|
1
|
Cauley A, McCoy M. Exploiting the post-attendee URL feature in Zoom webinar to distribute malware. J Forensic Sci 2023; 68:425-433. [PMID: 36511146 DOI: 10.1111/1556-4029.15185] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 10/27/2022] [Revised: 11/30/2022] [Accepted: 12/02/2022] [Indexed: 12/14/2022]
Abstract
The post-attendee Uniform Resource Locator (URL) feature within the video conferencing application known as Zoom is often overlooked by digital forensic experts as a potential risk for malware transmission. However, with the ability to redirect webinar participants to any URL set by the host for the webinar, the post-attendee URL can be abused by bad actors to expose webinar participants to malicious websites or, in the worst-case scenario, force participants to download a file through the use of a direct download link URL. This study aims to showcase how this exploit can be replicated by creating an experimental environment involving four Windows 10 desktops running Zoom version 5.7.5 and creating a webinar with four user accounts acting as webinar participants and setting the post-attendee URL value to the URL of a website that contained a keylogger. In another trial, the same experimental environment was utilized, with the only difference being the post-attendee URL that was set to redirect webinar participants to a download link for a .jpg file. In both instances, every user account that joined the webinar via clicking on the invitation link that was emailed to each user account after registering for the webinar was redirected to the post-attendee URL regardless of their user account role. These results not only prove that the post-attendee URL can be exploited, but also provide insight as to how this type of attack can be prevented.
Collapse
Affiliation(s)
- Austin Cauley
- Forensic Science Institute, University of Central Oklahoma, Edmond, Oklahoma, USA
| | - Mark McCoy
- Forensic Science Institute, University of Central Oklahoma, Edmond, Oklahoma, USA
| |
Collapse
|
|
2
|
Khalid Z, Iqbal F, Kamoun F, Khan LA, Shah B. Forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications. ANNALES DES TELECOMMUNICATIONS 2022; 78:183-208. [PMID: 35975177 PMCID: PMC9371966 DOI: 10.1007/s12243-022-00919-6] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 01/13/2022] [Accepted: 07/08/2022] [Indexed: 06/15/2023]
Abstract
Digital forensic analysis of videoconferencing applications has received considerable attention recently, owing to the wider adoption and diffusion of such applications following the recent COVID-19 pandemic. In this contribution, we present a detailed forensic analysis of Cisco WebEx which is among the top three videoconferencing applications available today. More precisely, we present the results of the forensic investigation of Cisco WebEx desktop client, web, and Android smartphone applications. We focus on three digital forensic areas, namely memory, disk space, and network forensics. From the extracted artifacts, it is evident that valuable user data can be retrieved from different data localities. These include user credentials, emails, user IDs, profile photos, chat messages, shared media, meeting information including meeting passwords, contacts, Advanced Encryption Standard (AES) keys, keyword searches, timestamps, and call logs. We develop a memory parsing tool for Cisco WebEx based on the extracted artifacts. Additionally, we identify anti-forensic artifacts such as deleted chat messages. Although network communications are encrypted, we successfully retrieve useful artifacts such as IPs of server domains and host devices along with message/event timestamps.
Collapse
Affiliation(s)
- Zainab Khalid
- School of Electrical Engineering and Computer Science (SEECS), National University of Sciences and Technology (NUST), Islamabad, Pakistan
| | - Farkhund Iqbal
- College of Technological Innovation, Zayed University, Dubai, UAE
| | - Faouzi Kamoun
- ESPRIT School of Engineering, ESPRIT School of Business, Ariana, Tunisia
| | | | - Babar Shah
- College of Technological Innovation, Zayed University, Dubai, UAE
| |
Collapse
|
|
3
|
S Ong AK, Prasetyo YT, Chuenyindee T, Young MN, Doma BT, Caballes DG, Centeno RS, Morfe AS, Bautista CS. Preference analysis on the online learning attributes among senior high school students during the COVID-19 pandemic: A conjoint analysis approach. EVALUATION AND PROGRAM PLANNING 2022; 92:102100. [PMID: 35487051 PMCID: PMC9023093 DOI: 10.1016/j.evalprogplan.2022.102100] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 04/13/2021] [Revised: 01/31/2022] [Accepted: 04/19/2022] [Indexed: 06/14/2023]
Abstract
The COVID-19 pandemic has resulted in the shift from face-to-face to fully online learning. The purpose of this study was to evaluate the preference of senior high school students on online learning attributes during the COVID-19 pandemic by utilizing a conjoint analysis approach. Six attributes which consist of delivery type, assigned tasks, evaluation, virtual laboratory, interface layout, and delivery platform were simultaneously analyzed through orthogonal design. A total of 1189 senior high school students were collected via purposive sampling approach through the social media platform. The respondents voluntarily participated and answered 29 stimuli with 2 holdouts generated by using SPSS 25 utilizing a 7-point Likert scale. The results indicated that evaluation was found to be the most significant attribute and followed by virtual laboratory, delivery type, and delivery platform. Interestingly, multiple choice evaluation, not requiring virtual laboratories, mixed delivery type (synchronous with recorded lectures), and MS Teams as delivery platform were considered as the keys for the preference. This study is the first study that utilized a conjoint approach to analyze the senior high school students' preference on the online learning attributes during the COVID-19 pandemic. Finally, the conjoint approach can be applied and extended to evaluate the online learning attributes globally by utilizing the attributes and design created in this study.
Collapse
Affiliation(s)
- Ardvin Kester S Ong
- School of Industrial Engineering and Engineering Management, Mapúa University, Manila, Philippines, 658 Muralla St., Intramuros, Manila 1002, Philippines.
| | - Yogi Tri Prasetyo
- School of Industrial Engineering and Engineering Management, Mapúa University, Manila, Philippines, 658 Muralla St., Intramuros, Manila 1002, Philippines.
| | - Thanatorn Chuenyindee
- School of Industrial Engineering and Engineering Management, Mapúa University, Manila, Philippines, 658 Muralla St., Intramuros, Manila 1002, Philippines; School of Graduate Studies, Mapúa University, Manila, Philippines. 658 Muralla St., Intramuros, Manila 1002, Philippines; Department of Industrial Engineering and Aviation Management, Navaminda Kasatriyadhiraj Royal Air Force Academy, Bangkok 10220, Thailand.
| | - Michael Nayat Young
- School of Industrial Engineering and Engineering Management, Mapúa University, Manila, Philippines, 658 Muralla St., Intramuros, Manila 1002, Philippines.
| | - Bonifacio T Doma
- School of Chemical, Biological, and Materials Engineering and Sciences, Mapúa University, Manila, Philippines. 658 Muralla St., Intramuros, Manila 1002, Philippines.
| | - Dennis G Caballes
- Graduate Program School of Teacher Education, The National Teachers College, Philippines, 629 Nepomuceno St, Quiapo, Manila, 1001 Metro, Manila, Philippines.
| | - Raffy S Centeno
- High School Department, Malayan Colleges Mindanao, Philippines, Gen. Douglas MacArthur Hwy, Talomo, Davao City 8000, Davao del Sur, Philippines.
| | - Anthony S Morfe
- College of Arts and Sciences, Malayan Colleges Laguna, Philippines, Pulo-Diezmo Road, Cabuyao, 4025 Laguna, Philippines.
| | - Christine S Bautista
- College of Engineering and Architecture, University of Nueva Caceres, Philippines. J. Hernandez Ave, Naga, Camarines Sur, Philippines.
| |
Collapse
|