Cortana – Let’s Start Hacking!
If you’ve ever witnessed the breadth of friendly Alexa hijinks going on in the world you could predict that hackers exploiting voice command vulnerabilities would just be a matter of time.
Well, that time is now. Voice hacking is a real and growing threat according to a mounting body of evidence.
Yesterday afternoon (8/8/18) attendees at Blackhat.com in Las Vegas were treated to a presentation by a group of Israeli students and researchers who revealed what they are calling the “Open Sesame” vulnerability of Cortana.
According to the session overview…
In this presentation, we will reveal the “Open Sesame” vulnerability, a much more powerful vulnerability in Cortana that allows attackers to take over a locked Windows machine and execute arbitrary code. Exploiting the “Open Sesame” vulnerability attackers can view the contents of sensitive files (text and media), browse arbitrary web sites, download and execute arbitrary executables from the Internet, and under some circumstances gain elevated privileges. To make matters even worse, exploiting the vulnerability does not involve ANY external code, nor shady system calls, hence making code focused defenses such as Antivirus, Anti-malware and IPS blind to the attack.
Hackers Never Sleep
As technology continues to integrate into every aspect of our lives we can expect new and different vulnerabilities to emerge. Unfortunately, the hacking and cyber-criminal community never sleeps when it comes to identifying and exploiting these vulnerabilities for their profit at your expense.
Konsultek Stands Vigil
That’s where Konsultek comes in. Our custom security solutions are based upon the most advanced architectures and tools available and stand guard 24x7x365 to keep your networks and information secure. If you are looking for a security partner that is constantly innovating and keeping ahead of the curve please give us a call. Konsultek – your vigilant security partner.
If you’re interested in a complimentary Executive Risk Assessment, just pick up the phone and give us a call to schedule your first step towards greater security.
You’ll understand where your most important digital assets are, what the impact and likelihood of an incident is, and how to protect those assets. Why wouldn’t you want to know something about your business you didn’t know for free!