• Home
  • About Us
    • Contact Us
  • Jobs
  • Blog
  • Offers
  • Join Us
  • Cyber Career

    Cart

    No products in the cart.

    Sign in

    Cart

    No products in the cart.


    • Home
    • About Us
      • Contact Us
    • Jobs
    • Blog
    • Offers
    • Join Us
    • Cyber Career
    Sign in

    Category: Security Threats

    Covid 10 Cyber Attacks

    Microsoft defends health care orgs, Mozilla funds innovation to fight COVID-19

    Some welcome good news on the COVID-19 front: Microsoft Corporation said it is stepping up its efforts to protect hospitals and other critical services from…

    Daz April 5, 2020
    0 Comments
    forensic investigator image

    Spearphishing Campaign Exploits COVID-19 To Spread Lokibot Infostealer

    The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus. Researchers have discovered threat actors once again capitalizing on…

    Daz April 5, 2020
    0 Comments

    Marriott data breach again – affects 5.2 million guests

    Marriott Hotels have disclosed another data breach, in which details approximately 5.2 million guests were leaked. Internal investigation by the hotel says the guest information…

    Tony April 2, 2020
    0 Comments

    Zoom Removes Data-Mining LinkedIn Feature

    The feature, criticized for “undisclosed data-mining,” is only the latest privacy faux pas for Zoom this month. Zoom has nixed a feature that came under…

    Tony April 2, 2020
    0 Comments

    RSS Threat Post

    • Student Loan Breach Exposes 2.5M Records August 31, 2022
      2.5 million people were affected, in a breach that could spell more trouble down the line.
      Nate Nelson
    • Watering Hole Attacks Push ScanBox Keylogger August 30, 2022
      Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
      Nate Nelson
    • Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms August 29, 2022
      Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
      Nate Nelson
    • Ransomware Attacks are on the Rise August 26, 2022
      Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
      Nate Nelson
    • Cybercriminals Are Selling Access to Chinese Surveillance Cameras August 25, 2022
      Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
      Nate Nelson

    Search

    Tags

    Language

    Archives

    • July 2020 (1)
    • April 2020 (4)

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org
    • Home
    • About Us
    • Jobs
    • Blog
    • Offers
    • Join Us
    • Cyber Career
    Copywrite © 2023 - Cyber Training Camps All rights reserved. All company names or logos are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

    Forum Description

    The feature, criticized for “undisclosed data-mining,” is only the latest privacy faux pas for Zoom this month. Zoom has nixed a feature that came under fire for “undisclosed data mining” of users’ names and email addresses, used to match them with their LinkedIn profiles. The feature, the LinkedIn Sales Navigator, is a LinkedIn service used for sales prospecting. When users enter a web conference meeting, the tool automatically sent their user names and email addresses to an Zoom internal company system. This system would then match this data to their LinkedIn profiles, according to a New York Times investigation. Per The New York Times, the tool also automatically allowed other meeting participants to covertly access this LinkedIn profile data, without Zoom asking for users’ permission or notifying them. That means if a user is in a Zoom meeting – even if they aren’t using their real names – other participants could collect information about their real names, locations, employer names and job titles.

    The tool was removed on Thursday as part of several sweeping changes Zoom made in response to snowballing security and privacy concerns. Zoom founder Eric Yuan said in a Wednesday post responding to the concerns that Zoom will freeze the development of its features and instead focusing on security and privacy issues.

    “Over the next 90 days, we are committed to dedicating the resources needed to better identify, address and fix issues proactively,” said  Yuan. “We are also committed to being transparent throughout this process. We want to do what it takes to maintain your trust.”

    With more employees working from home over the past few weeks due to the coronavirus pandemic, Zoom has ballooned in popularity to include 200 million daily meeting participants in March. To put that into context, the maximum number of daily meeting participants on Zoom in December was 10 million.

    But questions over what data Zoom collects – and how it is secured – have also increased. On the privacy front, Zoom this week removed a feature in its iOS web conferencing app that was sharing analytics data with Facebook, after a report revealing the practice sparked outrage. According to the Motherboard report last week that originally disclosed the privacy issue, the transferred information included data on when a user opened the app, a user’s time zone, device OS, device model and carrier, screen size, processor cores and disk space.

    The issue left the public — including New York attorney general, Letitia James — demanding more information about how Zoom secures user data. Some have even prohibited use of the video-conferencing app — including, according to Reuters, Elon Musk’s SpaceX rocket company, which cited “significant privacy and security concerns.”

    Yuan said Wednesday, in response to these privacy concerns, that Zoom will prepare a transparency report detailing information related to data, records or content. In addition, he said, Zoom has now updated its privacy policy “to be more clear and transparent” around what data is collected and how it is used. The policy now explicitly clarifies that Zoom does not sell users’ data and will not going forward.

    On the security side of things, Zoom has now patched several recently-disclosed vulnerabilities – including two zero-day flaws uncovered this week in the conferencing platform’s macOS client version, and a UNC path injection vulnerability in the Zoom Windows client, which could enable attackers to steal Windows credentials of users.

    Moving forward, Yuan said Zoom would be “enhancing” its current bug-bounty program, and creating white-box penetration tests to “further identify and address issues.”

    “Transparency has always been a core part of our culture,” said Yuan. “I am committed to being open and honest with you about areas where we are strengthening our platform and areas where users can take steps of their own to best use and protect themselves on the platform.”