Tag Archive for: Amazon’s

Amazon’s Ring claimed to be attacked by ALPHV ransomware



Amazon’s security camera firm Ring has been purported to be compromised by the ALPHV ransomware operation, also known as BlackCat, which has threatened to expose the stolen data, reports Motherboard.

Source…

Has Amazon’s Ring Been Hacked? Ransomware Gang Posts Data Leak Threat


A ransomware group known as ALPHV claims to have breached the doorbell and security camera company, threatening to publish Ring’s data.

The ALPHV ransomware gang, known to be behind a spate of BlackCat ransomware attacks and operating a ransomware-as-a-service operation, has claimed to have successfully breached Ring, the Amazon owned doorbell and security camera company.

As first reported by Vice, the ransomware group website has published a threat, next to the Ring company logo, to “leak your data.” The group behind the BlackCat ransomware malware has created a searchable database of victims who do not pay, accessible by affiliate groups.

VX-Underground, one of the largest online collections of malware source code, has confirmed in a 13 March tweet that the claim has been published by ALPHV.

Currently, it is not known what, if any, data has been breached by ALPHV. Therefore, there is no advice for Ring users as to what they should do at this time. Ring devices support end-to-end encryption (E2EE) in most countries, and if enabled, means that neither Amazon nor law enforcement, or ransomware groups for that matter, could access uploaded footage. However, if this ransomware attack proves to be confirmed, it is possible that the cybercriminals have exfiltrated corporate or customer data rather than video.

I have reached out to both Amazon and Ring for a statement, and a Ring spokesperson told me this morning, that: “We currently have no indications that Ring has experienced a ransomware event.”

This story is still developing, however, and if that statement evolves I will update this article in due course. Meanwhile, Vice reports that an internal Amazon Slack channel, updated following the publication of its story, warned: “Do not discuss anything about this. The right security teams are engaged.” It is those security teams that have likely determined, at least for now, that ALPHV has not perpetrated a successful BlackCat ransomware deployment.

MORE FROM FORBESWhy You Should Stop Using LastPass After New Hack Method Update
Follow me on Twitter or LinkedInCheck out my website or some of my other work 

Source…

Amazon’s Dark Secret: It Has Failed to Protect Your Data


On September 26, 2018, a row of tech executives filed into a marble- and wood-paneled hearing room and sat down behind a row of tabletop microphones and tiny water bottles. They had all been called to testify before the US Senate Commerce Committee on a dry subject—the safekeeping and privacy of customer data—that had recently been making large numbers of people mad as hell.

Committee chair John Thune, of South Dakota, gaveled the hearing to order, then began listing events from the past year that had shown how an economy built on data can go luridly wrong. It had been 12 months since the news broke that an eminently preventable breach at the credit agency Equifax had claimed the names, social security numbers, and other sensitive credentials of more than 145 million Americans. And it had been six months since Facebook was engulfed in scandal over Cambridge Analytica, a political intelligence firm that had managed to harvest private information from up to 87 million Facebook users for a seemingly Bond-villainesque psychographic scheme to help put Donald Trump in the White House.

To prevent abuses like these, the European Union and the state of California had both passed sweeping new data privacy regulations. Now Congress, Thune said, was poised to write regulations of its own. “The question is no longer whether we need a federal law to protect consumers’ privacy,” he declared. “The question is, what shape will that law take?” Sitting in front of the senator, ready to help answer that question, were representatives from two telecom firms, Apple, Google, Twitter, and Amazon.

Notably absent from the lineup was anyone from Facebook or Equifax, which had been grilled by Congress separately. So for the assembled execs, the hearing marked an opportunity to start lobbying for friendly regulations—and to assure Congress that, of course, their companies had the issue completely under control.

No executive at the hearing projected quite as much aloof confidence on this count as Andrew DeVore, the representative from Amazon, a company that rarely testifies before Congress. After the briefest of greetings, he began his opening remarks by quoting one of his company’s core maxims to…

Source…

Amazon’s Astro may be cute, but security experts warn of privacy concerns


amazon-astro-reax-4

Astro may be cute, but he’ll always be watching.


Amazon

Amazon’s new robot is designed to zip around your house and serve as a faithful watchdroid. Named Astro, the bot will keep an eye on an aging family member and warn you if the stove is inadvertently left on. You’ll never have to worry about the bot’s focus; Astro can’t be distracted by a big steak. 

With big round blinking eyes, Astro is reminiscent of Pixar’s Wall-E and just as cute. But privacy experts say consumers need to be aware that those eyes might not be real but they’ll always be watching.

“One of my big fears about this new wave of technology that [Amazon has] unleashed this week is that it will introduce more full-scale data harvesting,” says Matthew Guariglia, a policy analyst for the Electronic Frontier Foundation. “Who knows what data they could harvest from a robot that travels around your home?”

Saving the showstopper until the end of its hour-long fall product event, Amazon took the wraps off Astro on Tuesday. The robot, available by invite only for the moment, costs $1,000. The price will jump to $1,450 when it’s released more broadly.

Amazon says the smart home robot, a sort of Alexa on wheels, can monitor security, keep tabs on young family members and be there for whatever you might need Alexa for, like voice control of your lights. The bot is operated via an app that also receives Astro’s alerts. The app is used as well to drive the robot around and see what it sees.

While Astro serves as a test of whether we want robots wheeling around our homes, it’s also another example of a product from Amazon that stretches the bounds of…

Source…