Application security, Security
June 15, 2023
Via: The Hacker NewsIn what’s a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. “Malicious binaries […]
Application security, Security
August 18, 2022
Via: Help Net SecurityA vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been exploited by attackers to extract users’ personal data and device’s data, including […]
November 4, 2021
Via: Dark ReadingA new multistage phishing campaign spoofs Amazon’s order notification page and includes a phony customer service voice number where the attackers request the victim’s credit card details to correct the errant “order.” The campaign, highlighted in new research from Avanan […]
October 26, 2021
Via: Security WeekThe secret contract was signed this year and experts estimate its value at £500 million ($690 million) to £1 billion, the newspaper said, citing people familiar with the discussions. It was said to be spearheaded by Britain’s cybersecurity agency GCHQ, […]
August 26, 2021
Via: Computer WeeklyAmazon, Apple, Google, IBM and Microsoft have collectively made a series of commitments to support US president Joe Biden’s “whole-of-nation” effort to address cyber security threats against US citizens, organisations and critical infrastructure operators. The undertakings were detailed following a […]
May 21, 2021
Via: Help Net SecurityFraudsters are sending out fake Amazon order emails and tricking online shoppers into calling a telephone number manned by them to steal the shoppers’ credit card details and other sensitive information. The fake Amazon order emails Armorblox has recently spotted […]
January 13, 2021
Via: Security Week“I think the stars are better aligned than ever in the past,” Keith Enright, Google’s chief data privacy office, told a discussion Tuesday on trust and privacy. The European Union’s General Data Protection Regulation (GDPR), which has applied since May […]
March 12, 2020
Via: Naked SecurityResearchers have discovered another big database containing millions of European customer records left unsecured on Amazon Web Services (AWS) for anyone to find using a search engine. A total of eight million records were involved, collected via marketplace and payment […]
February 11, 2020
Via: Help Net SecurityPayPal remains the top brand impersonated in phishing attacks for the second quarter in a row, with Facebook taking the #2 spot and Microsoft coming in third, according to Vade Secure. Leveraging data from more than 600 million protected mailboxes […]
Hacker, Mobile, Mobile security, Threats & Malware
January 22, 2020
Via: Security AffairsIn April 2019, Gavin de Becker, the investigator hired by Amazon chief Jeff Bezos to investigate into the release of his intimate images revealed that Saudi Arabian authorities hacked the Bezos’s phone to access his personal data. Gavin de Becker […]
January 20, 2020
Via: Computer WeeklyThe lack of care being taken to correctly configure cloud environments has once again been highlighted by two serious data leaks in the UK caused by leaking Amazon Simple Storage Service (S3) bucket databases. As a default setting, Amazon S3 […]
Access control, Network security, Security
November 21, 2019
Via: The HillA group of Senate Democrats raised concerns on Wednesday around the data security practices of Amazon’s home security company, Ring. In a letter to Amazon CEO Jeff Bezos, Democratic Sens. Ron Wyden (Ore.), Chris Van Hollen (Md.), Chris Coons (Del.), […]
Cloud security, Network security
October 24, 2019
Via: Security WeekAmazon Web Services (AWS) customers experienced service interruptions yesterday as the company struggled to fight off a distributed denial-of-service (DDoS) attack. As part of such an assault, attackers attempt to flood the target with traffic, which would eventually result in […]
Access control, Network security, Security
October 14, 2019
Via: Security WeekThe US tech giant, which has come under scrutiny by antitrust enforcers and has been criticized over its use of facial recognition software, set out its positions in a statement posted late Thursday on its corporate website. Some of those […]
August 2, 2019
Via: Security WeekLeaders of House and Senate committees want Capital One and Amazon to explain to Congress how a hacker accessed personal information from more than 100 million Capital One credit card customers and applicants. The incident was the latest massive data […]
Mobile, Network security, Privacy protection
July 23, 2019
Via: Threat PostVoice assistants are growing rapidly in popularity — but at the same time, the privacy concerns and security issues with popular home assistant devices like Amazon Echo and Google Home are peaking too. Earlier in July, Amazon came under fire […]
Mobile, Network security, Privacy protection
July 3, 2019
Via: Threat PostAmazon has acknowledged that it retains the voice recordings and transcripts of customers’ interactions with its Alexa voice assistant indefinitely. The admission raises questions about how long companies should be able to save highly-personal data collected from voice assistant devices. […]
July 1, 2019
Via: Hot for SecuritySome of the world’s biggest companies have had 750GB worth of their innermost secrets revealed on unsecured Amazon S3 buckets, available for anybody to download – no password required. The startling revelation came from researchers at UpGuard, who discovered three […]
January 21, 2019
Via: Dark ReadingAn Austrian non-profit, led by privacy activist and attorney Max Schrems, has filed suit against 8 tech giants for non-compliance with the EU General Data Protection Regulation. An Austrian non-profit organization, noyb, has filed suit under GDPR against eight firms […]
December 24, 2018
Via: Security WeekExecutives may need to reconsider whether Amazon’s Alexa personal assistant is listening to more than just their commands. Or perhaps the telephone conference attendee who pauses to gather details from Alexa is giving the device more than just his or […]