenience or they had not checked their default settings, coupled with a limited pool of meeting IDs. By targeting the platforms’ APIs, they were able to automate the process.

Experts Comments

October 03, 2019
Jonathan Knudsen
Senior Security Strategist
Synopsys
Some rudimentary user education would help people make better choices. For example, when running an online meeting, make sure you can identify all users who have joined. Furthermore, if you expect that any part of the meeting is information you want to keep confidential, use the password feature to protect the meeting from casual intruders. Meeting recordings should be protected with similar vigilance. For example, recording files should not be placed on unauthenticated servers, and any links.....Read More
Some rudimentary user education would help people make better choices. For example, when running an online meeting, make sure you can identify all users who have joined. Furthermore, if you expect that any part of the meeting is information you want to keep confidential, use the password feature to protect the meeting from casual intruders. Meeting recordings should be protected with similar vigilance. For example, recording files should not be placed on unauthenticated servers, and any links to streaming recordings should be protected by some form of authentication.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

Security Expert On Apple Suing NSO Group

Meta Delays Plans To Rollout End-to-end Encryption

NCSC Issues Black Friday Warning To Tetailers

How The Zelle Fraud Scam Steals Your Bank Credentials

GoDaddy Data Breach Impacts Over A Million Users, Experts Reactions

Utah Imaging Data Breach – Expert Comments

Telecoms Security Bill – What’s Missing?

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts