Expert Comments

Experts Insight On Researchers Discovered Multiple Security Vulnerabilities In Zoom

Expert(s): Security Experts
Expert(s): Security Experts

Cybersecurity researcher Mazin Ahmed discovered Zoom vulnerabilities that allowed data theft and malware deployment. According to findings presented at DEF CON 2020, Zoom left a misconfigured development instance exposed that wasn’t updated since September 2019, indicating the server could be susceptible to flaws that were left unpatched.

Experts Comments

August 12, 2020
Paul Bischoff
Privacy Advocate
Comparitech
The average Zoom user shouldn't worry too much about these proof-of-concept attacks demonstrated at Defcon. Two of the attacks were against Zoom's Linux client, which accounts for a small percentage of Zoom's total users. They also require the device to have been previously compromised by some other malware. Zoom has since patched these flaws so they never reached zero-day status. Users just need to update their Zoom app to get the latest security patches.
August 12, 2020
Chris Hauk
Consumer Privacy Champion
Pixel Privacy
The Zoom security flaws are just the latest in an ongoing series of recently discovered flaws leaving users of many apps open to attacks by the bad guys. Luckily, there are white hat cybersecurity researchers like Mazin Ahmed that are working to identify and disclose such security flaws to companies to allow them to plug the holes. I believe we will continue to see disclosures such as this in the near future. As these tools are put to the test by the at-home workforce, both the good guys and.....Read More
The Zoom security flaws are just the latest in an ongoing series of recently discovered flaws leaving users of many apps open to attacks by the bad guys. Luckily, there are white hat cybersecurity researchers like Mazin Ahmed that are working to identify and disclose such security flaws to companies to allow them to plug the holes. I believe we will continue to see disclosures such as this in the near future. As these tools are put to the test by the at-home workforce, both the good guys and the bad guys will step up efforts to discover security issues in apps and services in heavy use by the at-home workforce.  Read Less
August 12, 2020
Tal Zamir
Founder and CTO
Hysolate
Zoom is one of the most popular non-browser apps these days, and its vulnerabilities should be among enterprises’ primary concerns. Unfortunately, we'll see additional such vulnerabilities and subsequent attacks with collaboration tools such as Zoom, Teams, and Slack, as they all have a wide attack surface. To really protect against endpoint threats in a comprehensive way, enterprises should adopt OS isolation techniques that move sensitive enterprise apps, data, and credentials into a.....Read More
Zoom is one of the most popular non-browser apps these days, and its vulnerabilities should be among enterprises’ primary concerns. Unfortunately, we'll see additional such vulnerabilities and subsequent attacks with collaboration tools such as Zoom, Teams, and Slack, as they all have a wide attack surface. To really protect against endpoint threats in a comprehensive way, enterprises should adopt OS isolation techniques that move sensitive enterprise apps, data, and credentials into a separate OS that is isolated from riskier external-facing apps.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.
SUBMIT

You may also like

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Data Hacked For 400,000 LA Patients

IKEA Suffering Ongoing “Reply-Chain” Email Attack

Cybersecurity Expert Reaction On UK’s Financial Regulator Scraps 90-day Authentication...

DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People

Panasonic Becomes Latest Victim Of Data Breach – Security Expert...

Clearview’s £17 Million Fine For Processing 10+ Billion Images Is...

Booz Allen Report On CISOs And China Quantum Computing Risks,...

Experts Reactions On Sky Broadband Hack Warning

Ransomware Set To Break Records This Black Friday 2021

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts