Please consider updating your browser. Some parts of the website may not function as intended.

Amazon Alexa subdomains are not safe for work

Amazon Alexa subdomains have been found to be vulnerable to Cross-Origin Resource Sharing and Cross-Site Scripting. Exploiting these would have allowed an attacker to install or remove apps without the user’s knowledge and gather information about the device and the user(s). It would have only required one click from a specially crafted amazon link.

IoT devices such as this usually pose a high risk due to the lack of adequate security they possess. The best advice is don’t use these devices if you do not know the risk they bring to your business. If you do plan on using a device like this, ensure it is up to date and accessible to as few people as possible.

Source: Checkpoint

Leave a Reply

Your email address will not be published. Required fields are marked *

Do NOT follow this link or you will be banned from the site!