Adnaan Arbaaz Ahmed

Zoom may have fixed many of its own security issues, but it’ll never be immune to hackers trying to trick the company’s users. Malicious actors are now targeting users with fake Zoom meeting emails in order to steal their personal information and login credentials, according to email cybersecurity with cyber security.  This particular phishing scheme uncovered by Abnormal Security weaponizes many people’s fear of losing their job due to the economic downturn during the coronavirus pandemic. To date, more than 26 million people in the U.S. have filed for unemployment since the pandemic began. These spoofed emails come in the form of a Zoom meeting reminder with HR concerning the termination of the recipient’s employment. The email contains a Zoom meeting invitation link, which is actually the hacker’s phishing site designed to mimic the look of Zoom’s login page. In reality, clicking the meeting link forwards the target to a page hosted at the URL “zoom-emergency....

It can be exploited remotely by an attacker sending email, and it can use a large amount of RAM from the device. First it slow down your iPhone and then force to crash. The attack’s scope consists of sending a specially crafted email to a victim’s mailbox enabling it to trigger the vulnerability in the context of iOS MobileMail application on iOS 12 or maild on iOS 13. Based on Research and Threat Intelligence, we surmise with high confidence that these vulnerabilities – in particular, the  remote heap overflow  – are widely exploited in the wild in targeted attacks by an advanced threat operator(s). Heap Overflow Bug A heap overflow or heap overrun is a type of buffer overflow that occurs in the heap data area. Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated at runtime and typically contains program data. What is the Vulnerability? The suspicious events included strings commonly u...

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings  to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users  from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations. Zoom may never have designed its product beyond enterprise chat initially, but with the app now being used in a myriad number of ways and by regular consumers, the company's full scope of gaffes have come into sharp focus — something it was able to avoid all this time. But if this public scrutiny can make it a more secure product, it can only be a good thing in the long run. ...