Cyble, a cybersecurity company, first noted the situation on April 1st: half a million Zoom accounts for sale on the dark web, available at a bulk price of $0.002 per account. Other accounts are reportedly being shared for free.
The video conferencing platform has been under intense scrutiny during an unprecedented moment when the world is depending on its technology more than ever. Following various issues, they halted all features development for 90 days in order to address the multiplying security concerns.
What information was compromised in this incident?
Was Zoom hacked?No. The breached accounts appear to be an instance of credential stuffing, a type of attack in which hackers use previously stolen account credentials in a large-scale, automated attempt to gain access to a different company’s accounts.
Hank Green✔@hankgreenThis is being discussed as a hack of Zoom, but Zoom didn't leak the passwords. Hackers used previously-leaked username/password combos from other hacks to attempt to login to Zoom. Hackers found over 500,000 that worked. https://twitter.com/SAI/status/1249986400512024576 …
Business Insider Tech✔@SAIResearchers found and bought more than 500,000 Zoom passwords on the dark web for less than a cent each http://www.businessinsider.com/500000-zoom-accounts-sale-dark-web-2020-4 …
What is the best way to protect yourself from this type of credential stuffing attack?Stop reusing the same passwords on multiple accounts. All your accounts—but especially those that store sensitive information like credit card or social security numbers—should be protected with strong, unique passwords. A strong password has a minimum of 8 characters and includes a mix of uppercase letters, lowercase letters, numbers, and special characters. Here are some additional tips to help you get out of the habit of reusing passwords:
Use a password manager
The average person has over 150 accounts. That is too many complex, unique passwords for the human brain to remember. That’s where password managers can help.These have a built-in password generator to help you create strong passwords for new accounts and save them securely, plus in-app security alerts that notify you immediately when you need to change your passwords after a data breach.
You have the option to add extra protection with two-factor authentication (2FA), especially on sensitive apps like your social media and online banking accounts.
Quit reusing weak passwords.
How to keep your Zoom chats secure and privateThere’s a reason Zoom is wildly popular. It’s incredibly simple and intuitive, but in removing all friction from its product, the company neglected crucial security elements—a decision they are currently reevaluating. In the meantime, here are some tips for making your Zoom conferences more secure:
Keep your Zoom link or code private
Don’t share it out on public channels or social media.
Set a meeting password
A password will keep unwanted people from crashing your meeting. Here is info on how to add a password.
Make a waiting room
This will let the host see all attendees and invite the appropriate people to join the meeting. Here’s how.
Update to the latest version of Zoom
Zoom has shifted resources to fixing the security issues so make sure to keep the app updated as changes come in. More info here.
Leave a Reply.
Thecomputerheale.com makes no claims about the efficacy of the information contained in the documents and related graphics published on this website for any purpose. All information, documents and graphics are provided "as is" without any kind of guarantee of effectiveness. Thecomputerhealer.com hereby disclaims all responsibility for the manner in which the information offered on this website is used by you.
In no event shall Thecomputerhealeronline.com be liable for any special, indirect or consequential damages or any damages whatsoever resulting from the loss of use, data or profits arising out of or in connection with the use or performance of information available from this website.
The documents and related graphics published on this website may include technical inaccuracies or typographical errors. Changes are periodically added to the information on this website. Thecomputerhealer.com reserves the right, at its discretion, to change or modify all or any part of this agreement and the content on website at any time, effective immediately upon publication of this notice.
Your continued use of this website constitutes your binding acceptance of these terms and conditions, including any changes or modifications made by Thecomputerhealer.com as permitted above. If, at any time, the terms and conditions of this agreement are no longer acceptable to you, you should immediately cease using this website.