Comprehensive software reviews to make better IT decisions
Zoom Account Logins for Sale … on the Dark Web
Security research firm Cyble has reported a discovery of over 500,000 Zoom accounts, including login and password information, being sold on the dark web and in hacker forums.
BleepingComputer reports that these accounts are being sold for as little as a penny apiece, and in some cases are given away for free. “Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities,” writes Lawrence Abrams.
The article goes on to suggest that user account information was cultivated through past vulnerabilities in Zoom, whether due to insecure passwords used or past data breaches where compromised account passwords were never changed.
Below is a sample of a redacted list of user account emails and passwords, including accounts from members of the University of Vermont, University of Colorado, Dartmouth, Lafayette, and the University of Florida.
Image courtesy of BleepingComputer, April 2020
BleepingComputer confirmed that a number of the listed email addresses are current active Zoom accounts and that the login credentials are indeed correct.
Change your passwords. Set it to something that can’t be easily guessed, and do not use the same password on multiple systems or sites. That is the persistent message that IT departments have been telling their users, and this time is no different.
With Zoom’s overnight stardom and the sudden wide use of Zoom for both personal and business communications, now would be an ideal time for IT departments to remind their users to change their Zoom passwords at their earliest convenience.
From Zoom’s standpoint, though this does not exploit a current vulnerability, its brand is still associated with bad press around security and its product. Zoom has started to take IT security very seriously, and it would not be unreasonable for the company to implement some measure of password complexity for its user accounts, enforce a password change across the board, or to send out communication to all Zoom users asking them to change their passwords.
Want to Know More?
The Office of the Attorney General of the State of New York has reached a settlement with Zoom Video Communications. The agreement promises enhanced data security and user controls.
Verizon has acquired BlueJeans for between $400–500 million. The move will see BlueJeans integrated into Verizon’s 5G plans, utilizing BlueJeans advanced and encrypted video-conferencing solutions for telehealth, e-learning, and field service work.
With an update that makes it easier for new and existing users to jump into a meeting, Cisco’s Webex is looking to address one of the few areas where it’s not rated at the very top of the pack.
If you’ve been working remotely during the pandemic, chances are you’re doing a lot of videoconferences with a poor-quality laptop webcam. If you own a Canon camera and use Windows 10, a new free utility can help you upgrade that A/V setup.
Zoom is living up to its namesake in its responsiveness in addressing security and privacy issues that users have identified. While the upcoming 5.0 update addresses many initial concerns, the product still does not offer end-to-end encryption.
The impact of COVID-19, as it became a global pandemic in Q1 of 2020, has affected user sentiment toward software during a growing period of fear, uncertainty, and doubt. To analyze the impact, SoftwareReviews compared Satisfaction (willingness to recommend to a peer), ability to deliver Business Value (fair cost to value), and Likeliness to Renew prior to March 10 and post March 10.
While the US stock market declines as rapid selloffs follow COVID-19’s global outbreak, Zoom Video shares have increased. This is because more people are choosing to work remotely to avoid contracting the disease, positioning videoconferencing as an essential part of business continuity plans against biohazards.
Zoom has offered a range of new services to help those affected by the COVID-19 outbreak.
As the world responds to the spread of the novel coronavirus COVID-19, closed schools in some affected areas are turning to eLearning and web conferencing to maintain continuity in course delivery and/or studying.