Comprehensive software reviews to make better IT decisions
Zoom Account Logins for Sale … on the Dark Web
Security research firm Cyble has reported a discovery of over 500,000 Zoom accounts, including login and password information, being sold on the dark web and in hacker forums.
BleepingComputer reports that these accounts are being sold for as little as a penny apiece, and in some cases are given away for free. “Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities,” writes Lawrence Abrams.
The article goes on to suggest that user account information was cultivated through past vulnerabilities in Zoom, whether due to insecure passwords used or past data breaches where compromised account passwords were never changed.
Below is a sample of a redacted list of user account emails and passwords, including accounts from members of the University of Vermont, University of Colorado, Dartmouth, Lafayette, and the University of Florida.
Image courtesy of BleepingComputer, April 2020
BleepingComputer confirmed that a number of the listed email addresses are current active Zoom accounts and that the login credentials are indeed correct.
Change your passwords. Set it to something that can’t be easily guessed, and do not use the same password on multiple systems or sites. That is the persistent message that IT departments have been telling their users, and this time is no different.
With Zoom’s overnight stardom and the sudden wide use of Zoom for both personal and business communications, now would be an ideal time for IT departments to remind their users to change their Zoom passwords at their earliest convenience.
From Zoom’s standpoint, though this does not exploit a current vulnerability, its brand is still associated with bad press around security and its product. Zoom has started to take IT security very seriously, and it would not be unreasonable for the company to implement some measure of password complexity for its user accounts, enforce a password change across the board, or to send out communication to all Zoom users asking them to change their passwords.
Want to Know More?
On June 3, 2021, BlueJeans provided an update on its product direction for 2H 2021. BlueJeans is now fully integrated with Verizon One, completing Verizon’s full UCaaS solution.
On May 21, 2021, Cisco briefed on Webex’s security features. This not only included information about the type of administration control for end users when using Webex from any device, but also Cisco’s certifications and compliances more broadly.
This note outlines Info-Tech’s Three C’s of Enterprise Collaboration framework to help buyers effectively navigate the collaboration software marketspace.
With a return to the office looking ever more feasible, organizations need to consider what role web conferencing solutions will play moving forward. This note outlines three trends organizations should be aware of as we move into 2022.
On March 11, 2021, Verizon provided updates to BlueJeans’ product vision and direction for FY2021. BlueJeans experienced dramatic adoption in 2020, particularly for webinars and events, and seeks to offer advanced breakout room features in the future.
On February 24-25, 2021, Zoho held its annual ZohoDay – a conference aimed at communicating the state of the business and product roadmaps. The event coincided with Zoho’s 25th year as a company, testament to Zoho’s long-term business approach: grow organically, have zero debt, zero external investments, remain cashflow positive, and plow cashflow back into the business and customers.
On October 29, 2020, Verizon briefed on BlueJeans’ product vision and direction. This note outlines the new and upcoming features that users can expect from BlueJeans for the rest of 2020 and into 2021. However, with the table stakes margin for features rapidly increasing in the web conferencing marketspace, BlueJeans’ new features are less a way to stand out from the crowd and more as a necessity to keep up.
On November 5, 2020, Cisco briefed on its upcoming virtual legislative session tool Webex Legislate. With a range of features that governing bodies around the globe have desired throughout the extent of the pandemic, Webex Legislate surely becomes the must-have tool for conducting virtual and hybrid sessions – especially if an agency is already leveraging Cisco products.
On September 4, 2020, Info-Tech briefed with Zoho about current and upcoming features of Zoho Workplace, a global enterprise collaboration platform. Organizations, especially SMBs, that want to look outside of Microsoft’s and Google’s office productivity suite duopoly should consider shortlisting Zoho Workplace as a viable option.