A Review of the Best News of the Week on AI, IoT, & Mobile Security

Fitness-Tracking App Leaking Sensitive Military Info (Infosecurity Magazine, Jan 29 2018)
The Strava app could show the location of soldiers stationed at sensitive locations, such as military bases.

Deepfakes AI celebrity porn channel shut down by Discord (Naked Security – Sophos, Jan 30 2018)
Reddit, birthplace of AI-generated deepfakes, hasn’t made any such move to do the same, though it too has a policy against involuntary porn.

Dark Caracal Campaign Breaks New Ground with Focus on Mobile Devices (Dark Reading, Jan 23 2018)
This is the first known global-scale campaign primarily focused on stealing data from Android devices, Lookout and EFF say.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Life at the Intersection of AI and Society with Dr. Ece Kamar (Microsoft Research, Jan 24 2018)
As the reality of artificial intelligence continues to capture our imagination, and critical AI systems enter our world at a rapid pace, Dr. Ece Kamar, a senior researcher in the Adaptive Systems and Interaction Group at Microsoft Research, is working to help us understand AI’s far-reaching implications, both as we use it, and as we build it.

AI in the Workplace: How Digital Assistants Impact Cybersecurity (Infosecurity Magazine, Jan 29 2018)
Chips developed by MIT hint at the development of digital assistants that no longer require a web connection to process AI-related tasks like voice recognition, potentially closing many of the security flaws these devices possess.

When AI enters the maze of cybersecurity (eeNews Europe, Jan 29 2018)
In a talk titled “Connected Intelligence”, Trend Micro’s technical director Renaud Bidou gave us his vision for 2020, arguing that learning from experience, more bugs and more patches would follow, opening room for new worms exploiting unpatched vulnerabilities. “What will never change is that there will always be bugs, patches, and users will click” (on links to malware or compromised documents), he said.

AI’s Role in Enterprise Cybersecurity (eSecurity Planet, Jan 29 2018)
Buried in this mountain of malware was evidence that attackers were using unconventional methods to not only bypass traditional antivirus solutions, but also AI-powered ones.

Axway Partners with Elastic Beam to Leverage Artificial Intelligence for API Security (Business Insider, Jan 30 2018)
Together, Axway and Elastic Beam will help organizations achieve optimal security and ecosystem engagement by leveraging an AI engine, integrated with Axway API Gateway, that automatically detects and blocks new attacks on APIs.

The moving target of IoT security (Network World Security, Jan 25 2018)
Specialist security firms are doing their best to keep pace with the changing nature of the IoT security threat. Companies like Pwnie Express – which got its start making penetration testing devices – have tried to adapt to the new threat landscape.

Hide ‘N Seek IoT botnet caught using Peer-to-Peer communication (SC Magazine, Jan 24 2018)
Bitdefender researchers first spotted the botnet on Jan. 10 before it disappeared for a few days only to return 10 days later in a significantly improved form. Before long, the botnet had spread from Asia to the United States with over 18,000 bots and counting, according to a Bitdefender blog post.

Researchers Connect Lizard Squad to Mirai Botnet (SecurityWeek, Jan 29 2018)
Lizard Squad and Mirai, which are responsible for a series of notorious distributed denial of service (DDoS) attacks, are connected to one another, a recent ZingBox report reveals.

Apple Patches Kernel Flaws in macOS, IOS Security Updates (eWEEK, Jan 30 2018)
Apple addresses multiple security vulnerabilities across its desktop and mobile operating systems, including a backported Meltdown patch for older macOS systems.