The Latest in IT Security

Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

13
Aug
2020
Amazon Alexa ‘One-Click’ Attack Can Divulge Personal Data

image credit: pixabay

Vulnerabilities in Amazon’s Alexa virtual assistant platform could allow attackers to access users’ banking data history or home addresses – simply by persuading them to click on a malicious link.

Researchers with Check Point found several web application flaws on Amazon Alexa subdomains, including a cross-site scripting (XSS) flaw and cross-origin resource sharing (CORS) misconfiguration. An attacker could remotely exploit these vulnerabilities by sending a victim a specially crafted Amazon link.

Read More

Comments are closed.

Categories

TUESDAY, SEPTEMBER 22, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments