Zoom now considered a Malware but you can ACT now

Zoom has now been said to be the most used app, thanks to the effect of Covid-19 isolation. Most inexpensive and free app to use as you link with your loved ones and attend meetings especially for small businesses.

FBI announced on March 30 that it was investigating Lots of reported cases on video hijacking, also known as “Zoom-bombing”, where hackers infiltrate video meetings, shouting threats.

Zoom meetings can be accessed by a short number-based URL, which can be generated and guessed by hackers. Zoom has released guidelines in which account can stop or restrict unwanted guests from crashing video meetings(see below link). 

Zoom has also lied about its end to end encryption which secures communication so that it can only be read by the users involved. Zoom confirmed in a blogpost that end-to-end encryption was not currently possible on the platform and apologized for the “confusion”.

Zoom has also been called out for its in-app surveillance feature. This feature would allow employers to check if employees are really tuned into a work meeting or if students are really watching a classroom presentation remotely.

Link 

Secure your Zoom

Credit: The guardian

SMB wormable bug leak in Microsoft

-Bug is tracked as CVE-2020-0796. It impacts SMBv3, and described as wormable. It was announced in some security feeds, but it isn't included in the March 2020 Patch Tuesday. This does not mean there is a hack on the internet for it. Microsoft has published an advisory on how to disable SMBv3 compression until a patch is ready, you can get this fromthe below link;

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005

For understanding & controlling SMB inbound and outbound traffic in general, check out the link below;

https://support.microsoft.com/en-us/help/3185535/preventing-smb-traffic-from-lateral-connections