Security News
Academics in the US have developed an attack dubbed NUIT, for Near-Ultrasound Inaudible Trojan, that exploits vulnerabilities in smart device microphones and voice assistants to silently and remotely access smart phones and home devices. In an interview with The Register this month, Chen and Xia demonstrated two separate NUIT attacks: NUIT-1, which emits sounds to exploit a victim's smart speaker to attack the same victim's microphone and voice assistant on the same device, and NUIT-2, which exploits a victim's speaker to attack the same victim's microphone and voice assistant on a different device.
SIRIS is fundamentally different than traditional backup and recovery solutions. Utilizing a cloud-first approach, managed service providers can offer their clients an all-in-one solution that incorporates local backup and recovery with a secure, cloud-based repository and full disaster recovery in the cloud.
A now-patched security flaw in Apple's iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri. Apple said "An app may be able to record audio using a pair of connected AirPods," adding it addressed the Core Bluetooth issue in iOS 16.1 with improved entitlements.
They've found a means of using a voice-activated smart speaker system without it having to listen to everything you say - and no, it's not "Pressing a button." "There are a lot of situations where we want our home automation system or our smart speaker to understand what's going on in our home, but we don't necessarily want it listening to our conversations," said the aptly named Alanson Sample, associate professor of electrical engineering and computer science at the University of Michigan.
Datto reintroduced its Virtual SIRIS data protection software. Delivered as a virtual appliance, this software-only version of the Datto SIRIS solution provides MSPs with the flexibility to meet the diverse data protection requirements of their small and medium business clients with fully integrated software running on their own hardware.
Apple is once again demonstrating that it's all in on privacy with new user-protecting features for Mail, Siri, iCloud and additional app-tracking metrics. While there wasn't a single hardware announcement, as was hoped and predicted, the software announcements that Apple made at WWDC 2021 were extensive and are likely to be well-received by iPhone, iPad and Mac users, and privacy stands out as a central theme.
Dubbed SurfingAttack by a US-Chinese university team, this is no parlor trick and is based on the ability to remotely control voice assistants using inaudible ultrasonic waves. Voice assistants - the demo targeted Siri, Google Assistant, and Bixby - are designed to respond when they detect the owner's voice after noticing a trigger phrase such as 'Ok, Google'.
In iOS 13.2, you can opt out of Siri voice review requests and delete recording history from your Apple devices.
Apple may care about your privacy but that doesn't mean it gets it right all the time, especially when it comes to training its Siri AI assistant.
A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the...