Cybersecurity and Meetings

It’s not safe to go to meetings anymore!

by Charles Parker, II

Meetings on Teams or any other tool have become a requirement. Pre-COVID there would be the in-person meetings with occasionally the online option. Along comes COCID and for those of use lucky enough to work, everything was online. Now, there may be the in-person meetings however there will always be the online link. These hybrid options are widespread, and everyone is used to them. These have tended to be a good thing.

But you know with the good comes the bad. Us of a certain vintage may remember the Zoom meeting issue where people could simply adjust a portion of the URL and drop into another meeting. I can imagine the conversation of how this was allowed with no security controls, other than security by obscurity. This type of issue is still going on unfortunately. A recent issue occurred with Vortax, an alleged virtual meeting software. While this is tagged as meeting software, this actually has payloads for three known information stealers (Rhadamanthys, Stealc, and Atomic macOS Stealer).

This malicious version has spread via social media. This version is noted, of course, as legitimate software. The users were victims of a phishing campaign, which lured the person into downloading the malicious app.

This is another reason to reinforce the idea of only downloading approved software. There is a reason for an approval process and having IT download it to your system. It’s not for overarching control or to slow down your projects, but to keep unapproved software from approved sources.

About the Author-

Charles Parker II has been working in the info sec field for over a decade, in the banking, medical, automotive, and staffing industries. Charles has matriculated and attained the MBA, MSA, JD, LLM, and is in the final stage of the PhD in Information Assurance and Security (ABD) from Capella University. Mr. Parker’s areas of interest include cryptography, AV, and SCADA.