833-847-3280
Schedule a Call

Security Vulnerabilities in Zoom – Why Testing and Scanning are Important

Video conference

Recently, a lot of news outlets published articles on the security vulnerabilities in Zoom.  With the coronavirus forcing nearly everyone to stay home, many companies and people started using Zoom to help maintain communication.  This resulted in 200 million daily meeting participants in March, up from the 10 million users it reported in December.  They didn’t foresee that happening.

Security Vulnerabilities in Zoom

The issue is that many security researchers and cybercriminals found vulnerabilities they could exploit. One Windows vulnerability could allow someone to exploit the chat feature to steal login details. Exclusions don’t include Mac devices. One such vulnerability would allow someone to hijack a user’s device to give control of the webcam and microphone.

Eric Yaun, the CEO, stated that they will need to focus on identifying security vulnerabilities in Zoom, and addressing them quickly.

“Our platform was built primarily for enterprise customers,” Yuan said. “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home. Therefore, we now have a much broader set of users who are utilizing our product in a myriad of unexpected ways, presenting us with challenges we did not anticipate when the platform was conceived.”

The Fix

Exponential growth can happen to any company, with the right circumstances.  In conclusion, it’s better to conduct penetration testing and vulnerability scanning before the growth happens.  It’s better for users and better for PR.

Latest Posts

A transparent image used for creating empty spaces in columns
In the ever-evolving world of cybersecurity, penetration testing (pen testing) stands out as a critical component of an effective defense strategy. For MSPs (Managed Service Providers) and MSSPs (Managed Security Service Providers), the value of pen testing goes beyond identifying vulnerabilities—it’s about proving value to…
A transparent image used for creating empty spaces in columns
 With less than three months remaining until the deadline for PCI DSS 4.0 compliance, now is the time to assess your business’s status and determine what steps you need to take. The Payment Card Industry Data Security Standard (PCI DSS) sets security requirements to…
A transparent image used for creating empty spaces in columns
In today’s increasingly digital world, organizations face a growing number of threats from cybercriminals seeking to exploit weaknesses in systems, networks, and even human behavior. Understanding your attack surface—the totality of vulnerabilities and entry points an attacker could exploit—is essential for protecting your business. Whether…
A transparent image used for creating empty spaces in columns
 The Payment Card Industry Data Security Standard (PCI DSS) has long been a cornerstone for protecting cardholder data against theft and fraud. With the introduction of PCI DSS 4.0, organizations handling payment card information must implement several significant updates to enhance security and provide…
A transparent image used for creating empty spaces in columns
Yes, penetration testing is a proactive approach to cybersecurity. It involves simulating attacks on systems, networks, or applications to uncover vulnerabilities and weaknesses before malicious actors can exploit them. By identifying and addressing these security issues early, penetration testing strengthens an organization’s defenses and reduces…
A transparent image used for creating empty spaces in columns
  March 31st, 2025, is fast approaching, and it’s a pivotal date for businesses handling payment card data. This marks the deadline for full compliance with PCI DSS 4.0, the latest version of the Payment Card Industry Data Security Standard. If your organization processes, stores,…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
On Load
Where? .serviceMM
What? Mega Menu: Services