IT and Business Insights for SMB Solution Providers

Huntress Finds Vulnerabilities in Popular Virtual Conference and M&A Platforms: Page 2 of 2

Zero days in the vFairs and GlobalMeet platforms could have resulted in unauthorized disclosure of user data or remote code execution. An apparent breach of the Axial merger and acquisition platform compromised over 250,000 confidential files. By Rich Freeman

Huntress has not seen the data referenced in the Twitter post, and has no information on whether or not the attacker who claimed to have it has used it or shared it with others. Vendors and channel pros with Axial accounts, the company says, should reset passwords, implement multifactor authentication, and take other precautions just the same. 

“Do your tried-and-true security basics,” Hammond advises.

According to Hammond, the GlobalMeet and vFairs vulnerabilities underscore the need for virtual conference vendors to make security as important a priority as functionality by assigning a full-time, permanent team to platform integrity.

“Make that their whole job forever,” he says. “They’re always testing. They’re always doing that QA quality assurance, but for security.”

Companies that stage virtual events on platforms like GlobalMeet and vFairs must take security more seriously as well, Hammond adds, by asking about security policies when evaluating platforms and requesting audit results.

“We can’t always blindly trust this potential solution or potential product that could give us what we want in the moment,” he says.

What virtual event attendees should do going forward to protect themselves from platform vulnerabilities, Huntress concedes, is less clear. 

“It’s a tough problem to solve,” says Hammond, noting that since the arrival of COVID-19 last year, virtual events have been essential tools for communication, collaboration, and community-building.

“That’s how we socialize, and there’s value in that,” he says. Using disposable, temporary email addresses and “sock puppet” accounts when registering for virtual conferences isn’t viable either, adds Hammond, who calls vigilance the best available option at present for most channel pros.

“I would encourage them to stay in the know,” he says.

ChannelPro SMB Magazine
SUBSCRIBE FREE!

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.