A Review of the Best News of the Week on AI, IoT, & Mobile Security

Artificial intelligence beats Captcha at its own game (The Inquirer, Oct 30 2017)
Yes, it’s been cracked. Again. But this time by a machine…

Global Mobile Trends Report (Trulioo, Oct 31 2017)
Over five billion people now have mobile phones – that’s two-thirds of the global population. Considering that 10 years ago, the number was around two billion, it’s no wonder that mobile phones is one of the fastest growing technologies, ever.

The Top 5 Scariest Mobile Threats (McAfee Blogs, Oct 31 2017)
Here’s a fun and kinda goofy way to summarize mobile threats with a halloween themed spin. Happy Halloween!

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Machine Learning Algorithms Explained – Random Forests (Blog Easy Solutions, Oct 11 2017)
Random Forests are supervised ensemble-learning models used for classification and regression. Ensemble learning models aggregate multiple machine learning models, allowing for overall better performance. The logic behind this is that each of the models used is weak when employed on its own, but strong when put together in an ensemble.

Apple denies Bloomberg’s claims of lowering iPhone X face-recognition accuracy (SC Magazine, Oct 25 2017)
Apple is disputing claims that tech giant ordered manufacturers to lower the accuracy of its face-recognition to make the iPhone X easier to manufacture.

Apple’s Core ML Could Surface Your iOS Secrets (Wired, Oct 26 2017)
Apple’s Core ML is a boon for developers, but security experts worry that it also could make it easier for bad actors to snoop on your private data.

The iOS privacy loophole that’s staring you right in the face (Naked Security – Sophos, Oct 27 2017)
Your iPhone’s camera and microphone could be capturing more than you realize

Lieu, Markey introduce Cyber Shield Act of 2017 for IoT devices (SC Magazine, Oct 30 2017)
A new bill designed to identify, verify, and label compliant Internet-of-Things (IoT) devices with strong cybersecurity standards has been introduced by two federal lawmakers.

Android takes aim at ISP surveillance with DNS privacy (Naked Security – Sophos, Oct 27 2017)
Google turns its attention to your unencrypted DNS

Data Science Talks Machine-Learning and Artificial Intelligence (Cylance Blog, Oct 31 2017)
Many tech experts have become concerned about the privacy implications of using Internet of Things (IoT) devices. There are understandable questions about what exactly Amazon and Google are doing with all of the data they acquire from consumer Echo and Home usage, and whether these Internet connected devices may be vulnerable to cyber attack.

More than 90% of service providers say a secure IoT architecture increases sales (Gemalto blog, Oct 31 2017)
Gemalto surveyed IoT service providers on their attitudes to security – here’s what they told them.

CloudAI for User and Entity Based Analytics (UEBA) (LogRhythm, Oct 31 2017)
Earlier this month, LogRhythm released LogRhythm CloudAI—the most recent chapter in their User and Entity Behavior Analytics (UEBA) story. LogRhythm CloudAI uses machine learning to apply behavioral analytics to user behavior. By modeling user behavior to uncover security relevant anomalous activity, it can detect previously unknown attacks across your security environment.

A Checklist for Securing the Internet of Things (Dark Reading, Oct 26 2017)
IoT devices promise endless benefits, but they also come with serious security issues. Use this checklist to make sure your company stays safe.

Check Point IoT Blog Series: ‘Home, Smart Home’ – But How Secure Is It? (Check Point Blog, Oct 31 2017)
Some basic, practical measures that you can (and should) take to better secure the smart devices and networks in your home against hacking and digital intrusion attempts.

Reaper IoT botnet threat: Why enterprises must guard against it (IoT Institute, Oct 31 2017)
There is no need to panic at this point, but, on the other hand, all wireless IP security cameras, and particularly the brands GoAhead, D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys and Synology should be examined for vulnerabilities, or patched with firmware upgrades where available.

IoT Wake Up Call and How to Deal with It (SC Magazine, Oct 30 2017)
“The benefits of IoT are too valuable to risk. We have to stop viewing security as a barrier to deployment. Until enterprises realize that security actually enables IoT to reach its promise, I’ll continue to be a skeptic.”