Amat Cama and Richard Zhu, a pair of security researchers who go by the name Team Fluoroacetate, found vulnerabilities across multiple devices including an Alexa-powered Amazon Echo and a Samsung Galaxy S10 smartphone. Team Fluoroacetate compromised the devices at an international bug bounty event called Pwn2Own in Tokyo, hosted by Zero Day Initiative. The vulnerability discovered in the Echo allowed the researchers to "take control" of the device.
Separately, the team used a bug in Java Script to gain access to a photo on the Galaxy S10. In total, the researchers were awarded $195,000 for their efforts.
The companies that offer the devices have 90 days to fix the vulnerabilities through software updates before details are shared with the public.
From USA Today
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA