Blog

Zoom Is Working On Security But May Be Too Late

Apr 17, 2020 | Blog

The popular messaging tool called Zoom is having a tough time.

According to a recently released memo that circulated through Elon Musk’s “SpaceX” company, the company is banning Zoom’s use because of “significant privacy and security concerns.”

In response, Zoom’s development team recently announced that they’re freezing all feature development for a period of 90 days so they can work to improve privacy and security. Once their latest round of work is complete, they’re planning to conduct a thorough third-party security review.

All of this comes on the heels of the discovery of a raft of critical security flaws in the Zoom app. Just a few days ago, the Zoom Windows client was found to be leaking network credentials. That is, because of the way the app rendered UNC file paths, displaying them as clickable links inside group chat windows.

Patrick Wardle is a legendary NSA hacker and famous Apple bug hunter. He found a new vulnerability in the macOS Zoom installer that could easily be exploited by even casual hackers.

Zoom’s founder, Eric Yuan, has been busy issuing apologies on multiple fronts and driving his team to correct all of the recently discovered issues. Among other things, the company has removed the Facebook SDK in its iOS app. They have acknowledged that their E2E encryption scheme is not particularly secure, and are moving rapidly to address that. They are also in the process of rolling out bug fixes for both the Windows and macOS versions of its clients, both of which may be available by the time you read these words.

In addition to that, Yuan said that Zoom was removing the attendee attention tracker and the LinkedIn Sales Navigator, both of which were found to be leaking data and causing additional security concerns.

Those are all good moves. Overdue, to be sure, but good moves. The question is, is it too little, too late? Only time will tell.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech