Zoom security vulnerability can be used to steal Windows login credentials

Zoom's popularity has accelerated in recent weeks thanks to the number of people now forced to work from home and conduct meetings online. Now security researchers have discovered a worrying vulnerability in the software that could be used to steal Windows login credentials. The vulnerability steams from the fact that Zoom converts URLs that are sent in messages into clickable links. The same is true for UNC paths, and if such a link is clicked, it is possible to grab a user's login name and their NTLM password hash and decrypt it. See also: Marriott International reveals details of another… [Continue Reading]