Security News
Apple has agreed to pay $95 million to settle a class action lawsuit in the U.S. alleging that its Siri assistant recorded private conversations and shared them with third parties. [...]
Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voice-activated Siri assistant. The development was...
Even the sound of a zip could be enough to start the recordings, according to claims Apple has filed a proposed settlement in California suggesting it will pay $95 million to settle claims that...
Academics in the US have developed an attack dubbed NUIT, for Near-Ultrasound Inaudible Trojan, that exploits vulnerabilities in smart device microphones and voice assistants to silently and remotely access smart phones and home devices. In an interview with The Register this month, Chen and Xia demonstrated two separate NUIT attacks: NUIT-1, which emits sounds to exploit a victim's smart speaker to attack the same victim's microphone and voice assistant on the same device, and NUIT-2, which exploits a victim's speaker to attack the same victim's microphone and voice assistant on a different device.
SIRIS is fundamentally different than traditional backup and recovery solutions. Utilizing a cloud-first approach, managed service providers can offer their clients an all-in-one solution that incorporates local backup and recovery with a secure, cloud-based repository and full disaster recovery in the cloud.
A now-patched security flaw in Apple's iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri. Apple said "An app may be able to record audio using a pair of connected AirPods," adding it addressed the Core Bluetooth issue in iOS 16.1 with improved entitlements.
They've found a means of using a voice-activated smart speaker system without it having to listen to everything you say - and no, it's not "Pressing a button." "There are a lot of situations where we want our home automation system or our smart speaker to understand what's going on in our home, but we don't necessarily want it listening to our conversations," said the aptly named Alanson Sample, associate professor of electrical engineering and computer science at the University of Michigan.
Datto reintroduced its Virtual SIRIS data protection software. Delivered as a virtual appliance, this software-only version of the Datto SIRIS solution provides MSPs with the flexibility to meet the diverse data protection requirements of their small and medium business clients with fully integrated software running on their own hardware.
Apple is once again demonstrating that it's all in on privacy with new user-protecting features for Mail, Siri, iCloud and additional app-tracking metrics. While there wasn't a single hardware announcement, as was hoped and predicted, the software announcements that Apple made at WWDC 2021 were extensive and are likely to be well-received by iPhone, iPad and Mac users, and privacy stands out as a central theme.
Dubbed SurfingAttack by a US-Chinese university team, this is no parlor trick and is based on the ability to remotely control voice assistants using inaudible ultrasonic waves. Voice assistants - the demo targeted Siri, Google Assistant, and Bixby - are designed to respond when they detect the owner's voice after noticing a trigger phrase such as 'Ok, Google'.