#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Video Conference Software | Breaking Cybersecurity News | The Hacker News

Category — Video Conference Software
New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

May 25, 2022
Popular video conferencing service Zoom has  resolved  as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol ( XMPP ) messages and execute malicious code. Tracked from CVE-2022-22784 through CVE-2022-22787, the issues range between 5.9 and 8.1 in severity. Ivan Fratric of Google Project Zero has been credited with discovering and reporting all the four flaws in February 2022. The list of bugs is as follows - CVE-2022-22784  (CVSS score: 8.1) - Improper XML Parsing in Zoom Client for Meetings CVE-2022-22785  (CVSS score: 5.9) - Improperly constrained session cookies in Zoom Client for Meetings CVE-2022-22786  (CVSS score: 7.5) - Update package downgrade in Zoom Client for Meetings for Windows CVE-2022-22787  (CVSS score: 5.9) - Insufficient hostname validation during server switch in Zoom Client for Meetings With Zoom's chat fu...
Cisco Reissues Patches for Critical Bugs in Jabber Video Conferencing Software

Cisco Reissues Patches for Critical Bugs in Jabber Video Conferencing Software

Dec 10, 2020
Cisco has once again fixed four  previously disclosed critical bugs  in its Jabber video conferencing and messaging app that were inadequately addressed, leaving its users susceptible to remote attacks. The vulnerabilities, if successfully exploited, could allow an authenticated, remote attacker to execute arbitrary code on target systems by sending specially-crafted chat messages in group conversations or specific individuals. They were reported to the networking equipment maker on September 25 by Watchcom , three weeks after the Norwegian cybersecurity firm publicly disclosed multiple security shortcomings in Jabber that were found during a penetration test for a client in June. The new flaws, which were uncovered after one of its clients requested a verification audit of the patch, affects all currently supported versions of the Cisco Jabber client (12.1 - 12.9). "Three of the four vulnerabilities Watchcom  disclosed in September  have not been sufficiently...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Popular Resources
Articles
[Watch] From Risk to ROI: The Strategic Value of Security Validation
Articles
How to Get a Full Penetration Test Done in Days – See How It Works!
Articles
Simplify IT Backup and Recovery — Experience Unitrends Live
Articles
Backupify — The Backup Solution: Encrypted, Unlimited, Reliable
Expert Insights / Articles Videos
Cybersecurity Resources