Security News

Drivers working for Amazon Delivery Service Partners are increasingly under constant surveillance for safe driving, monitored by artificial intelligence which awards them a score and generates voice reminders for safe driving. Drivers who spoke to Vice's Motherboard complained the tech is too sensitive, often wrong and making their jobs miserable - and not to mention, taking money out of their paycheck.

Cato Networks announced the results of its analysis of 263 billion enterprise network flows between April and June 2021. Researchers showed a novel use of Houdini malware to promote the spoofing of a device.

Cato Networks SASE Threat Research Report has discovered a new version of the old Houdini malware now being used to steal device information to subvert access rules that check on the device as well as the user. A controversial feature, Sidewalk constructs a shared network between other smart devices including Echo, Ring Security Cams, outdoor lights and more.

Data theft, insider threats and imposters accessing sensitive customer data have apparently gotten so bad inside Amazon, the company is considering rolling out keyboard-stroke monitoring for its customer-service reps. A confidential memo from inside Amazon explained that customer service credential abuse and data theft was on the rise, according to Motherboard which reviewed the document.

A security flaw in Amazon's Kindle e-reader made it vulnerable to malicious eBooks, opening the door to turning the devices into bots, compromising personal information and more. Check Point disclosed the bug to Amazon in February, and it was fixed in April; Amazon released patched firmware to be automatically installed on every Kindle connected to the internet.

Now patched by Amazon, security vulnerabilities found by Check Point would have given attackers access to a Kindle device and its stored data. Amazon Kindle owners could have exposed themselves to a remote control attack simply by opening the wrong e-book.

Amazon earlier this April addressed a critical vulnerability in its Kindle e-book reader platform that could have been potentially exploited to take full control over a user's device, resulting in the theft of sensitive information by just deploying a malicious e-book. "By sending Kindle users a single malicious e-book, a threat actor could have stolen any information stored on the device, from Amazon account credentials to billing information," Yaniv Balmas, head of cyber research at Check Point, said in an emailed statement.

CISA has announced the launch of Joint Cyber Defense Collaborative, a partnership across public and private sectors focused on defending US critical infrastructure from ransomware and other cyber threats. The new initiative's goal is to allow CISA to develop cyber defense plans in collaboration with federal agencies, SLTT partners, and private sector orgs for national resilience against malicious cyber activity targeting critical infrastructure.

Amazon was fined 746 million euros by Luxembourg authorities over allegations it flouted the EU's data protection rules, the online retail giant said Friday. The fine was issued July 16 by the Luxembourg National Commission for Data Protection following its determination that "Amazon's processing of personal data did not comply with the EU General Data Protection Regulation," Amazon said in a securities filing.

Amazon has quietly been hit with a record-breaking €746 million fine for alleged GDPR violations regarding how it performs targeted behavioral advertising. In an SEC Form 10-Q filed today, Amazon states that this massive fine came out of CNPD in July 2021, which fined them for improper processing of personal data.