Clearview AI is reportedly set to cancel client accounts that are not associated with law enforcement or other government entities, as scrutiny grows over abuses of the facial recognition AI app. Read the rest
Britain and the United States said on Tuesday in a joint warning that government-backed hackers are attacking healthcare and research institutions with the goal of stealing valuable information about the response to the novel coronavirus pandemic. Read the rest
A hacker is accused of bribing an employee of the game Roblox and gaining access that allowed the hacker to see user account info, reset passwords, and grant virtual in-game currency, by way of the back end customer support panel of the massively popular online video game. Read the rest
“We believe that the Blacks and the Jews are taking over America, and it’s our job to take America back for the White race,” Patton testified at trial, describing his beliefs while carrying out the crime — beliefs he said he no longer held.
Banjo CEO Damien Patton has admitted to being a Neo-Nazi skinhead in his youth. But until today, the extent of his activity had not yet been reported, in part because of multiple spellings of his name used over the years. Read the rest
📷 Pepper Construction is using Startup SmartVid.io to analyze worksite images for Oracle Industries Innovation Lab in Deerfield, Illinois.
Existing security cameras at retail stores and workplaces are being equipped with articifial intelligence to enforce measures intendded to slow the spread of the novel coronavirus, Reuters reports, based on interviews with 16 different machine vision software firms and a number of businesses that are now their clients. Read the rest
Mark Di Stefano of the Financial Times is accused by The Independent of accessing private Zoom meetings held by The Independent and The Evening Standard as journalists were learning how coronavirus restrictions would affect them. Read the rest
Google and Apple are working on a joint effort to introduce opt-in Bluetooth-based COVID-19 contact tracing APIs in mid-May for iOS and Android. Read the rest
The video conferencing app Zoom has become suddenly ubiquitous over the past few weeks, as the coronavirus shutdown closes schools, businesses, and keeps us all indoors. Shares of Zoom dropped 9% on Monday, adding to their sharp declines in recent days, as security and privacy vulnerabilities are reported. There is also new competition from other established video conferencing apps, who have access to more capital than Zoom. Skype, owned by Microsoft, is but one. Read the rest
The suddenly popular videoconferencing app Zoom has issued a patch for a vulnerability in its Windows client that allowed attackers to steal the user's Windows login credentials from malicious chat links.
Hi @zoom_us & @NCSC - here is an example of exploiting the Zoom Windows client using UNC path injection to expose credentials for use in SMBRelay attacks. The screen shot below shows an example UNC path link and the credentials being exposed (redacted). pic.twitter.com/gjWXas7TMO
— Hacker Fantastic (@hackerfantastic) March 31, 2020
I made a simple demo of the latest Zoom UNC Path Injection Vulnerability, Take care and don't click on ANY UNC Path hyperlinks!
P.S. I used putty as a payload.exe which could be ANY_THING_ELSE.exe
— Mohamed A. Baset (@SymbianSyMoh) April 1, 2020
“Zoom issued a fix for this and other bugs, promising better transparency going forward,” reports Mark Hachman at PCWorld:
Read the rest
An unpatched vulnerability within Zoom allows an attacker to drop a malicious link into a chat window and use it to steal a Windows password, according to reports.
A hacker could use an attack called a UNC path injection to expose credentials, according to an attack posted on Twitter and subsequently followed up with an additional video. According to The Hacker News, that's because Windows exposes a user's login name and password to a remote server when attempting to connect to it and download a file.
Update: After this story and others went live April 1, Zoom CEO Eric Yuan addressed Zoom security and other issues in a blog post.
Everyone is using Zoom for everything from pandemic family gatherings to A.A. meetings to therapy sessions to teaching college classes, but the app has newly revealed and very concerning security vulnerabilities.
The contents of thousands of video calls made on the app Zoom were exposed on the open web, and easily available via common web search tools.
The Washington Post reports that many of the videos, which callers assumed were private, include personally identifiable information and deeply intimate conversations, recorded in people’s homes. Read the rest