P.E.B.K.A.C!!! 8) :-X
Zoomed In: A Look into a Coinminer Bundled with Zoom Installer
https://blog.trendmicro.com/trendlabs-security-intelligence/zoomed-in-a-look-into-a-coinminer-bundled-with-zoom-installer/
Old news and easily avoidable by downloading the product from the source instead of third party sites.
Hackers Are Selling a Critical Zoom Zero-Day Exploit for $500,000
https://www.vice.com/en_us/article/qjdqgv/hackers-selling-critical-zoom-zero-day-exploit-for-500000
Sorry Asyn but I hate these one liners. Headlines are always designed to peak your interest and never give a true picture.
“Zoom takes user security extremely seriously. Since learning of these rumors, we have been working around the clock with a reputable,
industry-leading security firm to investigate them,” the company said in a statement. “To date, we have not found any evidence substantiating these claims.”
Zoom Endpoint-Security Considerations
https://dev.io/posts/zoomzoo/
SO I had read this previously, but someone had linked this when I asked a related questions elsewhere.
I am working for an organisation that uses Zoom extensively for meetings with people exterior to our organisation. We had just been given the notification to update to their latest 5.0 version with their new security features installed and when I went to do that, I got a notification that this was a PHISHING threat, but none of my coworkers got it. Now, my coworkers are likely using Malwarebytes and I am using Avast on my home PC, but I wondered if anyone could talk me through what to do here like I am a five year old?
An attached avast alert screenshot and or the location (or how you got there) you downloaded it from might have helped. The (URL) PHISHING is normally site based rather than file based.
I just downloaded the Zoom Client (though I don’t use it) ZoomInstaller.exe Version 5.0.1 (23502.0430) from the zoom.us/download location (that however does redirect to another location, see attached image, click to expand) and no alerts.
So as you can see what you download and from where is important.
Again USA warns against the use of Zoom, because of APT-attacks:
https://publicintelligence.net/dhs-zoom-threats/
pol
This looks like it describes old vulnerabilities that were address
by ZOOM in the update released on May 3.
https://screencast-o-matic.com/screenshots/u/Lh/1588942987490-96448.png
Looks like they are behind the curve again. I always get concerned by terms/domains like this Public Intelligence, often it is neither.
Mainly when this news (!) comes from an article that predates the latest Zoom update as you mention.
- “The following document was obtained from the public website of a local government.” - and the document is dated April 27, 2020.
New York City schools have just reversed their position on using ZOOM.
https://www.businessinsider.com/new-york-city-schools-reverse-zoom-ban-online-learning-2020-5
More Security improvements for ZOOM
https://blog.zoom.us/wordpress/2020/05/07/zoom-acquires-keybase-and-announces-goal-of-developing-the-most-broadly-used-enterprise-end-to-end-encryption-offering/
Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution
https://blog.talosintelligence.com/2020/06/vuln-spotlight-zoom-code-execution-june-2020.html
The fix is already available. Simply update.
https://d1ka0itfguscri.cloudfront.net/Lh/2020/06/04/12/22/cY1fl3pLCV/preview.jpg
End-to-End Encryption Update
https://blog.zoom.us/wordpress/2020/06/17/end-to-end-encryption-update/
Fixing the Zoom ‘Vanity Clause’ – Check Point and Zoom collaborate to fix Vanity URL issue
https://blog.checkpoint.com/2020/07/16/fixing-the-zoom-vanity-clause-check-point-and-zoom-collaborate-to-fix-vanity-url-issue/
How old is this article? I see no date related to the 'vulnerability they describe?
Given there appears to be a report/article date incorporated in the URL, 2020/07/16/, I would assume that the vulnerability is earlier than that date.
My point exactly.