malicious attacks Blog Terms - Attivo Networks

malicious attacks

SC media logo

Windows 10 Cortana allows attackers to open malicious websites

A vulnerability in the Windows 10 voice assistant, Cortana, allows attackers to open malicious websites on a user’s device even when a PC is locked.

Israeli researchers Tal Be’ery and Amichai Shulman discovered that they could bypass password locks to instruct a device to visit websites since the devices continue to listen for voice commands even when locked and because many users haven’t bothered to train the voice assistant to only obey a single user’s commands, the researchers demonstrated in a YouTube presentation.

Threat actors could insert a USB network adaptor to a locked device and simply give a verbal command instructing Cortana to open the web browser and head to an unencrypted HTTP webpage. The adapter inserted into the USB drive would then intercept the request and redirects the browser to a malicious webpage instead.

Cyber Security Is The Necessity Of The Future

Why Cyber Security?

The WannaCry virus which crippled over 300,000 computers globally reminded the world how fragile computer systems are. As IT systems are playing a larger role in all of our lives, how to shield the system against malicious attacks is one of the most pressing issues prioritise by many.

According to PWC’s crime survey 2016, incidence of cybercrime increased sharply among their respondents, making it the 2nd among the most reported types of economic crime. Yet, most companies are not adequately prepared for it, only 40% of the companies responded to the survey have personnel that are “fully trained” to act as the first responder and only 37% have fully operational incident response plan.

Scroll to Top