Amazon
Smashing Security #151: Frankly, sometimes paying the ransom is a good idea
Remember how the City of Baltimore was badly hit by ransomware earlier this year? Turns out that wasn’t the end of their problems. Also, Carole takes a look at how smart speakers can be hacked to trick you into giving criminals your passwords or even credit card details. And we discuss the findings of the LastPass global password security report.
All this, and much much more, in the latest “Smashing Security” podcast.
bitdefender.com
Alexa and Google Home devices can be exploited to eavesdrop on users, phish passwords
Researchers have shown just how easy it is for third-parties to exploit the so-called “smart” speakers that many home owners have purchased to eavesdrop on conversations and even steal passwords and credit card details.
Read more in my article on the Bitdefender BOX blog.
Smashing Security #148: Billboard boobs, face forensics, and Alexa gets way too personal
Drivers are distracted by a hacked billboard, we take a deeper look at how the deepfake problem has… uh… deepened, and Carole is less than happy about Amazon’s announcement about new Alexa integrations.
All this, an annoying goose, and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.
bitdefender.com
Ex-Amazon worker – suspected of hacking Capital One – faces charges of breaching 30 other companies to mine cryptocurrency
Capital One isn’t the only organisation allegedly to have had its data breached by Paige Thompson, the former Amazon systems engineer.
Read more in my article on the Hot for Security blog.
Amazon now lets you opt-out of having humans review your Alexa conversations
Now it’s Amazon’s turn to respond to growing concerns about sensitive personal conversations recorded by digital home assistants are being reviewed by third-party contractors.
An attempt to phish my Amazon Web Services account
An email arrived purporting to be from Amazon Web Services (AWS). It claimed that unless I confirmed I had given my correct contact information for a domain’s WHOIS record, a website I administer could be suspended.
Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?
The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.
Smashing Security #109: Grinches target Amazon and Reddit, stealing Christmas from the poor
Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The CyberWire’s Dave Bittner.
Supermicro says independent investigation found no spy chips on its motherboards
An independent audit has found no evidence that malicious chips were planted on Supermicro’s motherboards, debunking Bloomberg claims that servers at Amazon and Apple were being spied upon by China.
Amazon warns customers it leaked their names and email addresses
What aren’t you telling us Amazon, and why?
Department of Homeland Security and GCHQ back Apple and Amazon’s denials they were hacked by China
The US Department of Homeland Security and UK’s GCHQ have rallied behind the vigorous denials issued by Amazon and Apple, after Bloomberg BusinessWeek reported China had planted malicious computer chips on systems used by the tech giants.
China accused of sabotaging thousands of servers at major US companies with tiny microchips hidden on motherboards
An extraordinary report released by Bloomberg BusinessWeek, which claims that China has been exploiting the supply-chain, planting a tiny microchip on servers which ended up in the server rooms of almost 30 companies, including the likes of Apple and Amazon.
Smashing Security #096: Bribing Amazon staff, and blinking deepfakes
Amazon staff are being bribed to delete negative reviews and leak data, deepfakes are getting more dangerous, an update on John McAfee’s bitcoin bet, and our guest gets a shock…
All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week (for a while at least) by David Bisson.
Amazon staff said to be taking bribes to leak data
Often the biggest problem is not the threat of external hackers, but rather internal staff to whom you have granted access to sensitive data and who might be tempted to exploit it for financial gain.
Smashing Security #087: How Russia hacked the US election
Regardless of whether Donald Trump believes Russia hacked the Democrats in the run-up to the US Presidential election or not, we explain how they did it. And Carole explores some of the creepier things being done in the name of surveillance.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.
welivesecurity.com
Woman says Alexa recorded and shared the private conversation she was having with her husband
It’s every Amazon Alexa owner’s worst nightmare – your private conversations not just being listened to, but shared with random contacts without your knowledge.
Read more in my article on the We Live Security blog.