Security 214 – Zoom to In-Person-Meetings

A 0 day exploit hitting Zoom hit this week. Basically if you know what Zoom is, you are probably vulnerable.

We talk about ways to reduce your attack surface when it comes to meeting softwares.

https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

https://www.theverge.com/2019/7/9/20688113/zoom-apple-mac-patch-vulnerability-emergency-fix-web-server-remove

https://mobile.twitter.com/riskybusiness/status/1148819622558236673?s=21

https://www.ohioinfosec.org/2019/07/13/2019-oisf-anniversary-conference/

Security 211 – Chrome and Adblock

Chrome is playing games with Adblock extensions again: https://www.vice.com/en_us/article/evy53j/google-struggles-to-justify-making-chrome-ad-blockers-worse

https://www.theverge.com/2019/6/4/18650363/firefox-block-trackers-default-enhanced-tracking-protection

Ring Doorbells and Police: https://www.cnet.com/features/amazons-helping-police-build-a-surveillance-network-with-ring-doorbells/

Apple does some magic voodoo to prevent find my mac stalking: https://www.wired.com/story/apple-find-my-cryptography-bluetooth/