EUVD-2022-51376

Malicious code in bioql PyPI...

CVE-2022-48681

Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail...

Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users

Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users. The vulnerabilities "led to an entire break in the security of Sonos's secure boot process across a wide range of devices and remotely being...

(Pwn2Own) Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos Era 100 smart speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SMB2 messages. The issue results from the...

CVE-2022-48681

Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail...

CVE-2022-48681

The CVE CVE-2022-48681 affects some Huawei smart speakers and is described as a memory overflow vulnerability. Huawei PSIRT advisory HWPSIRT-2022-52860 confirms this CVE ID and notes that exploitation may cause certain functions to fail. The connected documents do not provide specific affected mo...

CVE-2022-48681

Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail...

CVE-2022-48681

Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail...

Huawei smart speakers 安全漏洞

Huawei smart speakers are a series of smart speakers from Chinese company Huawei Huawei. A security vulnerability exists in Huawei smart speakers, which stems from the presence of a memory overflow that may cause some functions to fail...

PT-2024-11773 · Huawei · Huawei Smart Speakers

Name of the Vulnerable Software and Affected Versions: Huawei smart speakers affected versions not specified Description: The issue is related to a memory overflow, which may cause certain functions to fail upon successful exploitation. Recommendations: At the moment, there is no information abou...

Novel Attack Turns Amazon Devices Against Themselves

UPDATE Researchers from the University of London and the University of Catania have discovered how to weaponize Amazon Echo devices to hack themselves. The – dubbed “Alexa vs. Alexa” – leverages what the researchers called “a command self-issue vulnerability”: using pre-recorded messages which,...

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

After Google Home users started receiving mysterious alerts when their fire alarms went off or their plates smashed in their homes, Google acknowledged that it accidentally rolled out a feature causing the smart devices to record sounds without the voice prompt. Reports of the privacy faux pas...

Google ‘accidentally’ enabled smart speakers to listen passive sounds

By Zara Khan Google accidentally enabled home smart speakers to listen to more than just voice commands This is a post from HackRead.com Read the original post: Google accidentally enabled smart speakers to listen passive sounds...

Hackers Can Use Ultrasonic Waves to Secretly Control Voice Assistant Devices

Researchers have discovered a new means to target voice-controlled devices by propagating ultrasonic waves through solid materials in order to interact with and compromise them using inaudible voice commands without the victims' knowledge. Called "SurfingAttack," the attack leverages the unique...

Alexa, Siri, Google Smart Speakers Hacked Via Laser Beam

Researchers have discovered a new way to hack Alexa and Siri smart speakers merely by using a laser light beam. No physical access of the victims’ device, or owner interaction, is needed to launch the hack, which allows attackers to send voice assistants inaudible commands such as unlocking doors...

No 'Silver Bullet' Fix for Alexa, Google Smart Speaker Hacks

Researchers this week disclosed new ways that attackers can exploit Alexa and Google Home smart speakers to spy on users. The hacks, which rely on the abuse of “skills,” or apps for voice assistants, allow bad actors to eavesdrop on users and trick them into telling them their passwords over the...

IoT-Implant-Toolkit - Toolkit For Implant Attack Of IoT Devices

IoT-Implant-Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like...

Thousands of Google Chromecast Devices Hijacked to Promote PewDiePie

A group of hackers has hijacked tens of thousands of Google's Chromecast streaming dongles, Google Home smart speakers and smart TVs with built-in Chromecast technology in recent weeks by exploiting a bug that's allegedly been ignored by Google for almost five years. The attackers, who go by...

A week in security (December 17 – 23)

Last week on Labs we looked at Fuchsia OS as a possible alternative for Android, explained all the reasons why cybercriminals want to hack your phone, discussed a flaw in Twitter form that may have been abused by nation states, gave you a Christmas tech scams roundup, revealed why many online...

8 everyday technologies that can make you vulnerable to cyberattacks

The technological advances of the modern world make for an exciting and convenient lifestyle. With each new development, from artificial intelligence to the Internet of Things, we make the mundane and tedious more manageable. The security vulnerabilities of the latest tech have been well...