COVID-19: Threats are accelerating against home offices. All plans are 50% off, or free for customers in the medical supply chain. Reach out if you need help.

New Threat: Zoom App and Windows Passwords

Threat Watch - Windows passwords exposed by Zoom

WHAT’S AT RISK 

Windows system’s login credentials

WHAT IS IT

Zoom users on Windows are susceptible to an attack where their login credentials for Windows systems are stolen. This is due to the Zoom client for Windows being vulnerable to the ‘UNC path injection’ vulnerability. 

ADDITIONAL READING

The Hacker News

WHY IS IT OCCURING

“The attack involves the SMBRelay technique wherein Windows automatically exposes a user’s login username and NTLM password hashes to a remote SMB server when attempting to connect and download a file hosted on it.” -Hacker News

It’s worth noting that passwords aren’t directly given to attackers, but weak ones can be captured easily. 

WHAT IS THE IMPACT

Due to COVID-19, people all over the world have turned to Zoom to video conference while being apart. With more and more people using the service, this means more users are at risk. 

HAVOC SHIELD’S SOLUTION

Simply put: Change your passwords frequently, and especially now, given your likely increased use on personal devices. Use sites like Password Generator to create complex passwords. Soon, Havoc Shield will deploy a module aimed to improve your Windows security. 

Havoc Shield is a Techstars Company

© 2020, Havoc Shield, Inc. All Rights Reserved.