Video conferencing vendor Zoom has seen its fortunes soar amid the remote work boom of the last two years, and other cloud collaboration platforms like Microsoft Teams and Cisco Webex have seen demand skyrocket too.
The sharp increase in demand put a focus on security shortcomings in Zoom’s architecture – “Zoombombing” became a thing – that the company was quick to address.
But recent reports by security researchers highlight not only other vulnerabilities in Zoom’s offerings, but also the threat that the connected nature of cloud-based collaboration technologies pose. And with a hybrid workforce that’s likely here to stay, these issues raise bigger questions about security practices in a widely distributed workforce.
A Focus on Zoom
Earlier this month, Natalie Silvanovich, a researcher with Google’s Project Zero bug-hunting initiative, published an analysis of two zero-click vulnerabilities in the video conferencing platform that could have enabled threat actors to take control of a victim’s Zoom clients and multimedia routers (MMRs).
A little more than a week later, cybersecurity firm Armorblox outlined an account takeover attack that leveraged malicious…
