Blueliv Intelligence Briefing

Your cybersecurity news summary

Thursday,   August 13th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Alexa voice assistant, exploitable to hand over user data

Users are able to extend Alexa’s capabilities by installing “skills” – additional functionality developed by third-party vendors which can be thought of as apps – such as weather programs and audio features. The smart assistant, which is found in devices such as the Amazon Echo and Echo Dot -- with over 200 million shipments worldwide -- was found to be vulnerable to attackers seeking user personally identifiable information (PII) and voice recordings due to its subdomains being susceptible to Cross-Origin Resource Sharing (CORS) misconfiguration and cross-site scripting (XSS) attacks. Learn more >

Demo Free Trial MSSP