Attackers can use Zoom to steal users’ Windows credentials with no warning

An unpatched bug in Zoom running on Windows can allow hackers to join your meetings and post links that if clicked can yield unpleasant results. Be careful what you click and don’t open links you aren’t expecting. If the link seems out of context definitely do not click it and ask your team if they sent it.

Read the full article from Ars Technica here.

While this threat is specific to Zoom running on Windows computers, this is a great example of how attackers can shift their focus based upon current events. Hundreds of thousands of people just started using Zoom in the past few weeks, and are largely unfamiliar with it beyond starting or joining a meeting.

WHAT ZOOM SAYS… 

Zoom has acknowledged the vulnerability and state that they are working to address it, so watch for updates – but, please be wary if you start to receive emails with links to update your zoom software. Zoom will most likely prompt to update when you launch the application once they have this fixed, and not email you out a link to run the updates.

Have cybersecurity protection questions? Contact us now.