Latest news from Naked Security (2020/03/02)

Siri and Google Assistant hacked in new ultrasonic attack

Researchers have demonstrated how voice assistants can be secretly activated without ever physically touching the device.

Let’s Encrypt issues one billionth free certificate

Thanks to this flood of free certificates, the web is a lot more encrypted than it was a few years ago.

Ironpie robot vacuum can suck up your privacy

You might want to unplug this not-so-smart robot: researchers found they can watch video streams piped out from its security camera.

Fresh phish! Stripe scam baked and delivered in under an hour

Less than an hour after the crooks registered their scamming domain, the phishing attack was under way.

Facebook sues data analytics firm OneAudience over malicious SDK

Facebook says OneAudience paid developers to install its social-media-profile-looting SDK into their apps to get marketing data for clients.

Monday review – the hot 23 stories of the week

From Chrome’s mystery zero-day to why the EC has switched to Signal, get yourself up to date with everything we’ve written in the last week.