A Review of the Best News of the Week on AI, IoT, & Mobile Security
Decryption key for Apple iOS Secure Enclave Processor firmware revealed (Help Net Security, Aug 21 2017)
A hacker has apparently figured out the decryption key for Apple’s Secure Enclave Processor (SEP) firmware, and made it available online…
Confusing Self-Driving Cars by Altering Road Signs (Schneier on Security, Aug 11 2017)
Researchers found that they could confuse the road sign detection algorithms of self-driving cars by adding stickers to the signs on the road. They could, for example, cause a car to think that a stop sign is a 45 mph speed limit sign…
Anti-phishing security checks in the Gmail app for iOS (G-Suite Updates, Aug 10 2017)
Going forward, when you click on a suspicious link in a Gmail message on your iPhone or iPad, they’ll show a warning…
Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report
How Pwnie Express is Positioning to Secure Enterprises from IoT Risks (eWEEK, Aug 16 2017)
Security vendor Pwnie Express initially focussed on providing penetration testing tools and hardware to security researchers, but over the course of the last two years has shifted toward focusing on enterprises and the emerging threat from rogue Internet of Things (IoT) devices…
Thousands of Android-spying apps in the wild: what to do about SonicSpy (Naked Security, Aug 16 2017)
Google has done a good job of removing infected apps from the Play store, but victims are being hit from other sources…
Smart Locks Bricked by Bad Update (Threatpost, Aug 16 2017)
LockState CEO says he is “deeply sorry” about an erroneous wireless update that bricked hundreds of smart locks…
Secret chips in replacement parts can completely hijack your phone’s security (Ars Technica, Aug 18 2017)
Booby-trapped touchscreens can log passwords, install malicious apps, and more…
Turning an Amazon Echo into an Eavesdropping Device (Schneier on Security, Aug 10 2017)
For once, the real story isn’t as bad as it seems. A researcher has figured out how to install malware onto an Echo that causes it to stream audio back to a remote controller, but: The technique requires gaining physical access to the target Echo, and it works only on devices sold before 2017. But there’s no software fix…
Got an iPhone? Here’s what we think about the security of iOS11 (Naked Security – Sophos, Aug 17 2017)
Will your iOS device be more or less secure when iOS11 is launched? We’ve had a look beyond the cosmetic tweaks to the security features…
Auto-Clicking Android Adware Found in 340 Apps on the Google Play Store (BleepingComputer, Aug 21 2017)
The developer(s) of an Android adware family named GhostClicker has managed to sneak his malware on the official Google Play Store on several occasions, hiding it in as much as 340 mundane Android apps…