A Review of the Best News of the Week on AI, IoT, & Mobile Security

Detecting and blocking socially engineered spyware on Android (Google, Nov 27 2017)
Google is constantly working to improve our systems that protect users from Potentially Harmful Applications (PHAs). Usually, PHA authors attempt to install their harmful apps on as many devices as possible. However, a few PHA authors spend substantial effort, time, and money to create and install their harmful app on a small number of devices to achieve a certain goal.

AWS ramps up in AI with new consultancy services and Rekognition features (TechCrunch, Nov 22 2017)
AWS Re:invent conference this week. AWS is opening a machine learning lab, ML Solutions Lab, to pair Amazon machine learning experts with customers looking to build solutions using the AI tech. And it’s releasing new features within Amazon Rekognition, Amazon’s deep learning-based image recognition platform: real-time face recognition and the ability to recognize text in images.

Google Downplays Report On Android Location Data Collection (eWEEK, Nov 21 2017)
Company says data was collected as part of a heartbeat function to maintain connectivity but never actually used.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

The Military Should Teach Artificial Intelligence to Watch Drone Footage (Wired, Nov 26 2017)
Opinion: The Pentagon collects so much surveillance footage that humans can’t watch all of it. It’s time to deploy AI.

Innovation Update: Really Testing AI and Workforce Skills Gap (Gartner Blog Network, Nov 27 2017)
In ‘Google brain connects his StarCraft past with AI future‘ we read of a real interesting test of AI. An old StarCraft national champion is working with DeepMind to develop an AI not capable of winning StarCraft. This is quite different to the recent breakthrough that came with winning Go.

Three Things to Consider Before Incorporating Machine Learning into Your Security Efforts (SecurityWeek, Nov 27 2017)
We have been hearing a lot of buzz about artificial intelligence (AI) for years, but more recently, the discussion within the cybersecurity industry has centered around machine learning (ML), an approach to AI that focuses on using algorithms to sift through data, learn from it and inform action based on the analytics, such as automatically preventing an unknown threat.

The First AI-driven Solution for SAP Cybersecurity (Business Insider, Nov 22 2017)
The new smart ERPScan platform introduces three salient features to SAP security: threats and anomalies detection with a specific interface and functions based on a user’s role; the integration of all SAP security areas (e.g. Platform security, Code security, and SoD); the support for SAP cybersecurity requirements from Gartner PPDR (Predict, Prevent, Detect, Respond and Monitor) framework.

Expanding AI tools and resources for developers and data scientists on Azure (Microsoft Azure Blog, Nov 15 2017)
Microsoft nows enables developers and data scientists to infuse AI into new and existing applications quickly and easily with the following announcements:
-Updates to Azure Machine Learning (AML) including Azure IoT Edge integration.
-A new Azure Databricks service that combines the best of Databricks and Azure for spark-based analytics.
-A new Visual Studio Tools for AI development environment with Azure Machine Learning integration.

The Looming War of Good AI vs. Bad AI (Dark Reading, Nov 28 2017)
The rise of artificial intelligence, machine learning, hivenets, and next-generation morphic malware is leading to an arms race that enterprises must prepare for now.

Defining and securing the Internet of Things (Help Net Security, Nov 22 2017)
The EU Cybersecurity Agency ENISA published a report on the security of the Internet of Things (IoT). The study aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.

New Mirai variant back on radar after new exploit code published (SC Magazine, Nov 27 2017)
A new strain of the Mirai IoT malware has been discovered following the publication of exploit code targeting networking equipment.

Samsung Pay Leaks Mobile Device Information (Dark Reading, Nov 22 2017)
Researcher at Black Hat Europe will show how Samsung Pay’s security falls short and ways attackers could potentially bypass it.

New BankBot Version Avoids Detection in Google Play — Again (Dark Reading, Nov 27 2017)
Mobile banking Trojan BankBot uses a unique payload downloading technique to skip past Google Play Protect.

Android Mobile Exploitation with Evil-Droid (Hacking Articles, Nov 27 2017)
How to generate apk payload with help of “Evil-Droid”. It is the tool use to compromise any android deceive for attacking point, we are using it only for educational purpose. Evil-Droid is a framework that creates & generates & embed apk payload to penetrate android platforms.

Cellphone tracking case in front of SCOTUS could have broad privacy implications (SC Magazine, Nov 27 2017)
Citing the third-party doctrine, the government has argued it didn’t need a warrant because when people voluntarily give over information to third-party providers they have no reasonable expectation of privacy.

Smartphone adoption among older Americans continues growth spurt (WeLiveSecurity, Nov 23 2017)
US consumers aged 55 and older have been taking a cue from their younger peers and are now at the front of the queue in the adoption and use of mobile devices and services. This is just one of several intriguing insights gleaned from the US edition of Deloitte’s 2017 Global Mobile Consumer Survey.