<div dir="ltr"><div dir="ltr">/via The Guardian/<div><br></div><div><p class="gmail-block-time gmail-published-time" style="margin:0px;font-size:0.8125rem;line-height:1.125rem;font-family:"Guardian Text Sans Web","Helvetica Neue",Helvetica,Arial,"Lucida Grande",sans-serif;font-weight:bold;padding:0.1875rem 0px 0.75rem 0.625rem;width:3.75rem;color:rgb(18,18,18)"><a href="https://www.theguardian.com/world/live/2020/apr/10/coronavirus-live-news-global-deaths-near-95000-as-boris-johnson-leaves-intensive-care?page=with:block-5e902d0b8f081a236f190e9d#block-5e902d0b8f081a236f190e9d" class="gmail-block-time__link" style="background-color:transparent;color:rgb(199,0,0);text-decoration:none">1h ago<span class="gmail-block-time__absolute" style="font-size:0.75rem;line-height:1rem;display:block;margin-left:0px;color:rgb(118,118,118);font-weight:normal">09:25</span></a></p><h2 class="gmail-block-title" style="font-size:1.25rem;line-height:1.4375rem;font-family:"Guardian Egyptian Web",Georgia,serif;color:rgb(18,18,18)">Singapore suspends use of video-conferencing tool Zoom by teachers</h2><div class="gmail-block-elements gmail-block-elements--no-byline" style="color:rgb(18,18,18);font-family:"Guardian Text Egyptian Web",Georgia,serif"><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Singapore has suspended the use of video-conferencing tool Zoom by teachers, its education ministry said on Friday, after “very serious incidents” occurred in the first week of a coronavirus lockdown that has seen schools move to home-based learning, Reuters reports. </p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">One of the incidents involved obscene images appearing on screens and strange men making lewd comments during the streaming of a geography lesson with teenage girls, according to local media reports.</p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Zoom Video Communications Inc ZM.O has been plagued with safety and privacy concerns about its conferencing app which has seen a surge in usage as offices and schools around the world shut to try curb coronavirus infections. The Singapore government has also been using the tool to host media conferences. </p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Aaron Loh of the ministry’s educational technology division, without detailing the incidents, he said:</p><blockquote class="gmail-quoted" style="margin:1rem 1.25rem 1.125rem 5rem;font-style:italic;overflow:auto"><span class="gmail-inline-garnett-quote gmail-inline-icon" style="fill: rgb(255, 255, 255);"></span><div class="gmail-quoted__contents" style="margin-left:2.1875rem"><p style="margin-top:0px;margin-bottom:0.5rem"></p></div></blockquote><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Loh said that they would further advise teachers on security protocols such as requiring secure log-ins and not sharing the meeting link beyond the students in the class.</p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Taiwan and Germany have already put restrictions on Zoom’s use, while Alphabet Inc’s Google banned the desktop version of Zoom from corporate laptops on Wednesday. The company also faces a class-action lawsuit.</p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Concerns have grown over its lack of end-to-end encryption of meeting sessions, routing of traffic through China and “zoombombing” when uninvited guests crash meetings.</p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">Officials at Berkeley High School in California said they suspended use of the app after a “naked adult male using racial slurs” intruded on what the school said was a password-protected meeting on Zoom, according to a letter to parents seen by Reuters.</p><p style="margin:0px 1.25rem 1rem 5rem;padding:0px">To address security concerns, Zoom has embarked on a 90-day plan to bolster privacy and security issues, and has also tapped former Facebook security chief Alex Stamos as an adviser.</p></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">szabolcs kisspal <<a href="mailto:kisspal.sz@gmail.com">kisspal.sz@gmail.com</a>> ezt írta (időpont: 2020. ápr. 3., P, 14:04):<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><div style="word-wrap:break-word"><div><span style="color:rgb(33,37,41);font-family:Roboto,sans-serif;font-size:18px;background-color:rgb(255,255,255)">To protect your meeting, here are a few things you should do:</span></div><div><span style="color:rgb(33,37,41);font-family:Roboto,sans-serif;font-size:18px;background-color:rgb(255,255,255)"><br></span></div><a href="https://www.inc.com/jason-aten/hackers-are-trying-to-get-into-your-zoom-meetings-here-are-5-ways-to-stop-them.html" target="_blank">https://www.inc.com/jason-aten/hackers-are-trying-to-get-into-your-zoom-meetings-here-are-5-ways-to-stop-them.html</a><div><br><div><blockquote type="cite"><div>2020. ápr. 2. dátummal, 23:34 időpontban János Sugár <<a href="mailto:sj@c3.hu" target="_blank">sj@c3.hu</a>> írta:</div><br><div><div style="font-family:Helvetica;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><font size="-1"><b>New Zoom Hack Lets Hackers Compromise Windows and Its Login Password</b></font></div><div style="font-family:Helvetica;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><font size="-1"><br></font></div><div style="font-family:Helvetica;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><font size="-1"><b><a href="https://thehackernews.com/2020/04/zoom-windows-password.html" target="_blank">https://thehackernews.com/2020/04/zoom-windows-password.html</a></b></font></div><div style="font-family:Helvetica;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><font size="-1">/Š/</font></div><div style="font-family:Helvetica;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><font size="-1">According to cybersecurity expert @_g0dmode, the Zoom video conferencing software for Windows is vulnerable to a classic 'UNC path injection' vulnerability that could allow remote attackers to steal victims' Windows login credentials and even execute arbitrary commands on their systems.<br><br>Such attacks are possible because Zoom for Windows supports remote UNC paths that convert potentially insecure URIs into hyperlinks when received via chat messages to a recipient in a personal or group chat.<br> </font></div><div style="font-family:Helvetica;font-size:14px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px"><font size="-1">Confirmed by researcher Matthew Hickey and demonstrated by Mohamed Baset, the first attack scenario involves the SMBRelay technique that exploits the fact that Windows automatically exposes a user's login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it.</font></div></div></blockquote></div><br></div></div></blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">sz. KissPal<br>(H)+36-209311032<br><a href="mailto:kisspal.sz@gmail.com" target="_blank">kisspal.sz@gmail.com</a><br><a href="mailto:kspal@intermedia.c3.hu" target="_blank">kspal@intermedia.c3.hu</a><br></div>