Expert Comments: A Flaw In Webex And Zoom Let Researchers Snoop On Users’ Video Calls

It has been reported that a team of security researchers found they could tap into Webex and Zoom video meetings because many weren’t protected with a code. Researchers programmed a bot to cycle through lists of valid meeting IDs and get access to active conference calls. The vulnerability works because many companies and users don’t protect their meetings with a password, either for convenience or they had not checked their default settings, coupled with a limited pool of meeting IDs. By targeting the platforms’ APIs, they were able to automate the process.


EXPERTS COMMENTS
Jonathan Knudsen, Senior Security Strategist ,  Synopsys
October 03, 2019
Meeting recordings should be protected with similar vigilance.
Some rudimentary user education would help people make better choices. For example, when running an online meeting, make sure you can identify all users who have joined. Furthermore, if you expect that any part of the meeting is information you want to keep confidential, use the password feature to protect the meeting from casual intruders. Meeting recordings should be protected with similar vigil ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article