A Review of the Best News of the Week on AI, IoT, & Mobile Security

The Feds Can Now (Probably) Unlock Every iPhone Model In Existence (Forbes, Feb 27 2018)
Sources say iPhone X and iPhone 8 can already be unlocked via Israeli company Cellebrite, one of America’s favorite contractors.

Why Artificial Intelligence Researchers Should Be More Paranoid (Wired, Feb 20 2018)
The 99-page document unspools an unpleasant and sometimes lurid laundry list of malicious uses of artificial-intelligence technology. It calls for urgent and active discussion of how AI technology could be misused. Example scenarios given include cleaning robots being repurposed to assassinate politicians, or criminals launching automated and highly personalized phishing campaigns.

Anatomy of an Attack on the Industrial IoT (Dark Reading, Feb 22 2018)
Here’s how a knowledgeable outsider can shut down an industrial process using a published industrial control system (ICS) vulnerability in a way that is very difficult to detect.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

AI on-device (CSO Online, Feb 21 2018)
A decentralized approach will allow users to take back ownership of their personal information, while protecting them from major breaches.

How machine learning is shaping the next generation of cloud security (CSO Online, Feb 14 2018)
Security solutions must pivot in order to protect organizations as they move to the cloud.

Companies opted for AI, machine learning for defense, while attackers used encryption in 2017 (SC Magazine, Feb 22 2018)
Cisco’s 2018 Annual Cybersecurity Report showed that 39 percent of organizations are relying on automation, 34 percent are reliant on machine learning, 32 percent are highly reliant on artificial intelligence. But despite using these new measures attacks happened with most totaling about $500,000 in damage being done that include , but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs.

Vectra raises $36M for its AI-based approach to cybersecurity intrusion detection (TechCrunch, Feb 21 2018)
 With the trend of growing cybercrime showing no indication of abating, a startup called Vectra that has built an artificial intelligence-based system called Cognito to detect cyberattacks and mobilise security systems to respond to them has raised $36 million to expand its R&D and business development. This Series D comes on the back of a strong year for the startup, with 181 percent growth… Read More

The future of AI and endpoint security, part 2 (CSO Online, Feb 21 2018)
Do we really have to wait for quantum computing for true security at the endpoint?

Getting Started with IoT Security in Healthcare (Dark Reading, Feb 21 2018)
There’s a hazard that comes with introducing any new element into patient care whether it’s a new drug or a connected device. These four steps will help keep patients safe.

Is the IoT backlash finally here? (Network World Security, Feb 20 2018)
After years of worry, the long-anticipated backlash to the changes wrought by the Internet of Things may finally be arriving. That could be a good thing.

FYI, the OMG Mirai botnet variant turns IoT devices into proxy servers (SC Magazine, Feb 23 2018)
A newly discovered variant of Mirai botnet malware forces infected devices to act as proxy servers capable of protecting the anonymity of cybercriminals engaging in illegal activities.

Insecure CCTV feeds of kids at school are being streamed live online (Naked Security – Sophos, Feb 26 2018)
Video from at least four UK schools is being streamed live online, from outside pick-up points, corridors, playgrounds, and toilets.

Meet The Hackers: A Series On Mobile Malware (Check Point Blog, Feb 26 2018)
Over the past year, every company in the world has experienced a mobile malware attack…In general, there are four types of mobile malware creators…

How one guy could have taken over any Tinder account (but didn’t) (Naked Security – Sophos, Feb 22 2018)
This time, the potential outcome was worse – complete account takeover, with a crook logged in as you – but thanks to responsible disclosure, the hole was plugged before it was publicised.

Mobile Malware Infections Hit 16 Million in Q3 (Infosecurity Magazine, Feb 26 2018)

McAfee claims to have detected 16 million mobile malware infections in the third quarter of 2017, as it predicts a year of threats ahead.

Mobile banking Trojans spread confusion worldwide (Help Net Security, Feb 27 2018)
Consumers around the world that use mobile banking apps are at a greater risk of being tricked by cybercriminals and falling victim to mobile banking theft. This is according to new global research from Avast, which asked almost 40,000 consumers in Spain and eleven other countries around the world to compare the authenticity of official and counterfeit banking application interfaces.