A Review of the Best News of the Week on AI, IoT, & Mobile Security
Artificial intelligence cyber attacks are coming – but what does that mean (The Conversation, Aug 27 2017)
People will still have to create attack AI systems, and launch them at particular targets. But nevertheless, adding AI to today’s cybercrime and cybersecurity world will escalate what is already a rapidly changing arms race between attackers and defenders…
Tech Firms Team Up to Take Down ‘WireX’ Android DDoS Botnet (Krebs on Security, Aug 28 2017)
A half dozen technology and security companies — some of them competitors — issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle ‘WireX,’ an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive cyber attacks….
Is Your Mobile Carrier Your Weakest Link? (Krebs on Security, Aug 27 2017)
More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account. Below are some tips to ensure your mobile device (or, more specifically, your mobile carrier) isn’t the weakest link in your security chain…
Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report
This Mirai malware vaccine could protect insecure IoT devices (Network World Security, Aug 25 2017)
Researchers have created a white worm from the Mirai source code to defend IoT devices that have weak security…
Sorry, Banning ‘Killer Robots’ Just Isn’t Practical (Wired, Aug 21 2017)
116 entrepreneurs, including Elon Musk, released a letter to the United Nations warning of the dangerous “Pandora’s Box” presented by weapons that make their own decisions about when to kill…
Hackers Are the Real Obstacle for Self-Driving Vehicles (MIT Technology Review, Aug 22 2017)
Before autonomous trucks and taxis hit the road, manufacturers will need to solve problems far more complex than collision avoidance and navigation…
Apple iOS Exploit Takes Complete Control of Kernel (Dark Reading:, Aug 24 2017)
Researchers demonstrated the exploit at the Hack In the Box conference in Singapore, saying all iOS devices running versions 10.3.1 released in April as well as earlier versions are currently vulnerable to the attack.
iOS 11 Allows Users to Disable Touch ID (Schneier on Security, Aug 21 2017)
A new feature in Apple’s new iPhone operating system — iOS 11 — will allow users to quickly disable Touch ID. A new setting, designed to automate emergency services calls, lets iPhone users tap the power button quickly five times to call 911. This doesn’t automatically dial the emergency services by default, but it brings up the option to and…
This Linux tool could improve the security of IoT devices (Network World Security, Aug 24 2017)
Snappy, a software deployment and package management system designed and built by Canonical for the Ubuntu operating system, could be a shortcut to building a trusted IoT application…
Even Artificial Neural Networks Can Have Exploitable ‘Backdoors’ (Wired, Aug 25 2017)
NYU professor Siddharth Garg checked for traffic, and then put a yellow Post-it onto a stop sign outside the Brooklyn building in which he works. When he and two colleagues showed a photo of the scene to their road-sign detector software, it was 95 percent sure the stop sign in fact displayed a speed limit…
Industrial Cobots Might Be The Next Big IoT Security Mess (Threatpost, Aug 22 2017)
Researchers at IOActive have found nearly 50 vulnerabilities in industrial collaborative robots, machines that work side-by-side with people in manufacturing and other settings, that can be abused to possibly cause physical harm to workers, or even configured to spy on their surroundings.
Mobile malware factories: Android apps for creating ransomware (Symantec, Aug 24 2017)
Having little to no coding experience is no longer a problem for wannabe mobile malware authors, thanks to Trojan Development Kits (TDKs). Criminals can now install an app that will allow them to quickly and easily create Android ransomware with their own devices…
Leak of >1,700 valid passwords could make the IoT mess much worse (Ars Technica, Aug 25 2017)
Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 “Internet of things” devices and make them part of a destructive botnet…
Hackers Use Thousands Of Infected Android Devices In DDoS Attacks (Forbes, Aug 29 2017)
Hundreds of thousands of home routers, IP cameras and other internet-of-things devices have been infected with malware over the past year and have been used to launch some of the largest distributed denial-of-service (DDoS) attacks ever recorded. Attackers are now doing the same with Android devices, with the help of malicious applications hosted on Google Play and other third-party app stores…