Login

Register

Login

Register

Zoom zero-day exploit for sale online for $500,000 | #espionage | #surveillance | #ceo | #businesssecurity | #


Zoom’s meteoric rise in popularity has also drawn the close attention of hackers. Following the discovery of hundreds of thousands of Zoom passwords for sale online, news has broken of two zero-day vulnerabilities available for purchase.

The first zero-day targets Zoom for Windows and the other Zoom for Mac OS, with the former priced at $500,000, which experts see as hugely inflated given the limited severity of the flaw.

The Windows flaw is a remote code execution (RCE) zero-day, which means the hacker would be able to gain access to the application remotely, without the need to phish for credentials.

“The Windows zero-day is nice, a clean RCE…perfect for industrial espionage” an anonymous source, veteran of the cybersecurity industry, told Vice.

However, in order to gain access to the entire machine, the attacker would need to harness a second exploit in tandem, adding a layer of friction. The perpetrator would also need to join the victim’s video conference, eliminating the opportunity for a stealth-based attack.

The MacOS flaw is not an RCE and therefore poses less of a distinct threat.

Evaluating the vulnerabilities, one source explained the asking price is not proportional with the threat posed by the flaw.

“I don’t see how it makes sense compared to the concrete potential in terms of intelligence. I think it’s just kids who hope to make a bang.”



Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW