Connect with us

Software

NCC Advises Zoom Users to Update Software After Vulnerabilities Found

Published

on

, SiliconNigeria

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users of videotelephony platform, Zoom, to install the latest update of the software from its publisher’s official website following the discovery of vulnerabilities that allows a remote attacker to exploit the app. 

In advisory issued on Wednesday, NCC-CSIRT reported that the Indian Computer Emergency Response Team (CERT-In) found several flaws in Zoom product. The videotelephony platform became popular for virtual meetings in the wake of the COVID-19 Pandemic with more than 300 million daily users. 

According to the NCC-CSIRT advisory, “A remote attacker could exploit the vulnerabilities to circumvent implemented security measures and cause a denial of service on the targeted machine.”  

It noted that “These vulnerabilities exist owing to incorrect access control implementation in Zoom On-Premises Meeting Connector MMR prior to version 4.8.20220815.130. A remote attacker could exploit these flaws to join a meeting they were not permitted to attend without being seen by the other attendees. They can also access audio and video feeds from meetings they were not permitted to attend, as well as interrupt other sessions.” 

Continue Reading
Advertisement Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Apps

AppsFlyer Unveils Measurement, Analytics and Data Clean Room Support for ChatGPT Plugins

Published

on

, SiliconNigeria

AppsFlyer has announced the launch of its new measurement and Data Clean Room support for ChatGPT plugins. Brands and marketers can now measure the customer journeys and performance of their ChatGPT plugins across all platforms – including mobile app, CTV and web, as well as across all paid, social and organic traffic sources such as Meta, Google, and Apple.

In March 2023, OpenAI announced ChatGPT plugins, allowing its users to interact with other services through ChatGPT’s interface. With the plugins, ChatGPT users can query services like Expedia, FiscalNote, Instacart, KAYAK, Klarna, and Shopify to get real-time, actionable answers from these data sources without leaving OpenAI’s platform. 

ChatGPT plugins have opened up a new world of consumer interactions and revenue opportunities. However, without cookies and device identifiers, analytics and measurement are impossible with current tools. AppsFlyer’s privacy-preserving measurement and analytics support for ChatGPT solves this challenge by providing brands and marketers with analytics and actionable insights into their customers’ interactions and performance of their plugins, together with their marketing activity across all traditional digital platforms and traffic sources. 


“ChatGPT plugins present a revolutionary opportunity for brands and consumers to connect, in addition to interactions on web and mobile apps,” said Oren Kaniel, CEO and Co-founder, AppsFlyer. “As an industry, we have an opportunity to architect this new world in a responsible way, by maximizing both customer value, experience and privacy. This new world is not bound to the status quo and building blocks like cookies and device identifiers. I am thrilled to take part in this revolution, not only because we have been building privacy-preserving tech for a cookieless environment for the last 10 years, but mainly because it is perfectly aligned with our vision for a better and safer digital experience.”

Continue Reading

IT and Telecomms

NCC-CSIRT Issues Advisories to protect Nigerians against Threat Actors  

Published

on

, SiliconNigeria

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT), in line with its mandate, has rolled out some advisories in the first few weeks of the year 2023 as cyber threat actors continue to devise means of compromising their targets.

The latest of such advisories urged users to be mindful after attackers use Microsoft OneNote attachments in phishing emails that infect victims with remote access malware, which may allow hackers to remotely access vital information on victims’ devices.

The Team advised users not open files from people they do not know, not to click ‘OK’ and immediately exit the application if they receive a warning that opening an attachment or link can damage their computer or files and to promptly share an unknown email they believe to be genuine with a security or Windows administrator to assist in determining whether the file is secure.

It had recently advised people not to open attachments in suspicious emails and to only purchase or download applications from official websites in response to the discovery of phishing malware that can gain unauthorized access to sensitive user data and download further malware.

The team reported that cybersecurity analysts at ASEC (South Korea’s cybersecurity emergency response centre), discovered a NetSupport RAT malware being distributed by threat actors from a phishing website disguised as a popular Pokemon card game.  

The malware is a remote access tool that easily controls its victims’ Personal Computers and may allow the attackers to remotely control the compromised computer’s mouse and keyboard, access the system’s file management and history and even execute commands allowing them to install additional malware.  

According to the researcher, the CRAFTED website that spread the malware is still online. It claims to be home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.  

Continue Reading

Software

Zoho Takes on Current Low-Code Market Gaps with New Creator Platform

Published

on

, SiliconNigeria

Zoho Corporation, a leading global technology company, announced the latest version of its low-code offering, Zoho Creator. The new version addresses the need for an easy-to-use platform that enables business users (or citizen developers) to create complex and powerful business applications, while empowering the IT teams to place sufficient guardrails and govern usage, ensuring security and compliance.

Organisations currently face soaring demand for new business software, but existing low-code platforms are either for business users and lack the sophistication needed to develop scalable, enterprise-ready end-to-end tools or are for users with intricate understanding of the application development process.

“The bulk of low-code application development, from customization to automation, can be handled today by users with moderate technical knowledge. Where we see a gap, especially for the mid-market and enterprise, is between building and deployment,” saidHyther Nizam, President MEA, Zoho Corp.

“Currently there isn’t a low-code solution on the market that allows both business users and IT to truly build end to end business solutions. With this update, Zoho’s Creator Platform combines application development, business intelligence & analytics, integrations, and process automation into one single platform while simultaneously enabling IT teams to effortlessly manage ongoing challenges of security, compliance, and governance. Now, organisations can leverage a unified solution for all of their low-code needs, extending the ability to innovate to every employee.”

The new version of Zoho Creator platform empowers business developers to easily build scalable low-code solutions which include apps, integrations, analytics, and process automation without costly and time-consuming training demanded by complex platforms. It enables 10X faster deployment than any other solution on the market. The latest version includes new and enhanced features such as business process blueprinting, AI-enabled smart import, enhanced serverless functions, conversational analytics, centralised governance and a multi-environment setup. These features help users build a connected ecosystem of solutions while maximising IT teams’ control through a robust end-to-end application development lifecycle management.

Additionally, while other low code platforms help business users in app development, it still often happens in silos and creates the problem of shadow IT. Therefore, the new Creator platform equips IT teams with greater control around governance, security and compliance so that business users (citizen developers) and IT teams can work together to create auto scalable, niche, complex and agile solutions so that organisations can focus on solving business problems and pursue new opportunities.

Continue Reading

Popular News