Zoom released a patch last week that fixes a high-severity flaw in its client for macOS devices. The video messaging platform identified the vulnerability, which is tracked as CVE-2022-28762, as a debugging port misconfiguration that affects versions between 5.10.6 and 5.12.0. The flaw has been assigned a 7.3 out of

Security researchers at WIRED have urged users to update iOS, Chrome, Windows, and Zoom as soon as possible to stay up to date with relevant security issues. According to Wired, Google has had a busy month releasing patches for the Chrome browser and the Android operating system. In addition, Zoom

Zoom users have been advised to update their software to the latest version, 5.10.0, to fix a number of flaws detected by Google Project Zero researchers. According to the researcher who discovered the holes, Ivan Fratric, user interaction is not required for an attacker to successfully leverage the flaws. The

Project Zero researcher Natalie Silvanovich published a new analysis of security flaws present in the Zoom video chat platform. The vulnerabilities were uncovered as part of an investigation after a zero-click attack was demonstrated at Pwn2Own. Silvanovich, inspired by the demonstration, located two different bugs. The first is a buffer

A suspected Chinese advanced persistent threat (APT) group is spreading malicious Zoom software, seeking to spy on targets in Southeast Asia. The group is referred to as LuminousMoth, and focuses on cyber espionage and information theft from high-profile targets such as governments in Asia. Cybersecurity researchers have detected roughly 100

Zoom has launched new features that allow hosts and co-hosts to pause live Zoom meetings. The feature aims to reduce the onslaught of so-called zoom-bombers, users that join meetings seemingly at random with the intention to disrupt the activity. The capabilities will allow hosts to pause the meeting, allowing them

The Federal Trade Commission (FTC) announced that it had reached a settlement with web conferencing company Zoom after the FTC alleged that Zoom misled its users by offering a false sense of security whereas they practice poor security measures. One of the features in question was the security issues in

Check Point security and Zoom announced on Thursday that a new zero-day has been discovered within the “Vanity URL” feature on Zoom, which allows companies to create their own meeting domain. Through exploiting this zero-day, attackers could pose as a company employee, and then use socially engineered conversation to extract

Popular video conferencing platform Zoom has suspended the account of known US-based Chinese activists after they reportedly held a Zoom virtual meeting to commemorate the Tiananmen Square crackdown. Zoom stated that the account was shut down due to the fact that it did not comply with “local laws.” The account

Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about termination” in the headline, scaring recipients into clicking malicious links that then harvest Zoom passwords. Abnormal Security discovered