Lawyers recently said that forcing employees to use the tool could put companies at risk of lawsuits, because its policies on where data is shared is not clear and workers may not be able to consent to this data sharing because the balance of power between employee and employer tips toward the latter.Ī class action lawsuit has already been filed in the US regarding Zoom’s sharing of data with Facebook, through its “login with Facebook” tool. On Tuesday Zoom confirmed that despite marketing material to suggest otherwise, its video streaming is not end-to-end encrypted. “An attacker could seek to exploit the participants of a meeting they join to gain unauthorised access to services such as Outlook webmail, Microsoft Sharepoint and others by clicking on such a link," Mr Hickey said. UNC paths are used by computer systems to identify servers, printers and other resources in a network, and appear as double slashes or backslashes. Matthew Hickey, founder of Hacker House said: "The screen shot shows that the Digital Cabinet is using the Microsoft client version of Zoom, which can be exploited by an attacker to potentially gather credentials to use in further attacks through use of UNC paths as links in a chat." The Windows version was used for a Cabinet meeting on Tuesday. Boris Johnson posted a photo of the Zoom meeting to Twitter, including the ID number and names of participants. The vulnerability puts those using the Windows version of Zoom at risk of inadvertently handing over access to their Microsoft Outlook inbox or Sharepoint document storage system. Cyber security experts are warning people using Zoom about a security flaw that allows hackers to hoover up email account passwords by clicking a link sent over web chat.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |