<div dir="ltr"><div><a href="https://techcrunch.com/2019/10/01/webex-zoom-bug-video-calls/">https://techcrunch.com/2019/10/01/webex-zoom-bug-video-calls/</a></div><div></div><div>
<p id="gmail-speakable-summary">A team of security researchers found they
could tap into Webex and Zoom video meetings because many weren’t
protected with a code.</p><p>Researchers at Cequence, a startup focused
on protecting applications from scraping and account takeovers,
programmed a bot to cycle through lists of valid meeting IDs and get
access to active conference calls. The vulnerability works because many
companies and users don’t protect their meetings with a password, either
for convenience or they had not checked their default settings, coupled
with a limited pool of meeting IDs.</p><p>By targeting the platforms’ APIs, they were able to automate the process.</p><p>The researchers reported the flaws to both Cisco, <span class="gmail-crunchbase-tooltip-indicator"></span> which owns Webex, and Zoom in July. Both companies have since pushed out fixes.</p><p>The attack would not be silent, however: callers who successfully access a meeting are announced.</p>
</div></div>