Think Like A Hacker With Wordfence

Episode 28: Zoom Zero-Day Vulnerability, WP Engine Buys Flywheel, and Other News

Informações:

Synopsis

A security researcher found vulnerabilities in the Mac client for Zoom, a popular video conferencing application. After 90 days and two weeks, the vulnerability still exists. Mitigating the vulnerability entails typing the following commands in terminal, replacing [pid] with the process ID: $> lsof -i :19421 $> kill -9 [pid] $> rm -rf ~/.zoomus $> touch ~/.zoomus Wordfence Threat Analyst Mikey Veenstra also verified that the Linux client for Zoom also will turn video on automatically, but was not susceptible to reinstall if the client had been removed. We also cover the WP Engine acquisition of Flywheel, cPanel's new pricing structure and what it means for hosting providers, removal of caps on .org domain names, critical security vulnerabilities in Magento, WP Statistics XSS vulnerability, a hacked ad server pushing out SEON ransomware, British Airways landmark GDPR fine, breaches and leaks of the week, amongst many other stories. Here are approximate timestamps in case you want to jump around: 1:30 Zoom Zero