Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process
Researchers found a number of privacy and security issues in Amazon’s Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.
Web Security
Yeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ Release
Sneaker bots ready to scoop up the new Yeezy Boost 700 “Sun” shoes to resell at a huge markup.
Protecting Sensitive Cardholder Data in Today’s Hyper-Connected World
Retailers that lacked significant digital presence pre-COVID are now reaching new audiences through e-commerce sites that are accessible anytime, from anywhere, on any device.
Health Website Leaks 8 Million COVID-19 Test Results
A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.
Malicious Mozilla Firefox Extension Allows Gmail Takeover
The malicious extension, FriarFox, snoops in on both Firefox and Gmail-related data.
Cisco Warns of Critical Auth-Bypass Security Flaw
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
Tax Season Ushers in Quickbooks Data-Theft Spike
Quickbooks malware targets tax data for attackers to sell and use in phishing scams.
Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking
Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
Microsoft Lures Populate Half of Credential-Swiping Phishing Emails
As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials.
Daycare Webcam Service Exposes 12,000 User Accounts
NurseryCam suspends service across 40 daycare centers until a security fix is in place.