Zoom Messenger found vulnerable with Security Flaw
By MYBRANDBOOK
According to security experts, Zero-day vulnerabilities within the Zoom Messenger desktop client could allow hackers to execute random code on a victim’s machine.
Ethical hackers Daan Keuper and Thijs Alkemade from CompuTest Security demonstrated their exploit at hacking contest Pwn2Own, and were awarded a bug bounty of $200,000 by the video conferencing service.
Commenting on the exploit, Keuper said that while earlier Zoom vulnerabilities allowed attackers to infiltrate the calls, their exploit was a lot more serious as it allows attackers to take over the entire system.
The ethical hackers chained three vulnerabilities in the Zoom messenger to create their exploit. Even more alarming is the fact that they were able to take over the remote system running the Zoom client without any involvement from the victim; the exploit didn’t require the victim to click any links or open any attachments. Once successful, the duo had an almost complete control over the remote computer. They demonstrated several actions such as toggling the webcam and the microphone, gawking at the desktop, reading emails, and downloading their victim’s browser history.
Pwn2Own is a popular security conference where ethical hackers demonstrate zero-day vulnerabilities in popular devices and apps. Given the rise of remote collaboration tools, the conference organizers added the new Enterprise Communications category this year. Elsewhere in the conference another ethical hacker hacked into Microsoft Teams, again by exploiting a combination of vulnerabilities to execute arbitrary code, and earned himself a $200,000 bug bounty from Microsoft.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : Anil Agarwal
Anil Agarwal, the Founder and Chairman of Vedanta Resources Ltd., is r...
ICONS OF INDIA : SACHIN BANSAL
Sachin Bansal is an Indian entrepreneur. He is best known as the found...
Icons Of India : Bhavish Aggarwal
Indian entrepreneur Bhavish Aggarwal is the CEO of Ola, India’s larg...
BSE - Bombay Stock Exchange
The Bombay Stock Exchange (BSE) is one of India’s largest and oldest...
BEL - Bharat Electronics Limited
BEL is an Indian Government-owned aerospace and defence electronics co...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
Indian Tech Talent Excelling The Tech World - Lal Karsanbhai, President & CEO, Emerson
Lal Karsanbhai, President and CEO of Emerson, assumed the leadership i...
Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM
Arvind Krishna, an Indian-American business executive, serves as the C...
Indian Tech Talent Excelling The Tech World - Dheeraj Pandey, CEO, DevRev
Dheeraj Pandey, Co-founder and CEO at DevRev , has a remarkable journe...