Security News

To understand how Amazon and Skills developers handle audio data, the boffins created an auditing framework to evaluate how voice data gets collected, used, and shared. Technically, the auditing framework involved setting up a custom Raspberry Pi router to record the network endpoints contacted by Amazon Echo and emulating an Amazon Echo by setting up Alexa Voice Service SDK, in order to capture unencrypted network traffic.

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency on Thursday issued a joint alert to warn about the growing threat from voice phishing or "Vishing" attacks targeting companies. "In mid-July 2020, cybercriminals started a vishing campaign-gaining access to employee tools at multiple companies with indiscriminate targeting - with the end goal of monetizing the access."

The latest edition of the bi-annual hacking contest saw creative exploits in new device categories.

Here are Larry Dignan's key takeaways from Amazon's 2019 hardware event and what it means for smart home integration, privacy, and digital assistants.

On this week's Threatpost news wrap, the team discusses Facebook's FTC fine for its data security practices, a report that Amazon is collecting Echo users' geolocation data, and more.

Amazon is under fire for its privacy policies after a Bloomberg report revealed that the company hires auditors to listen to Echo recordings.

After one German user requested a copy of their Alexa voice history under the GDPR, he got another user's data in the process.

But it requires custom hardware, firmware and access to your Wi-Fi DEF CON Hackers have managed to hack Amazon's Echo digital assistant and effectively turn it into a listening device, albeit...

Researchers make an Alexa skill that turns your Echo into a eavesdropper

Remember BlueBorne? A series of recently disclosed critical Bluetooth flaws that affect billions of Android, iOS, Windows and Linux devices have now been discovered in millions of AI-based...