all InfoSec news
Alexa versus Alexa: Controlling Smart Speakers by Self-Issuing Voice Commands. (arXiv:2202.08619v1 [cs.CR])
Feb. 18, 2022, 2:20 a.m. | Sergio Esposito, Daniele Sgandurra, Giampaolo Bella
cs.CR updates on arXiv.org arxiv.org
We present Alexa versus Alexa (AvA), a novel attack that leverages audio
files containing voice commands and audio reproduction methods in an offensive
fashion, to gain control of Amazon Echo devices for a prolonged amount of time.
AvA leverages the fact that Alexa running on an Echo device correctly
interprets voice commands originated from audio files even when they are played
by the device itself -- i.e., it leverages a command self-issue vulnerability.
Hence, AvA removes the necessity of having …
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Cybersecurity Skills Challenge -- Sponsored by DoD
@ Correlation One | United States
Security Operations Center (SOC) Analyst
@ GK Cybersecurity Group | Remote
Lead Security Analyst
@ OpenText | Virtual, CA
Cybersecurity Research Engineer
@ Peraton | Silver Spring, MD, United States
Enterprise Security Engineer
@ Salesforce | California - San Francisco
Senior DevSecOps Engineer
@ Netcompany | Patras, Greece