[im] Hacking Zoom to Steal Windows Passwords

Fri Apr 10 11:46:15 CEST 2020

/via The Guardian/

1h ago09:25
<https://www.theguardian.com/world/live/2020/apr/10/coronavirus-live-news-global-deaths-near-95000-as-boris-johnson-leaves-intensive-care?page=with:block-5e902d0b8f081a236f190e9d#block-5e902d0b8f081a236f190e9d>
Singapore suspends use of video-conferencing tool Zoom by teachers

Singapore has suspended the use of video-conferencing tool Zoom by
teachers, its education ministry said on Friday, after “very serious
incidents” occurred in the first week of a coronavirus lockdown that has
seen schools move to home-based learning, Reuters reports.

One of the incidents involved obscene images appearing on screens and
strange men making lewd comments during the streaming of a geography lesson
with teenage girls, according to local media reports.

Zoom Video Communications Inc ZM.O has been plagued with safety and privacy
concerns about its conferencing app which has seen a surge in usage as
offices and schools around the world shut to try curb coronavirus
infections. The Singapore government has also been using the tool to host
media conferences.

Aaron Loh of the ministry’s educational technology division, without
detailing the incidents, he said:

Loh said that they would further advise teachers on security protocols such
as requiring secure log-ins and not sharing the meeting link beyond the
students in the class.

Taiwan and Germany have already put restrictions on Zoom’s use, while
Alphabet Inc’s Google banned the desktop version of Zoom from corporate
laptops on Wednesday. The company also faces a class-action lawsuit.

Concerns have grown over its lack of end-to-end encryption of meeting
sessions, routing of traffic through China and “zoombombing” when uninvited
guests crash meetings.

Officials at Berkeley High School in California said they suspended use of
the app after a “naked adult male using racial slurs” intruded on what the
school said was a password-protected meeting on Zoom, according to a letter
to parents seen by Reuters.

To address security concerns, Zoom has embarked on a 90-day plan to bolster
privacy and security issues, and has also tapped former Facebook security
chief Alex Stamos as an adviser.

szabolcs kisspal <kisspal.sz at gmail.com> ezt írta (időpont: 2020. ápr. 3.,
P, 14:04):

> To protect your meeting, here are a few things you should do:
>
>
> https://www.inc.com/jason-aten/hackers-are-trying-to-get-into-your-zoom-meetings-here-are-5-ways-to-stop-them.html
>
> 2020. ápr. 2. dátummal, 23:34 időpontban János Sugár <sj at c3.hu> írta:
>
> *New Zoom Hack Lets Hackers Compromise Windows and Its Login Password*
>
> *https://thehackernews.com/2020/04/zoom-windows-password.html
> <https://thehackernews.com/2020/04/zoom-windows-password.html>*
> /Š/
> According to cybersecurity expert @_g0dmode, the Zoom video conferencing
> software for Windows is vulnerable to a classic 'UNC path injection'
> vulnerability that could allow remote attackers to steal victims' Windows
> login credentials and even execute arbitrary commands on their systems.
>
> Such attacks are possible because Zoom for Windows supports remote UNC
> paths that convert potentially insecure URIs into hyperlinks when received
> via chat messages to a recipient in a personal or group chat.
>
> Confirmed by researcher Matthew Hickey and demonstrated by Mohamed Baset,
> the first attack scenario involves the SMBRelay technique that exploits the
> fact that Windows automatically exposes a user's login username and NTLM
> password hashes to a remote SMB server when attempting to connect and
> download a file hosted on it.
>
>
>

-- 
sz. KissPal
(H)+36-209311032
kisspal.sz at gmail.com
kspal at intermedia.c3.hu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.c3.hu/pipermail/intermedia-l/attachments/20200410/03349d2e/attachment.htm>