Apps vulnerable to SQL injection by way of virtual assistant verbal commands

guest · Sep 12, 2019

Apps vulnerable to SQL injection by way of virtual assistant verbal commands
September 11, 2019
http://www.scmagazine.com/applicati...-by-way-of-virtual-assistant-verbal-commands/

Malicious hackers can use verbal commands to perform SQL injections on web-based applications run by virtual assistants such as Amazon’s Alexa, researchers say.

“Leveraging voice-command SQL injection techniques, hackers can give simple commands utilizing voice text translations to gain access to applications and breach sensitive account information,” reports Baltimore, Maryland-based Protego Labs, in a blog post this morning.
The flaw that enables voice-based attacks doesn’t lie within Alexa or, for that matter, Google Assist, Cortana, Siri and similar technologies. Rather, the problem are the apps themselves, Protego explains.
Click to expand...

Log in or Sign up

Apps vulnerable to SQL injection by way of virtual assistant verbal commands

guest Guest

Log in or Sign up

Apps vulnerable to SQL injection by way of virtual assistant verbal commands

guest Guest

Useful Searches