Summary:

1. Many organizations have exposed Zoom links that can be used by anyone to initiate a video conference meeting.

2. The use of Zoom Personal Meeting IDs (PMIs) with embedded passcodes can put organizations at risk of phishing and social engineering attacks.

3. Attackers can create meetings and invite others using exposed Zoom links and impersonate companies, potentially gaining unauthorized access to confidential information.

4. A researcher identified thousands of organizations with these exposed Zoom links.

5. Tips for using Zoom links more safely include not using Personal Meeting IDs for public meetings, requiring a passcode to join, and only allowing registered or domain-verified users.

Hashtags: #Zoom #Cybersecurity #Phishing #SocialEngineering #ConfidentialInformation

https://krebsonsecurity.com/2023/10/dont-let-zombie-zoom-links-drag-you-down/