A Review of the Best News of the Week on AI, IoT, & Mobile Security

As China Marches Forward on A.I., the White House Is Silent (New York Times, Feb 20 2018)
Last summer, China unveiled a plan to become the world’s leader in artificial intelligence, challenging the longtime role of the United States.

IoT Security | NISTIR 8200 in Draft – Act NOW! (Gartner Blog Network, Feb 14 2018)
We knew this was coming, and this is a big day in IoT security and risk management. Let’s explore why it is important for your organization to take action now, and those options.

How a Low-Level Apple Employee Leaked Some of the iPhone’s Most Sensitive Code (Motherboard, Feb 20 2018)
This is how a small group of friends lost control of the leaked iBoot source code. The story behind one of Apple’s most embarrassing leaks.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Gfycat Uses Artificial Intelligence to Fight Deepfakes Porn (Wired, Feb 14 2018)
Created by amateurs, most deepfakes aren’t entirely believable. If you look closely, the frames don’t quite match up; in the below clip, Donald Trump’s face doesn’t completely cover Angela Merkel’s throughout. Your brain does some of the work, filling in the gaps where the technology failed to turn one person’s face into another.

Artificial Intelligence has a dirty little secret – Signature Addiction (SC Magazine, Feb 15 2018)
This exploitation of AI/ML feature selection is not easily fixed, and the only timely solution given the immediacy of malware is the much maligned signature update – a simple fix until the ML can be retrained. It appears that when data is biased, polluted or abused, AI/ML systems, ironically, are signature-dependent, too.

How artificial intelligence stopped an Emotet outbreak (Microsoft, Feb 14 2018)
At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential victims, all of whom were instantly and automatically protected by Windows Defender AV. How did Windows Defender AV uncover the newly launched attack and block it at the outset? Through layered machine learning, including use of both client-side and cloud machine learning (ML) models.

AI and Machine Learning: Breaking Down Buzzwords (Dark Reading, Feb 13 2018)
AI vs. ML: What They Really Mean

New AI technology used by UK government to fight extremist content (Naked Security – Sophos, Feb 14 2018)
The UK Home Office on Monday unveiled a £600,000 artificial intelligence (AI) tool to automatically detect terrorist content. And it won’t rule out forcing big companies like Google and Facebook to use it.

Just How Shallow is the Artificial Intelligence Talent Pool? (IT Pro, Feb 07 2018)
Everyone agrees that the competition to hire people who know how to build artificial intelligence systems is intense. But how scarce AI talent really is has been something of an industry mystery.

How AI will underpin cyber security in the next few years (Computer Weekly, Feb 14 2018)
Cyber security risks are growing in complexity and volume, but artificial intelligence techniques can help businesses track and fight them in real time

This Computer Uses Light—Not Electricity—To Train AI Algorithms (Wired, Feb 20 2018)
Startup Fathom Computing thinks optical computing can extend the gains of Moore’s Law and light the way to the future of artificial intelligence.

How Artificial Intelligence Will Define Cyber Security Over The Coming Years (Business Computing World, Feb 20 2018)
Instead of checking a users identity against predefined credentials, dynamic authentication tools could be used such as using visual or aural clues. AI solutions could go beyond biometrics, and really learn what the user looks like, sounds like and how they behave. This application has the potential to also increase real-time security after a user as logged in. Is the person using the system the same person that logged in? Have they left their desk and someone else is now downloading files?

The Mirai Botnet Is Attacking Again… (Dark Reading, Feb 15 2018)
And the spinoff bots – and all their command and control hostnames buried in the morass of digital data – are hilarious.

IoT botnet bypasses firewalls to get to ZyXEL modems (Help Net Security, Feb 15 2018)
NewSky Security’s honeypots have detected a new IoT botnet in the making. The botnet was named DoubleDoor, as it leverages two distinct backdoors to get to the target: ZyXEL PK5001Z modems.

Can Android for Work Redefine Enterprise Mobile Security? (Dark Reading, Feb 13 2018)
Google’s new mobility management framework makes great strides in addressing security and device management concerns while offering diverse deployment options. Here are the pros and cons.

Mythbusters: The iOS Platform is Secure (Appthority, Feb 14 2018)
Mobile platforms – whether iOS or Android – are inherently insecure. You have to ask, what kind of mobile risks are getting through into my enterprise?

Hidden Cobra malware infects Android devices with RAT, turns Windows machines into proxies (SC Magazine, Feb 14 2018)
The DHS and FBI on Tuesday jointly released two new reports analyzing trojan malware attributed to Hidden Cobra, aka Lazarus group — a threat actor widely believed to be sponsored by the North Korean government.

Innovative and rougher in extortion, threats continued for Android in 2017 (WeLiveSecurity, Feb 19 2018)
Misuse of Android’s Accessibility services – designed to help people with disabilities – has been one of the most cunning additions to the Android ransomware scene. Black-hats have also beefed up their efforts in extorting from victims. Probably one of the most emblematic cases, demonstrating both of these behaviors, was a new ransomware family found by ESET researchers – dubbed DoubleLocker.

Critical Code Execution Flaws Patched in Android (SecurityWeek, Feb 14 2018)
Google this month addressed several critical severity remote code execution (RCE) vulnerabilities in the Android operating system.

Top 10 Mobile App Security Best Practices for Developers (Tripwire, Feb 14 2018)
Here are 10 ways developers can build security into their apps