Never miss a story

Get subscribed to our newsletter


×
The video conferencing app Zoom has an unpatched bug can let hackers steal users Windows password. (Representational Image). Pixabay

Slammed for the lack of users privacy and security by the US Federal Bureau of Investigation (FBI) and cybersecurity experts, video meeting app Zoom is also prone to hacking, a new report has claimed, saying an unpatched bug can let hackers steal users Windows password.

The �Zoom client for Windows’ is vulnerable to the ‘UNC path injection’ vulnerability that could let remote attackers steal login credentials for victims’ Windows systems, reports TheHacckeNews.


The latest finding by cybersecurity expert @_g0dmode, has also been “confirmed by researcher Matthew Hickey and Mohamed A. Baset,’ the report said late Wednesday.

Please follow NewsGram on Twitter to get updates on the latest news

The attack involves the “SMBRelay technique” wherein Windows automatically exposes a user’s login username and NTLM password hashes to a remote server, when attempting to connect and download a file hosted on it.

“The attack is possible only because Zoom for Windows supports remote UNC paths, which converts such potentially insecure URLs into hyperlinks for recipients in a personal or group chat,” the report claimed. Besides Windows credentials, the vulnerability can also be exploited to launch any programme present on a targeted computer.


The Zoom client for Windows’ is vulnerable to the ‘UNC path injection’ vulnerability that could let remote attackers steal login credentials for victims’ Windows systems, reports TheHacckeNews. Pixabay

Zoom has been notified of this bug but the flaw is yet to be fixed. “Users are advised to either use an alternative video conferencing software or Zoom in your web browser instead of the dedicated client app,” said the report. Another media report claimed that Zoom doesn’t use end-to-end encryption to protect calling data of its users.

Please follow NewsGram on Instagram to get updates on the latest news

As businesses, schools and colleges and millions of SMBs use video conferencing tool Zoom during the work-from-home scenario, the US Federal Bureau of Investigation (FBI) has warned people about porn material being popped up during the video meetings.

Also Read- Facebook Announces To Expand Community Help Feature

The Boston branch of the law enforcement agency said it has received multiple reports of Zoom conferences being disrupted by pornographic and/or hate images and threatening language.

The video conferencing app late last month updated its iOS app to remove the software development kit (SDK) that was providing users’ data to Facebook through the Login with Facebook feature. (IANS)


Popular

File

Bangladesh over the years show that the state has failed in its duty to protect minorities

By- Salil Gewali

If humanity is hurt, God is hurt.

Religion without compassion might give way to hatred. Compassion with a "self-interest" motive is completely irreligious. But of late, some of the religions have departed from those basic human values. Love and compassion are for only those who follow their "specific" faith. Very sadly, the religions are up as trading commodities in the world of proselytization. Better preachers attract more followers. Of course, no issue if they are not vying for their religious "supremacy". But the ground reality is utterly different. The claim for exclusive supremacy has become the first commandment --- a real bone of contention among the existing religions. In the name of religion, we have polluted our minds. we have corrupted our souls. We have also gone so much astray that God must have now shut his gateway to heaven!

Keep Reading Show less
File

The Aruba villa has great interiors, an outdoor facility, amazing bedrooms, clean bathrooms and huge living space.

By- Your Service

Taking out time for family has become very difficult as people are pretty busy in daily life and find very little time to spend with their loved ones. Planning a family vacation is an excellent way through which the whole family can step away from their daily life and have fun. You can find many destinations for a family vacation, but there is no place that can beat Aruba.

Keep Reading Show less
Photo by Flickr

Milky Way galaxy as seen from Chitkul Valley

NASA's Chandra X-ray Observatory has for the first time spotted signs of a planet transiting a star outside of the Milky Way galaxy, opening up a new avenue to search for exoplanets at greater distances than ever before.

The possible exoplanet -- or planets outside of our Solar System -- candidate is located in the spiral galaxy Messier 51 (M51), also called the Whirlpool Galaxy because of its distinctive profile, NASA said in a statement.

Astronomers have, so far, found all other known exoplanets and exoplanet candidates in the Milky Way galaxy, almost all of them less than about 3,000 light-years from Earth.

An exoplanet in M51 would be about 28 million light-years away, meaning it would be thousands of times farther away than those in the Milky Way, NASA said.

"We are trying to open up a whole new arena for finding other worlds by searching for planet candidates at X-ray wavelengths, a strategy that makes it possible to discover them in other galaxies," said Rosanne Di Stefano of the Center for Astrophysics at Harvard and Smithsonian (CfA) in Cambridge, Massachusetts, who led the study.

The findings are published in the journal Nature Astronomy.

The exoplanet candidate was spotted in a binary system called M51-ULS-1, located in M51. This binary system contains a black hole or neutron star orbiting a companion star with a mass about 20 times that of the Sun. The X-ray transit they found using Chandra data lasted about three hours, during which the X-ray emission decreased to zero.

Based on this and other information, the team estimates the exoplanet candidate in M51-ULS-1 would be roughly the size of Saturn and orbit the neutron star or black hole at about twice the distance of Saturn from the Sun.

The team looked for X-ray transits in three galaxies beyond the Milky Way galaxy, using both Chandra and the European Space Agency's XMM-Newton. Their search covered 55 systems in M51, 64 systems in Messier 101 (the "Pinwheel" galaxy), and 119 systems in Messier 104 (the "Sombrero" galaxy).

However, more data would be needed to verify the interpretation as an extragalactic exoplanet. One challenge is that the planet candidate's large orbit means it would not cross in front of its binary partner again for about 70 years, thwarting any attempts for a confirming observation for decades, NASA said.

Named in honor of the late Indian-American Nobel laureate, Subrahmanyan Chandrasekhar, the Chandra X-ray Observatory is the world's most powerful X-ray telescope. It has eight times greater resolution and is able to detect sources more than 20-times fainter than any previous X-ray telescope.

Known to the world as Chandra (which means "moon" or "luminous" in Sanskrit), Chandrasekhar was widely regarded as one of the foremost astrophysicists of the twentieth century. (IANS/JB)


Keep reading... Show less