Watch Out


Amazon's voice assistant Alexa open to hacking

Cyber security researchers have disclosed security vulnerabilities in Amazon's Alexa virtual assistant, an additional cyber risk for the increasing number of people and businesses working and operating from a home environment.

According to a report released by Check Point Research, the "exploits could have allowed an attacker to remove/install skills on the targeted victim's Alexa account, access their voice history and acquire personal information through skill interaction when the user invokes the installed skill."

Oded Vanunu, head of product vulnerabilities research, commented: "Smart speakers and virtual assistants are so commonplace that it's easy to overlook just how much personal data they hold, and their role in controlling other smart devices in our homes.

"But hackers see them as entry points into peoples' lives, giving them the opportunity to access data, eavesdrop on conversations or conduct other malicious actions without the owner being aware."

It is understood that Amazon patched the vulnerabilities after the researchers disclosed their findings to the company in June 2020.

"IoT devices are inherently vulnerable and still lack adequate security, which makes them attractive targets to threat actors," the researchers concluded.

"Cyber criminals are continually looking for new ways to breach devices or use them to infect other critical systems. Both the bridge and the devices serve as entry points. They must be kept secured at all times to keep hackers from infiltrating our smart home.”

Be aware! Stay alert!

Twitter vulnerability

Twitter, the social media platform of choice for many businesses, has asked millions of its users to update their Android app after the company found a security flaw.

Twitter stated that the vulnerability could let other malicious apps access private information such as direct messages.

Twitter commented: "We don't have evidence that this vulnerability was exploited by attackers," but it acknowledged "we can't be completely sure" and was taking the highly unusual steps "to keep the small group of potentially vulnerable people safe".

Twitter claims to have more than two billion users, and Google's Play app store says it has been installed more than a billion times onto Android devices.

The announcement follows the high-profile hack that gained access to the company's systems, allowing major celebrities' accounts to be compromised, as reported in our previous newsletter.

Stay alert and remain vigilant when using social media, both personally and on behalf of a business. Your cyber safety is our first priority. Whether you are a sole-trader, or a larger organisation, we want to help you and your team remain safe.

Contact us today at discuss your needs and how our free core membership package can support you.

NEBRC New Logo Sept 2020.png

The Business Resilience Centre for the North East (NEBRC) is a non-profit organisation which exists to support and help protect North East England businesses from cyber crimes.

Connect with us:

  • Twitter
  • LinkedIn
  • YouTube

© 2020 North East Business Resilience Centre