The Continuing ZOOM Security Fails: A Litany Of Security Incompetence →
via Wang Wei, writing at The Hacker News, comes the latest reports of blatant anti-customer security outragse perpetrated by Zoom. Read it and Weep... But, after you wipe away the tears, remember there are other alternatives. Our suggestion is to immediately stop using Zoom products, and move to other more verifiably secure solutions (Apple Facetime and Microsoft Skype are certainly viable and stable platforms). And, while yoou are at it... Read Brian Krebs take on another security fail at Zoom, where Zoom security flaws are the gift that keeps on giving!
"Confirmed by researcher Matthew Hickey and demonstrated by Mohamed Baset, the first attack scenario involves the SMBRelay technique that exploits the fact that Windows automatically exposes a user's login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it."