A Portland family contacted Amazon to investigate after they say a private conversation in their home was recorded by Amazon's Alexa -- the voice-controlled smart speaker -- and that the recorded audio was sent to the phone of a random person in Seattle, who was in the family’s contact list.
"My husband and I would joke and say I'd bet these devices are listening to what we're saying," said Danielle, who did not want us to use her last name.
Every room in her family home was wired with the Amazon devices to control her home's heat, lights and security system.
But Danielle said two weeks ago their love for Alexa changed with an alarming phone call. "The person on the other line said, 'unplug your Alexa devices right now,'" she said. "'You're being hacked.'"
That person was one of her husband's employees, calling from Seattle.
"We unplugged all of them and he proceeded to tell us that he had received audio files of recordings from inside our house," she said. "At first, my husband was, like, 'no you didn't!' And the (recipient of the message) said 'You sat there talking about hardwood floors.' And we said, 'oh gosh, you really did hear us.'" more
Showing posts with label Alert. Show all posts
Showing posts with label Alert. Show all posts
Thursday, May 24, 2018
Wednesday, February 7, 2018
Your Cell Phone Sings "Every Step You Take..."
by Guevara Noubir, Professor of Computer and Information Science, Northeastern University
"My group’s recent research has shown how mobile phones can also track their users through stores and cities and around the world – even when users turn off their phones’ location-tracking services.
The vulnerability comes from the wide range of sensors phones are equipped with – not just GPS and communications interfaces, but gyroscopes and accelerometers that can tell whether a phone is being held upright or on its side and can measure other movements too. Apps on the phone can use those sensors to perform tasks users aren’t expecting – like following a user’s movements turn by turn along city streets.
Most people expect that turning their phone’s location services off disables this sort of mobile surveillance. But the research I conduct with my colleagues Sashank Narain, Triet Vo-Huu, Ken Block and Amirali Sanatinia at Northeastern University, in a field called “side-channel attacks,” uncovers ways that apps can avoid or escape those restrictions. We have revealed how a phone can listen in on a user’s finger-typing to discover a secret password – and how simply carrying a phone in your pocket can tell data companies where you are and where you’re going..." more
Wednesday, December 13, 2017
Security Director Alert: HP Laptops with Hidden Keyloggers
Researcher Michael Myng found a deactivated keylogger in a piece of software found on over 460 HP laptop models. A full list of affected laptops is here. The keylogger is deactivated by default but could represent a privacy concern if an attacker has physical access to the computer...
The bottom line? Update your HP laptop as soon as possible. If you are on HP’s list of affected laptops you can download the fix here. more
The bottom line? Update your HP laptop as soon as possible. If you are on HP’s list of affected laptops you can download the fix here. more
Thursday, November 9, 2017
Eavesdropper: The coding mistake that may be in your phone.
A simple coding error made in hundreds of apps may have exposed as many as 180 million smartphone users to having their text messages and phone conversations intercepted by hackers, security researchers warned.
The warning comes from experts at the cybersecurity firm Appthority, who spotted an error plaguing as many as 685 mobile apps—including one used for secure communications by a federal law enforcement agency...
The issue, which has been dubbed Eavesdropper...
Eavesdropper is an especially troublesome problem for a number of reasons. First, most users are likely unaware of what API their mobile apps use to handle certain features like texts and calls so it is unlikely the average person would be able to spot if an app they are using is vulnerable. more
The warning comes from experts at the cybersecurity firm Appthority, who spotted an error plaguing as many as 685 mobile apps—including one used for secure communications by a federal law enforcement agency...
The issue, which has been dubbed Eavesdropper...
Eavesdropper is an especially troublesome problem for a number of reasons. First, most users are likely unaware of what API their mobile apps use to handle certain features like texts and calls so it is unlikely the average person would be able to spot if an app they are using is vulnerable. more
Tuesday, July 11, 2017
Android Malware Steals Data From 40 Apps
A newly uncovered form of Android malware aims to steal data from over 40 popular apps including Facebook, WhatsApp, Skype and Firefox - and the trojan has been actively engaging in in this illicit activity for almost two years.
Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.
The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more
Dubbed SpyDealer by the Palo Alto Networks researchers who discovered it, the malware harvests vast accounts of personal information about compromised users, including phone numbers, messages, contacts, call history, connected wi-fi information and even the location of the device.The espionage capabilities of the trojan also enable it to record phone calls and videos, along with surrounding audio and video, take photos with both front and rear cameras, take screenshots of sensitive information and monitor the devices location at all times. more
Friday, April 14, 2017
Spy Camera in a USB Charger — Scam or Slam?
You decide...
Hummmm, wait until August and pay through the nose, or... buy it now, on eBay!
Hummmm, wait until August and pay through the nose, or... buy it now, on eBay!
Tuesday, February 21, 2017
Business Espionage: Operation BugDrop - Major Eavesdropping Operation Using PC Microphones to Bug Targets
Researchers have uncovered an advanced malware-based operation that siphoned more than 600 gigabytes from about 70 targets in a broad range of industries, including critical infrastructure, news media, and scientific research.
The operation uses malware to capture audio recordings of conversations, screen shots, documents, and passwords, according to a blog post published last week by security firm CyberX.
Targets are initially infected using malicious Microsoft Word documents sent in phishing e-mails. Once compromised, infected machines upload the pilfered audio and data to Dropbox, where it's retrieved by the attackers. The researchers have dubbed the campaign Operation BugDrop because of its use of PC microphones to bug targets and send the audio and other data to Dropbox.
"Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources," the CyberX researchers wrote. more (Heads up. This hasn't hit hard in the Western Hemisphere yet, but be prepared.)
Spybusters Tip #832: First line of defense... Disable macros on your Word software. Don't turn it back on if prompted to do so by something arriving in your email. ~Kevin
The operation uses malware to capture audio recordings of conversations, screen shots, documents, and passwords, according to a blog post published last week by security firm CyberX.Targets are initially infected using malicious Microsoft Word documents sent in phishing e-mails. Once compromised, infected machines upload the pilfered audio and data to Dropbox, where it's retrieved by the attackers. The researchers have dubbed the campaign Operation BugDrop because of its use of PC microphones to bug targets and send the audio and other data to Dropbox.
"Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources," the CyberX researchers wrote. more (Heads up. This hasn't hit hard in the Western Hemisphere yet, but be prepared.)
Spybusters Tip #832: First line of defense... Disable macros on your Word software. Don't turn it back on if prompted to do so by something arriving in your email. ~Kevin
Monday, February 6, 2017
Security Director Alert - Check the Security of Your Networked Printers
Following recent research that showed many printer models are vulnerable to attacks, a hacker decided to prove the point and forced thousands of publicly exposed printers to spew out rogue messages.
Stackoverflowin claims to be a high-school student from the U.K. who is interested in security research...
The issue of publicly exposed printers is not new and has been exploited before to print rogue and sometimes offensive messages. However, the issue was renewed last week when researchers from Ruhr-University Bochum in Germany published a paper on different attacks against network printers and an assessment of 20 printer models. The researchers also released a Printer Exploitation Toolkit and published a printer hacking wiki.
Users should make sure that their printers can't be accessed through a public Internet Protocol address at all, Stackoverflowin said. However, if they need to do this, they should enforce access rules in their routers and only whitelist certain IP addresses, or set up a virtual private network, he said. more
I occasionally find networked printers are a back door to company networks. The most common issue is unsecured WiFi access. Have your IT department review this post and then double-check the security of the printers. Or, contact me for a complete technical information security inspection (TSCM). ~Kevin
Stackoverflowin claims to be a high-school student from the U.K. who is interested in security research...
The issue of publicly exposed printers is not new and has been exploited before to print rogue and sometimes offensive messages. However, the issue was renewed last week when researchers from Ruhr-University Bochum in Germany published a paper on different attacks against network printers and an assessment of 20 printer models. The researchers also released a Printer Exploitation Toolkit and published a printer hacking wiki.
Users should make sure that their printers can't be accessed through a public Internet Protocol address at all, Stackoverflowin said. However, if they need to do this, they should enforce access rules in their routers and only whitelist certain IP addresses, or set up a virtual private network, he said. more
I occasionally find networked printers are a back door to company networks. The most common issue is unsecured WiFi access. Have your IT department review this post and then double-check the security of the printers. Or, contact me for a complete technical information security inspection (TSCM). ~Kevin
Wednesday, December 21, 2016
Android Phones (700 Million) Have Spying Firmware Pre-installed
The term “mobile phone security” is something of a joke these days, with the number of exploits, bugs, and breaches that are endlessly assaulting us and putting our personal information at risk. So, when security outfit Kryptowire sounded the alarm on Chinese company Adups for using its pre-installed apps to spy on Android users with Blu smartphones, it wasn’t exactly a shock.
Now, however, the impact of Adups alleged spying is growing in magnitude, and it’s dragging other Android device manufacturers into the quagmire.
Adups is a company that facilitates over-the-air updates for mobile devices, so its firmware is pre-installed on lots of devices. However, the firmware does much more than it claims, and has the ability to snoop in areas that it shouldn’t, and without the user ever knowing. That information can then be collected by Adups for whatever purposes it desires.
Trustlook, another digital security firm, dug deeper on what devices utilize Adups and could be used by the Chinese company to scrape your private information, and the list is absolutely massive. Trustlook says that over 700 million Android smartphones have Adups firmware installed that puts the user at risk of having text messages, call histories, and device information collected without their knowledge or consent. more
Now, however, the impact of Adups alleged spying is growing in magnitude, and it’s dragging other Android device manufacturers into the quagmire.Adups is a company that facilitates over-the-air updates for mobile devices, so its firmware is pre-installed on lots of devices. However, the firmware does much more than it claims, and has the ability to snoop in areas that it shouldn’t, and without the user ever knowing. That information can then be collected by Adups for whatever purposes it desires.
Trustlook, another digital security firm, dug deeper on what devices utilize Adups and could be used by the Chinese company to scrape your private information, and the list is absolutely massive. Trustlook says that over 700 million Android smartphones have Adups firmware installed that puts the user at risk of having text messages, call histories, and device information collected without their knowledge or consent. more
Thursday, March 31, 2016
Security Director Alert: 20,000 Printers Under the Siege
The notorious hacker and troll Andrew Auernheimer, also known as “Weev,” just proved that the Internet of Things can be abused to spread hateful propaganda.
On Thursday, Auernheimer used two lines of code to scan the entire internet for insecure printers and made them automatically spill out a racist and anti-semitic flyer.
Hours later, several people started reporting the incident on social media, and eventually a few local news outlets picked up on the story when colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer.
Auernheimer detailed this “brief experiment,” as he called it, in a blog post on Friday. Later, in a chat, he said that he made over 20,000 printers put out the flyer, and defended his actions. more
Imagine the chaos if he sent a more realistic version of the coupon shown above, or false documents to internal company printers. Make sure all printers associated with your company operate in a secure manner – internal and home office units. Don't forget to check for insecure Wi-Fi settings as well. Need help? Call me.
On Thursday, Auernheimer used two lines of code to scan the entire internet for insecure printers and made them automatically spill out a racist and anti-semitic flyer.
Hours later, several people started reporting the incident on social media, and eventually a few local news outlets picked up on the story when colleges and universities all over the United States found that their network printers were spilling out Auernheimer’s flyer.
Auernheimer detailed this “brief experiment,” as he called it, in a blog post on Friday. Later, in a chat, he said that he made over 20,000 printers put out the flyer, and defended his actions. more
Security Director Alert: Update Your HID Card Reader Software - NOW
Let Me Get That Door for You: Remote Root Vulnerability in HID Door Controllers
If you’ve ever been inside an airport, university campus, hospital,
government complex, or office building, you’ve probably seen one of
HID’s brand of card readers standing guard over a restricted area. HID
is one of the world’s largest manufacturers of access control systems
and has become a ubiquitous part of many large companies’ physical
security posture.
Each one of those card readers is attached to a door controller behind the scenes, which is a device that controls all the functions of the door including locking and unlocking, schedules, alarms, etc...
Technical details...
...if we send a Linux command wrapped in backticks, like `id`, it will get executed by the Linux shell on the device. To make matters worse, the discovery service runs as root, so whatever command we send it will also be run as root, effectively giving us complete control over the device.
Since the device in this case is a door controller, having complete control includes all of the alarm and locking functionality. This means that with a few simple UDP packets and no authentication whatsoever, you can permanently unlock any door connected to the controller. And you can do this in a way that makes it impossible for a remote management system to relock it. On top of that, because the discoveryd service responds to broadcast UDP packets, you can do this to every single door on the network at the same time! Needless to say, this is a potentially devastating bug. The Zero Day Initiative team worked with HID to see that it got fixed, and a patch is reportedly available now through HID’s partner portal. more
If you’ve ever been inside an airport, university campus, hospital,
government complex, or office building, you’ve probably seen one of
HID’s brand of card readers standing guard over a restricted area. HID
is one of the world’s largest manufacturers of access control systems
and has become a ubiquitous part of many large companies’ physical
security posture.Each one of those card readers is attached to a door controller behind the scenes, which is a device that controls all the functions of the door including locking and unlocking, schedules, alarms, etc...
Technical details...
...if we send a Linux command wrapped in backticks, like `id`, it will get executed by the Linux shell on the device. To make matters worse, the discovery service runs as root, so whatever command we send it will also be run as root, effectively giving us complete control over the device.
Since the device in this case is a door controller, having complete control includes all of the alarm and locking functionality. This means that with a few simple UDP packets and no authentication whatsoever, you can permanently unlock any door connected to the controller. And you can do this in a way that makes it impossible for a remote management system to relock it. On top of that, because the discoveryd service responds to broadcast UDP packets, you can do this to every single door on the network at the same time! Needless to say, this is a potentially devastating bug. The Zero Day Initiative team worked with HID to see that it got fixed, and a patch is reportedly available now through HID’s partner portal. more
Subscribe to:
Posts (Atom)