Amazon

Smashing Security #151: Frankly, sometimes paying the ransom is a good idea

Remember how the City of Baltimore was badly hit by ransomware earlier this year? Turns out that wasn’t the end of their problems. Also, Carole takes a look at how smart speakers can be hacked to trick you into giving criminals your passwords or even credit card details. And we discuss the findings of the LastPass global password security report.

All this, and much much more, in the latest “Smashing Security” podcast.


2 min read

bitdefender.com

Alexa and Google Home devices can be exploited to eavesdrop on users, phish passwords

Researchers have shown just how easy it is for third-parties to exploit the so-called “smart” speakers that many home owners have purchased to eavesdrop on conversations and even steal passwords and credit card details.

Read more in my article on the Bitdefender BOX blog.


0 sec read

Smashing Security #148: Billboard boobs, face forensics, and Alexa gets way too personal

Drivers are distracted by a hacked billboard, we take a deeper look at how the deepfake problem has… uh… deepened, and Carole is less than happy about Amazon’s announcement about new Alexa integrations.

All this, an annoying goose, and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.


2 min read

bitdefender.com

Ex-Amazon worker – suspected of hacking Capital One – faces charges of breaching 30 other companies to mine cryptocurrency

Capital One isn’t the only organisation allegedly to have had its data breached by Paige Thompson, the former Amazon systems engineer.

Read more in my article on the Hot for Security blog.


0 sec read

Amazon now lets you opt-out of having humans review your Alexa conversations

Now it’s Amazon’s turn to respond to growing concerns about sensitive personal conversations recorded by digital home assistants are being reviewed by third-party contractors.


40 sec read

An attempt to phish my Amazon Web Services account

An email arrived purporting to be from Amazon Web Services (AWS). It claimed that unless I confirmed I had given my correct contact information for a domain’s WHOIS record, a website I administer could be suspended.


42 sec read

Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?

The hacker who lived the high life after spreading malware via porn sites, Wipro demonstrates how to turn a cybersecurity crisis into a PR disaster, and why are humans listening in to your Alexa conversations?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Brian Honan.


1 min read

Smashing Security #109: Grinches target Amazon and Reddit, stealing Christmas from the poor

Join us for our special Christmas episode as we tell tales of printer hacking, website defacement, Grinches, and how Google is snooping on your private YouTube videos.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The CyberWire’s Dave Bittner.


1 min read

Supermicro says independent investigation found no spy chips on its motherboards

An independent audit has found no evidence that malicious chips were planted on Supermicro’s motherboards, debunking Bloomberg claims that servers at Amazon and Apple were being spied upon by China.


1 min read

Amazon warns customers it leaked their names and email addresses

What aren’t you telling us Amazon, and why?


1 min read

Department of Homeland Security and GCHQ back Apple and Amazon’s denials they were hacked by China

The US Department of Homeland Security and UK’s GCHQ have rallied behind the vigorous denials issued by Amazon and Apple, after Bloomberg BusinessWeek reported China had planted malicious computer chips on systems used by the tech giants.


2 min read

China accused of sabotaging thousands of servers at major US companies with tiny microchips hidden on motherboards

An extraordinary report released by Bloomberg BusinessWeek, which claims that China has been exploiting the supply-chain, planting a tiny microchip on servers which ended up in the server rooms of almost 30 companies, including the likes of Apple and Amazon.


2 min read

Smashing Security #096: Bribing Amazon staff, and blinking deepfakes

Amazon staff are being bribed to delete negative reviews and leak data, deepfakes are getting more dangerous, an update on John McAfee’s bitcoin bet, and our guest gets a shock…

All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week (for a while at least) by David Bisson.


1 min read

Amazon staff said to be taking bribes to leak data

Often the biggest problem is not the threat of external hackers, but rather internal staff to whom you have granted access to sensitive data and who might be tempted to exploit it for financial gain.


53 sec read

Smashing Security #087: How Russia hacked the US election

Regardless of whether Donald Trump believes Russia hacked the Democrats in the run-up to the US Presidential election or not, we explain how they did it. And Carole explores some of the creepier things being done in the name of surveillance.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


1 min read

welivesecurity.com

Woman says Alexa recorded and shared the private conversation she was having with her husband

It’s every Amazon Alexa owner’s worst nightmare – your private conversations not just being listened to, but shared with random contacts without your knowledge.

Read more in my article on the We Live Security blog.


0 sec read