MY BRAND BOOK Zoom Messenger found vulnerable with Security Flaw

Zoom Messenger found vulnerable with Security Flaw

By MYBRANDBOOK

According to security experts, Zero-day vulnerabilities within the Zoom Messenger desktop client could allow hackers to execute random code on a victim’s machine.

Ethical hackers Daan Keuper and Thijs Alkemade from CompuTest Security demonstrated their exploit at hacking contest Pwn2Own, and were awarded a bug bounty of $200,000 by the video conferencing service.

Commenting on the exploit, Keuper said that while earlier Zoom vulnerabilities allowed attackers to infiltrate the calls, their exploit was a lot more serious as it allows attackers to take over the entire system.

The ethical hackers chained three vulnerabilities in the Zoom messenger to create their exploit. Even more alarming is the fact that they were able to take over the remote system running the Zoom client without any involvement from the victim; the exploit didn’t require the victim to click any links or open any attachments. Once successful, the duo had an almost complete control over the remote computer. They demonstrated several actions such as toggling the webcam and the microphone, gawking at the desktop, reading emails, and downloading their victim’s browser history.

Pwn2Own is a popular security conference where ethical hackers demonstrate zero-day vulnerabilities in popular devices and apps. Given the rise of remote collaboration tools, the conference organizers added the new Enterprise Communications category this year. Elsewhere in the conference another ethical hacker hacked into Microsoft Teams, again by exploiting a combination of vulnerabilities to execute arbitrary code, and earned himself a $200,000 bug bounty from Microsoft.

BREAKING NEWS

Zscaler unveils Digital Experience Monitoring Copilot...

Zscaler has announced groundbreaking innovations - ZDX Copilot, Hosted Mon...

Ola Krutrim unveils its AI vision for India...

Ola's artificial intelligence platform, Krutrim has revealed its plans to ...

Tamil Nadu Police Facial Recognition Portal faced breach...

A security flaw was discovered in the facial recognition webpage of the Ta...

With iOS 18, Apple to fully invest in AI...

Tim Cook, the CEO of Apple, has made reference to sophisticated AI features...

TECHNO TRENDS

BHIM to join e-commerce, competing with PhonePe and Google Pay

The government-supported payment software BHIM is getting ready to join t...

The latest version of X helps prevent deepfakes on social medi

To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...

India and Namibia collaborate on a payment system similar to U

Once operational, the platform will enable digital transactions in Namibia,...

Sebi issues show-cause notices to six Adani group firms

Sebi issued show-cause notices to six Adani Group firms, including Adani ...

E-Magazine

TECHNOTAINMENT

S.S. Rajamouli and Disney+ Hotstar brings the untold story of

Airtel Xstream Play strengthens regional content library, part

Bharti Airtel (“Airtel”), one of India’s leading telecommunications

ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as

The Enforcement Directorate (ED) has seized businessman Raj Kundra's pro

MOVERS & SHAKERS

New Relic names Katrina Wong as CMO

Clover Infotech appointed Subham Banerjee as CDO

Clover Infotech has announced the appointment of Subham Banerjee as its Ch

Saviynt ropes in Sanjeevi Kumar as new Sales Director in India

The cloud-native identity and governance platform solutions provider Saviy

OPEN YOUR EYES

The rising risk of insider threats in the remote workforce

Capitalising on agility to win the digital banking competition

Digital dividends becomes a challenge to the digital divides.

How Work From Home Brings Various Security Challenges

CIO’s should have the understanding "Jugaad" to overcome technology challenges

INTERVIEWS

AMD Pensando innovation CONTINUES

Check Point takes pride in providing customers with the best c

Check Point has categorized its 80 products and technologies into four main

Fire-Boltt innovates and introduces newer categories to make i

One of the biggest strengths and focus area of Fire-Boltt is innovation. Wi

HOT PICK

Lenovo launches IdeaPad Pro 5i in India with Intel Core Ultra

COLORFUL rolls out an array of gaming laptops

COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop

Dell Technologies launches new AI-powered commercial PC portfo

Dell Technologies has launched the broadest portfolio of commercial AI lap

MAKE IN INDIA BRANDS

INFOSYS TECHNOLOGIES PVT. LTD.

EXIDE INDUSTRIES LTD.

CP PLUS INDIA PVT. LTD.

AMARA RAJA POWER SYSTEMS LTD.

EMINENT CIO'S OF INDIA

Maintaining and improving the internal technology processes to maximize productivity with automation

In my view, to increase efficiency and productivit...

Harnessing the power of IIoT based offerings

What IIoT is certainly not- it is not about replac...

Digital transformation reshaping & strengthening the business landscape

This starts with upholding certain values while ma...

ICONS OF INDIA

Technology Icons Of India 2023: Bhavish Aggarwal

Ola CEO Bhavish Aggarwal had formed Ola-India’s largest mobility pla...

Technology Icons Of India 2023: Sachin Bansal

Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...

Technology Icons Of India 2023: Roshni Nadar Malhotra

Roshni Nadar Malhotra is an Indian billionaire businesswoman and the c...

PARTNER SPEAKERS

Partnership, innovation, and technology: key drivers of Redington’s achievements

The nature of the IT industry has undergone significant transformation over th...

Supertron’s holistic approach leveraging its comprehensive transformation

Supertron is prepared to participate & support integration of technology adapt...

Transforming Distribution in the digital era!

In today’s dynamic marketplace, coupled with the expanded scope and complexi...

PSU

CERT-IN protecting the cyber security space of India

CERT-In serves in the area of cyber security threats like hacking and ...

TCIL continues to strengthen India with its technology expertise

TCIL undertakes consultancy & turnkey projects in the field of Telecom...

STPI encouraging software exports from India

Software Technology Parks of India (STPI) is an S&T organization under...

VIDEOS

Top 25 Brands

Most Trusted Brands 2023 : SAP India Pvt. Ltd.

The German software giant aims to double its investments in India over the nex...

Most Trusted Brands 2023 : Oracle India Pvt. Ltd.

Oracle offers a wide range of other enterprise software solutions, including m...

Most Trusted Brands 2023 : Dell Technologies India Pvt. Ltd.

Dell Technologies helps organizations and individuals build their digital futu...

Value-Added Distribution

FORTUNE MARKETING PVT. LTD.

Delhi based Fortune Marketing, An ISO 9001:2008 company, distributes ...

TECHNOBIND SOLUTIONS PVT. LTD.

TechnoBind’s business model is focused on identifying and partnering...

SAVEX TECHNOLOGIES PVT. LTD.

Savex Technologies is the 3rd largest Information & Communication Tec...

ITFORUM 2024

WIITF 2024

CMO of the Year

WOMEN LEADERSHIP

EMINENT CIO's OF INDIA

TRENDS IN TECHNOLOGY