Malicious Apps on Alexa or Google Home Can Spy or Steal Passwords

Google and Amazon smart speakers can be leveraged to record user conversation or to phish for passwords through malicious voice apps, security researchers warn. Unless the two companies take measures to improve the review process and the restrictions for apps integrating with their smart devices, malicious developers could exploit the weakness to capture audio from…

Read More

Mozilla Rolls Out Code Injection Attack Protection in Firefox

Mozilla rolled out protection measures to block code injection attacks in the Firefox web browser, with the attack surface being reduced by removing eval()-like functions and inline scripts occurrences. “A proven effective way to counter code injection attacks is to reduce the attack surface by removing potentially dangerous artifacts in the codebase and hence hardening…

Read More

Programa de Seguridad al Cliente SWIFT CSP v2020

En 2017 SWIFT presentó su marco de controles de seguridad para el cliente (CSP) para impulsar la mejora de la seguridad y transparencia en toda la comunidad financiera mundial. CSP SWIFT se centra en tres áreas: proteger el entorno local, prevenir y detectar fraudes en las relaciones comerciales y compartir continuamente información y prepararse para…

Read More