A new security issue on the Zoom video conferencing platform has been reported by specialists from a cyber security audit company. The platform has allowed companies, government agencies and individuals to stay in touch during this period of social estrangement from the coronavirus/COVID-19 pandemic, although its increasing use has revealed some security flaws and user privacy breaches.
Over the past weekend it was revealed that the company saves some of the videos that users record from their sessions in a separate online storage space without a password or any other protection. This means that any user could find this database through a simple Internet search; if that’s not enough, these videos are ready for viewing and downloading without any restrictions.
Specialists at a cyber security audit firm believe there is a link between the continued security flaws in Zoom and its sudden massive use, as the firm has resorted to investing all its efforts to respond to current demand, leaving aside issues such as the information security of its thousands of users. This is a questionable decision, as technology companies face an increasingly complex picture of data protection. In other words, specialists consider Zoom to have “shot in the foot”. After receiving the report, Zoom acknowledged his mistake and announced a series of steps to begin correcting the multiple security flaws he has recently made.
Cyber security audit company specialists mention that Zoom requires an automated platform to analyze, identify, and mitigate all of your cloud security risks. This does not apply only to Zoom. A platform with automated security would allow companies to work without neglecting user security, eliminating the need to choose between innovation and user security.
Last week, the International Institute of Cyber Security (IICS) revealed some other flaws in Zoom. Among these dubious security errors and practices, mention is the location of some encryption key generation servers, located in China. This could be a serious security inconvenience, given the invasive data collection policy implemented by the Asian giant’s government.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
