The rapid rise to prominence of videoconferencing and collaboration application Zoom during the Covid-19 coronavirus pandemic is highlighting more and more cyber security problems with the service, which has been downloaded millions of times to personal and enterprise devices across the globe.
Earlier this week Check Point threat researchers reported on a surge in fraudulent Zoom domains being used to lure in unsuspecting users and steal their personal information. Now, more threat researchers have piled in with disclosures of their own, and some go so far as to recommend people stop using Zoom altogether. Among them is Patrick Wardle, a former NSA cyber security operative and now principle security researcher at Jamf, who highlighted two dangerous zero day exploits on his blog.
Both these vulnerabilities, which have now been patched, affected the Apple macOS version of Zoom and are easily exploited by an attacker who with physical control