Video-calling app Zoom has been on the end of sharp criticism for security weaknesses. In response, they announced today a plan to offer end-to-end encryption for all users, with a trial to begin next month. Read the rest
Welcome to the dystopian future of yesteryear's futurist cyberpunk novels. Read the rest
This is easily done yourself, but it was smart of Coors Light (and their creative agency) to create a one-click "Clone Machine" that captures and loops 30 seconds of video of you smiling and nodding along as if you're paying attention on a Zoom meeting. Read the rest
Hayao Miyazaki’s Studio Ghibli has released stunning free backgrounds for videoconferencing software like Zoom. Change your set and setting to Spirited Away, Howl's Moving Castle, Princess Mononoke, Castle in the Sky, and four other enchanting film scenes. Download them here: "Studio Ghibli wallpaper that can be used for web conferences"
(via Open Culture)
Today I made a Zoom background of myself accidentally walking in on myself in a Zoom meeting. pic.twitter.com/Rl2AsjfZ7V
— Dan Crowd (@itsdancrowd) April 3, 2020
Prankster creativity from video producer Dan Crowd (above) and motion graphics designer Metehan Korkmazel.
Read the restI had the same like multiple instances of me hanging around. pic.twitter.com/05G4KDXNGY
— Metehan Korkmazel (@korkmazelm) April 3, 2020
The suddenly popular videoconferencing app Zoom has issued a patch for a vulnerability in its Windows client that allowed attackers to steal the user's Windows login credentials from malicious chat links.
Hi @zoom_us & @NCSC - here is an example of exploiting the Zoom Windows client using UNC path injection to expose credentials for use in SMBRelay attacks. The screen shot below shows an example UNC path link and the credentials being exposed (redacted). pic.twitter.com/gjWXas7TMO
— Hacker Fantastic (@hackerfantastic) March 31, 2020
I made a simple demo of the latest Zoom UNC Path Injection Vulnerability, Take care and don't click on ANY UNC Path hyperlinks!
P.S. I used putty as a payload.exe which could be ANY_THING_ELSE.exe
— Mohamed A. Baset (@SymbianSyMoh) April 1, 2020
“Zoom issued a fix for this and other bugs, promising better transparency going forward,” reports Mark Hachman at PCWorld:
Read the restAn unpatched vulnerability within Zoom allows an attacker to drop a malicious link into a chat window and use it to steal a Windows password, according to reports.
A hacker could use an attack called a UNC path injection to expose credentials, according to an attack posted on Twitter and subsequently followed up with an additional video. According to The Hacker News, that's because Windows exposes a user's login name and password to a remote server when attempting to connect to it and download a file.
----
Update: After this story and others went live April 1, Zoom CEO Eric Yuan addressed Zoom security and other issues in a blog post.
A new documentary, "(In)Securus Technologies: An Assault on Prisoner Rights", tracks the rise of for-profit video "visitation" programs, which are being rolled out across America's unimaginably huge prison system, replacing the in-person visits that have been shown to be vital for prisoners' successful rehabilitation and reintegration into society. Read the rest
