Stanislascollege Pijnacker stopt ook met Zoom door ‘beelden die niet door de beugel kunnen’: porno en Hitler snor tijdens Duits

PIJNACKER – Het Stanislascollege in Pijnacker stopt per direct met het gebruik van de video-app Zoom voor het geven van online lessen. De school heeft meerdere berichten ontvangen van leerlingen, ouders en docenten dat er tijdens de lessen beelden of teksten te zien zijn die niet door de beugel kunnen. Woensdag besloot het Zoetermeerse Erasmus Read more about Stanislascollege Pijnacker stopt ook met Zoom door ‘beelden die niet door de beugel kunnen’: porno en Hitler snor tijdens Duits[…]

Porno tijdens online les van Zoetermeerse school dus stoppen met Zoom

ZOETERMEER – Leerlingen van een klas van het Zoetermeerse Erasmus College hebben woensdagochtend, tijdens een les via de video-app Zoom, pornobeelden te zien gekregen. De school is onmiddellijk gestopt met het gebruik van Zoom. ‘We snappen dat jullie ontzettend geschrokken zijn’, schrijft de school in een mail aan de betreffende leerlingen. ‘We hebben natuurlijk direct Read more about Porno tijdens online les van Zoetermeerse school dus stoppen met Zoom[…]

Attackers can bypass fingerprint authentication with an ~80% success rate

For decades, the use of fingerprints to authenticate users to computers, networks, and restricted areas was (with a few notable exceptions) mostly limited to large and well-resourced organizations that used specialized and expensive equipment. That all changed in 2013 when Apple introduced TouchID. Within a few years, fingerprint-based validation became available to the masses as Read more about Attackers can bypass fingerprint authentication with an ~80% success rate[…]

Google Bans Zoom Videoconferencing Software From Employees’ Computers

Google has banned the popular videoconferencing software Zoom from its employees’ devices, BuzzFeed News has learned. Zoom, a competitor to Google’s own Meet app, has seen an explosion of people using it to work and socialize from home and has become a cultural touchstone during the coronavirus pandemic. Last week, Google sent an email to Read more about Google Bans Zoom Videoconferencing Software From Employees’ Computers[…]

Easy-to-pick “smart” locks gush personal data, FTC finds

A padlock—whether it uses a combination, a key, or “smart” tech—has exactly one job: to keep your stuff safe so other people can’t get it. Tapplock, Inc., based in Canada, produces such a product. The company’s locks unlock with a fingerprint or an app connected by Bluetooth to your phone. Unfortunately, the Federal Trade Commission Read more about Easy-to-pick “smart” locks gush personal data, FTC finds[…]

Zoom banned by Taiwan’s government over China security fears

Zoom has been banned from government business in Taiwan in the latest setback for the hugely popular video-calling app. It follows revelations that some Zoom traffic was “mistakenly” routed through China, which does not recognise Taiwan’s independence. Taiwan’s government said public bodies should not use products with security concerns “such as Zoom”. But competitors like Read more about Zoom banned by Taiwan’s government over China security fears[…]

If you don’t cover your Docker daemon API port you’ll have a hell of a time… because cryptocreeps are hunting for it

Some Docker installations are getting hammered by malware skiddies hoping to mine digital cash using other people’s CPU time. Infosec outfit Aqua – no, not the Barbie Girl band – said miscreants have spotted that a decent number of Docker deployments are lazily or inadvertently exposing the daemon API port to the public internet with Read more about If you don’t cover your Docker daemon API port you’ll have a hell of a time… because cryptocreeps are hunting for it[…]

American schools are banning Zoom and switching to Microsoft Teams

After many schools adopted Zoom to conduct online lessons during the coronavirus lockdown, concerns about security and privacy have led to a ban on the video conferencing software across the US. The chancellor of New York City’s Department of Education Richard A Carranza sent an email to school principals telling them to “cease using Zoom Read more about American schools are banning Zoom and switching to Microsoft Teams[…]

Zoom’s Flawed Encryption Linked to China

Meetings on Zoom, the increasingly popular video conferencing service, are encrypted using an algorithm with serious, well-known weaknesses, and sometimes using keys issued by servers in China, even when meeting participants are all in North America, according to researchers at the University of Toronto. The researchers also found that Zoom protects video and audio content Read more about Zoom’s Flawed Encryption Linked to China[…]

Zoom Bombings Started Off as Pranks. Now Someone Could End Up Dead

For those unaware, Zoom officially has a porn problem. The multibillion-dollar video messaging mainstay among employees at Johnson & Johnson and the Department of Homeland Security—not to mention a household name among currently house-bound citizens across the country—has been rocked by story after story of pranksters popping into video meetings with clips of graphic porn Read more about Zoom Bombings Started Off as Pranks. Now Someone Could End Up Dead[…]

A Hacker Found a Way to Take Over Any Apple Webcam

Apple patched the vulnerabilities in January and March updates. But before the fixes, all a victim would have needed to do is click one malicious link and an attacker would have been able to spy on them remotely. “Safari encourages users to save their preferences for site permissions, like whether to trust Skype with microphone Read more about A Hacker Found a Way to Take Over Any Apple Webcam[…]

Ex-NSA hacker drops new zero-day doom for Zoom

Zoom’s troubled year just got worse. Now that a large portion of the world is working from home to ride out the coronavirus pandemic, Zoom’s popularity has rocketed, but also has led to an increased focus on the company’s security practices and privacy promises. Hot on the heels of two security researchers finding a Zoom Read more about Ex-NSA hacker drops new zero-day doom for Zoom[…]

Zoom User Warning: This Is How Attackers Could Steal Windows Passwords

Today, news of a Zoom issue affecting Microsoft Windows users. The Zoom Windows client is at risk from a flaw in the chat feature that could allow attackers to steal the logins of people who click on a link, according to tech site Bleeping Computer. When using Zoom, it’s possible for people to communicate with each Read more about Zoom User Warning: This Is How Attackers Could Steal Windows Passwords[…]

Zoom Users Beware: Here’s How A Flaw Allows Attackers To Take Over Your Mac Microphone And Webcam

Every day, a new Zoom security or privacy issue emerges. At least, that’s the way it seems during the COVID-19 crisis as an increasing number of people use the Zoom video conferencing app while working from home. Soon after a security problem was disclosed that could allow attackers to steal Windows passwords, another researcher has identified Read more about Zoom Users Beware: Here’s How A Flaw Allows Attackers To Take Over Your Mac Microphone And Webcam[…]

OpenWRT code-execution bug found – update!

For almost three years, OpenWRT—the open source operating system that powers home routers and other types of embedded systems—has been vulnerable to remote code-execution attacks because updates were delivered over an unencrypted channel and digital signature verifications are easy to bypass, a researcher said. OpenWRT has a loyal base of users who use the freely Read more about OpenWRT code-execution bug found – update![…]

Zoom is Leaking Peoples’ Email Addresses and Photos to Strangers

Popular video-conferencing Zoom is leaking personal information of at least thousands of users, including their email address and photo, and giving strangers the ability to attempt to start a video call with them through Zoom. The issue lies in Zoom’s “Company Directory” setting, which automatically adds other people to a user’s lists of contacts if Read more about Zoom is Leaking Peoples’ Email Addresses and Photos to Strangers[…]

Zoom: how you were able to join random meetings due to incredibly poor security design

In this publication we describe a technique which would have allowed a threat actor to potentially identify and join active meetings. All the details discussed in this publication were responsibly disclosed to Zoom Video Communications, Inc. In response, Zoom introduced a number of mitigations, so this attack is no longer possible. The Problem If you Read more about Zoom: how you were able to join random meetings due to incredibly poor security design[…]

FBI Issues Warning, NY Attorney General Makes Inquiry After Wave of Zoom Hijackings

The FBI has issued a warning about video messaging service Zoom, and New York Attorney General’s office has made an inquiry into its cybersecurity practices, after a string of disturbing incidents involving takeovers of teleconferences. Per Agence France-Presse, malicious individuals have been taking advantage of lax security and the surge in teleconferencing during the coronavirus Read more about FBI Issues Warning, NY Attorney General Makes Inquiry After Wave of Zoom Hijackings[…]

Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing. Also, they mine your data with vampire teeth.

Zoom, the video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video and audio Read more about Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing. Also, they mine your data with vampire teeth.[…]

Data of millions of eBay and Amazon shoppers exposed by VAT analysing 3rd party

Researchers have discovered another big database containing millions of European customer records left unsecured on Amazon Web Services (AWS) for anyone to find using a search engine. A total of eight million records were involved, collected via marketplace and payment system APIs belonging to companies including Amazon, eBay, Shopify, PayPal, and Stripe. Discovered by Comparitech’s Read more about Data of millions of eBay and Amazon shoppers exposed by VAT analysing 3rd party[…]

Your data was ‘taken without permission’, customers told, after personal info accessed in O2 UK partner Aerial Direct database

Hackers have slurped biz comms customers’ data from a database run by one of O2’s largest UK partners. In an email sent to its customers, the partner, Aerial Direct, said that an unauthorised third party had been able to access customer data on 26 February through an external backup database, which included personal information on Read more about Your data was ‘taken without permission’, customers told, after personal info accessed in O2 UK partner Aerial Direct database[…]

Carnival Corp. (Holland America / Princess Cruises) Discloses nasty customer Data Breach Amid Covid-19 Panic

Earlier this month, the multibillion-dollar cruise conglomerate Carnival Corp. announced that two of its most popular lines—Holland America and Princess Cruises—were respectively slammed with hacks compromising the sensitive personal intel of cruise-goers and cruise-workers alike. Even though neither announcement makes mention of when each respective breach was disclosed, pulling up the source code for the Read more about Carnival Corp. (Holland America / Princess Cruises) Discloses nasty customer Data Breach Amid Covid-19 Panic[…]

900 Million Secrets From 8 Years of ‘Whisper’ App Were Left Exposed Online

Whisper, the secret-sharing app that called itself the “safest place on the Internet,” left years of users’ most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed. The data exposure, discovered by independent researchers and shown to Read more about 900 Million Secrets From 8 Years of ‘Whisper’ App Were Left Exposed Online[…]

US Rule Waiver Will Reduce Empty Planes During Virus Outbreak (after in EU) and then closes US airspace to EU flights after blaming EU for Corona

Federal regulators waived a rule Wednesday that was causing airlines to fly nearly empty planes just to avoid losing takeoff and landing rights at major airports. The Federal Aviation Administration said it would suspend the rule through May 31 to help airlines that are canceling flights because of the new virus outbreak. The FAA assigns Read more about US Rule Waiver Will Reduce Empty Planes During Virus Outbreak (after in EU) and then closes US airspace to EU flights after blaming EU for Corona[…]

Intel CPUs vulnerable to new LVI attacks, allows information injection

Named Load Value Injection, or LVI for short, this is a new class of theoretical attacks against Intel CPUs. While the attack has been deemed only a theoretical threat, Intel has released firmware patches to mitigate attacks against current CPUs, and fixes will be deployed at the hardware (silicon design) level in future generations. A Read more about Intel CPUs vulnerable to new LVI attacks, allows information injection[…]