Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

13

Aug

2020

Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

image credit: pixabay

Vulnerabilities in Amazon’s Alexa virtual assistant platform could allow attackers to access users’ banking data history or home addresses – simply by persuading them to click on a malicious link.

Researchers with Check Point found several web application flaws on Amazon Alexa subdomains, including a cross-site scripting (XSS) flaw and cross-origin resource sharing (CORS) misconfiguration. An attacker could remotely exploit these vulnerabilities by sending a victim a specially crafted Amazon link.

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

Categories

Featured

Archives

Latest Comments

About Us

Contact Us