Project Zero researcher Natalie Silvanovich published a new analysis of security flaws present in the Zoom video chat platform. The vulnerabilities were uncovered as part of an investigation after a zero-click attack was demonstrated at Pwn2Own. Silvanovich, inspired by the demonstration, located two different bugs. The first is a buffer

A suspected Chinese advanced persistent threat (APT) group is spreading malicious Zoom software, seeking to spy on targets in Southeast Asia. The group is referred to as LuminousMoth, and focuses on cyber espionage and information theft from high-profile targets such as governments in Asia. Cybersecurity researchers have detected roughly 100

Zoom has launched new features that allow hosts and co-hosts to pause live Zoom meetings. The feature aims to reduce the onslaught of so-called zoom-bombers, users that join meetings seemingly at random with the intention to disrupt the activity. The capabilities will allow hosts to pause the meeting, allowing them

The Federal Trade Commission (FTC) announced that it had reached a settlement with web conferencing company Zoom after the FTC alleged that Zoom misled its users by offering a false sense of security whereas they practice poor security measures. One of the features in question was the security issues in

Check Point security and Zoom announced on Thursday that a new zero-day has been discovered within the “Vanity URL” feature on Zoom, which allows companies to create their own meeting domain. Through exploiting this zero-day, attackers could pose as a company employee, and then use socially engineered conversation to extract

Popular video conferencing platform Zoom has suspended the account of known US-based Chinese activists after they reportedly held a Zoom virtual meeting to commemorate the Tiananmen Square crackdown. Zoom stated that the account was shut down due to the fact that it did not comply with “local laws.” The account

Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about termination” in the headline, scaring recipients into clicking malicious links that then harvest Zoom passwords. Abnormal Security discovered

According to an internal letter released by the government, a recent US House Oversight Committee meeting was the victim of a Zoom-bombing attack. The committee meeting was disrupted at least three times by uninvited individuals. The incident was disclosed in an internal letter from two representatives, Jim Jordan and Carolyn

On Wednesday, the video conferencing platform Zoom announced that it is re-launching its bug bounty program in collaboration with Luta Security. The company aims to make significant changes to the program amid security alerts regarding the platform’s cybersecurity practices and safety. Researchers have reported finding potentially serious vulnerabilities in the

New Zoom zero-days have allegedly been discovered for sale, effecting Windows and macOS. Hackers have claimed that they discovered two zero-day vulnerabilities for the Zoom video conferencing platform, being sold online for $500,000. The zero-days may allow threat actors to spy on private video conferences hosted through Zoom and exploit