Security News

To understand how Amazon and Skills developers handle audio data, the boffins created an auditing framework to evaluate how voice data gets collected, used, and shared. Technically, the auditing framework involved setting up a custom Raspberry Pi router to record the network endpoints contacted by Amazon Echo and emulating an Amazon Echo by setting up Alexa Voice Service SDK, in order to capture unencrypted network traffic.

The "Hotpatch" released by Amazon Web Services in response to the Log4Shell vulnerabilities could be leveraged for container escape and privilege escalation, allowing an attacker to seize control of the underlying host. The issues - CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, and CVE-2022-0071 - affect the hotfix solutions shipped by AWS, and stem from the fact that they are designed to search for Java processes and patch them against the Log4j flaw on the fly but without ensuring that the new Java processes are run within the restrictions imposed on the container.

Amazon Web Services has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability affecting cloud or on-premise environments running Java applications with a vulnerable version of the Log4j logging library or containers. The hot patch packages from Amazon are not exclusive to AWS resources and allowed escaping a container in the environment and taking control of the host.

Researchers from the University of London and the University of Catania have discovered how to weaponize Amazon Echo devices to hack themselves. Smart speakers lay dormant during the day, waiting for a user to vocalize a particular activation phrase: i.e., "Hey, Google," "Hey, Cortana" or, for the Amazon Echo, "Alexa," or simply, "Echo." Usually, of course, it's the device's owner who issues such commands.

Charities and non-governmental organizations providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia's war. Amazon has detected these attacks while working with the employees of NGOs, charities, and aid organizations, including UNICEF, UNHCR, World Food Program, Red Cross, Polska Akcja Humanitarna, and Save the Children.

Without a critical update, Amazon Alexa devices could wake themselves up and start executing audio commands issued by a remote attacker, according to infosec researchers at Royal Holloway, University of London. Executing the attack requires exploitation of Amazon Alexa Skills.

Cyberattackers are targeting 60 different high-profile companies with the TrickBot malware, researchers have warned, with many of those in the U.S. The goal is to attack those companies' customers, according to Check Point Research, which are being cherry-picked for victimization. The TrickBot malware was originally a banking trojan, but it has evolved well beyond those humble beginnings to become a wide-ranging credential-stealer and initial-access threat, often responsible for fetching second-stage binaries such as ransomware.

Cyberattackers are abusing Amazon Web Services and Azure Cloud services to deliver a trio of remote access trojans, researchers warned - all aimed at hoovering up sensitive information from target users. "When the initial script is executed on the victim's machine, it connects to a download server to download the next stage, which can be hosted on an Azure Cloud-based Windows server or an AWS EC2 instance."

An Amazon Echo owner was left shocked after Alexa proposed a dangerous challenge to her ten-year-old daughter. AI-powered virtual assistants like Alexa that power smart devices and speakers such as Echo, Echo Dot, and Amazon Tap, come with a plethora of capabilities.

Amazon has published a post-event summary to shed some light on the root cause behind this week's massive AWS outage that took down a long list of high-profile sites and online services, including Ring, Netflix, Amazon Prime Video, and Roku. "At 7:30 AM PST, an automated activity to scale capacity of one of the AWS services hosted in the main AWS network triggered an unexpected behavior from a large number of clients inside the internal network," Amazon explained in a summary of this incident.