Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
ZOOM Security Plan
#1
Quote:New cyberattacks continue to roll in the wake of the COVID-19 pandemic, including exploits of the most popular video conferencing service and doubling-down on the DoppelPaymer ransomware strain.


Here’s a quick recap of the latest updates to these attacks and the planned responses.

Zoom makes some cybersecurity improvements in response to critics
In the wake of the pandemic lockdown and widespread adoption of videoconferencing to support working from home, Zoom presented a 90-day plan to address users’ security and privacy concerns in the upcoming version 5.0 of its product. The promised improvements include support for end-to-end AES 256-bit GCM encryption to protect user data against tampering and eavesdropping. Zoom will also add data routing controls that let administrators choose the data center through which their network traffic is routed, which will help companies comply with the cross-border data transfer restrictions of the EU’s privacy-oriented General Data Protection Regulation (GDPR).

Zoom will also make improvements to its user interface (UI) and user experience (UX) by adding a security icon on the meeting host’s menu bar for easy access to security controls.

With Zoom’s broad adoption by educational institutions, teachers have wrestled with disruptions like the hijacking of screen sharing and unwanted use of drawing tools by students on the teacher’s shared screen. New default settings for Education, Basic, and single-license Pro accounts will reserve the control of screen sharing and enablement of annotations to the host, and place attendees in a waiting room until the host starts the session.

These new features are designed to stop the growing practice of Zoom-bombing, in which students or outside attackers disrupt sessions by sharing or drawing offensive content, including hateful, violent or otherwise shocking images. 

The recent examples of this practice are many, including an Arizona State University online class hosted on Zoom for 150 students in which one participant started sharing a pornographic video. University of Southern California (USC) President Carol L. Folt also reported that some online lectures in Zoom had been interrupted with racist and vile statements.

Other Zoom-bombing countermeasures will include enabling meeting passwords by default to protect unsolicited access to publicly announced meetings. Account admins will also be able to require greater password complexity, including longer passwords and a mix of alphanumeric and special characters in order to thwart the use of war-dialing hacking tools that can brute-force simpler passwords. More complex password rules will also be enforceable to protect meeting recordings stored in the cloud.

We’re looking forward to seeing the more secure Zoom 5.0 release.


SOURCE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Update Zoom Security Tip: guardian 0 1,387 05-01-2020 , 11:27 AM
Last Post: guardian

Forum Jump:


Users browsing this thread: 1 Guest(s)