Zoom security bug lets attackers steal Windows passwords

Sourced from https://mashable.com/article/zoom-vulnerability-windows-passwords/

Zoom security bug lets attackers steal Windows passwords

Zoom, the videoconferencing software that’s skyrocketed in popularity as much of the globe sits at home due to the coronavirus outbreak, is quickly turning into a privacy and security nightmare. 

BleepingComputer reports about a newly found vulnerability in Zoom that allows an attacker to steal Windows login credentials from other users. The problem lies with the way Zoom’s chat handles links, as it converts Windows networking UNC (Universal Naming Convention) paths into clickable links. If a user clicks on such a link, Windows will leak the user’s Windows login name and password. 

The good thing is that the password is hashed; but the bad thing is that it is in many cases simple to reveal it using password recovery tools such as Hashcat.  Read more…

More about Zoom, Tech, and Cybersecurity… Read More

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.