Podcast Episode Details

Back to Podcast Episodes
Zoom Zero-Day, GDPR Fines, Google Assistant Recordings

Zoom Zero-Day, GDPR Fines, Google Assistant Recordings

This is your Shared Security Weekly Blaze for July 15th 2019 with your host, Tom Eston. In this week’s episode: Zoom video conferencing zero-day, massive fines being issued for violating GDPR, and who might be listening when you talk to your Google Assistant.

Looking to protect your laptop, smartphone, and key fobs this summer? Well this week I’m excited to announce that you could win one of two Silent Pocket vacation prize packages which includes a passport wallet, medium faraday sleeve, and 5 liter drybag! Check out our post on Twitter @sharedsec or on Instagram @sharedsecurity for contest rules and how to enter. And don’t forget, listeners of this podcast receive 15%  off at checkout using discount code “sharedsecurity”. Visit slientpocket.com to see the latest Silent Pocket products built to protect your digital privacy.

Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.

Do you or your organization use Zoom for video conferencing? If so, and you happen to be using it on a Mac, you’ll want to pay close attention to this story. The problem? Well a security researcher last Monday disclosed that a vulnerable web server is automatically installed on Apple Mac computers during the installation of the Zoom client. What this means is that any website could be used to forcibly join a user to a Zoom call, with their video camera activated, and without the user’s permission. On top of that the researcher also discovered that the vulnerability would allow any webpage to conduct a Denial of Service attack on a victim’s Mac by constantly joining a user to an invalid call. And if that wasn’t enough when you uninstall the Zoom client, the web server continues to be installed and active. The researcher disclosed the vulnerability to Zoom back in March but after many meetings (and fixes that didn’t work) the researcher decided to disclose the vulnerability to the public. The next day Zoom issued a patch to remove the web server and to allow users to uninstall the Zoom client which will now fully remove the web server. Zoom’s CEO posted a blog post apologizing to customers and noting that they will be improving their bug bounty program as well as issuing another update that took place over the weekend of July 13th to further lock-down the “video on” by default setting. Also, Apple made a surprising move on Wednesday by issuing a silent update to all Macs automatically uninstalling the Zoom web server. Many people don’t realize that Apple has the power to issue patches and updates to Macs connected to the Internet at any time and while this seems creepy, it’s actually a good thing when Apple can take immediate and swift action to patch a critical vulnerability without user interaction. Check out our social media feeds for the latest updates on this developing story.

The General Data Protection Regulation, or also known as GDPR, is now starting to penalize organizations which are found to have violated these now enforced consumer privacy protections in the European Union. Last week the Information Commissioner’s Office in the UK has issued British Airways a staggering fine o

Published on 6 years, 5 months ago





If you like Podbriefly.com, please consider donating to support the ongoing development.

Donate

© 2025 Developer Service

DevAsService

DevAsService

Cloud Home Lab

Developer Service

Imaginator

Courses Developer Service

Is It Clickbait