Security Alerts blog

Amazon Alexa subdomains are not safe for work

AlexaAlexa
Amazon Alexa subdomains have been found to be vulnerable to Cross-Origin Resource Sharing and Cross-Site Scripting. Exploiting these would have allowed an attacker to install or remove apps without the user’s knowledge and gather information about the device and the user(s). It would have only required one click from a specially crafted amazon link.

IoT devices such as this usually pose a high risk due to the lack of adequate security they possess. The best advice is don’t use these devices if you do not know the risk they bring to your business. If you do plan on using a device like this, ensure it is up to date and accessible to as few people as possible.

Source: Checkpoint

Risk Crew

Share
Published by
Risk Crew
5 years ago

Recent Posts

ISO 42001: Key Insights You Need to KnowISO 42001: Key Insights You Need to Know

ISO 42001: Key Insights You Need to Know

Introducing ISO 42001 – the world’s first international management system standard focused specifically on AI.…

2 months ago
ISO 27001 Requirements | Your Roadmap to ComplianceISO 27001 Requirements | Your Roadmap to Compliance

ISO 27001 Requirements | Your Roadmap to Compliance

Data breaches and cyberattacks have become daily concerns for information security professionals and business leaders.…

2 months ago
DORA | DISCOVERY SESSIONDORA | DISCOVERY SESSION

DORA | DISCOVERY SESSION

3 months ago

DORA Compliance Checklist | GUIDE

4 months ago

Essential Red Team KPIs & Metrics | GUIDE

4 months ago

How to Get Ready for a Penetration Test

It is an undeniable fact that all applications and infrastructures are essentially in need of…

4 months ago