A Review of the Best News of the Week on AI, IoT, & Mobile Security

VirusTotal Launches New Android Sandbox (SecurityWeek, Apr 06 2018)
Google-owned VirusTotal announced on Thursday the launch of a new Android sandbox designed to provide detailed information on potential threats targeting the mobile operating system.

DARPA Funding in AI-Assisted Cybersecurity (Schneier on Security, Apr 10 2018)
DARPA is launching a program aimed at vulnerability discovery via human-assisted AI. The new DARPA program is called CHESS (Computers and Humans Exploring Software Security), and they’re holding a proposers day in a week and a half.

Splunk turns data processing chops to Industrial IoT (TechCrunch, Apr 10 2018)
Splunk has always been known as a company that can sift through oodles of log or security data and help customers surface the important bits. Today, it announced it was going to try to apply that same skill set to Industrial Internet of Things data.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Malicious IoT hackers have a new enemy (Network World Security, Apr 06 2018)
A robot called HoneyBot, designed by researchers at Georgia Tech’s School of Electrical and Computer Engineering, can fool bad actors into believing they have compromised an IoT device and send alerts of the attack to hasten defensive response.

A Long-Awaited IoT Crisis Is Here, and Many Devices Aren’t Ready (Wired, Apr 09 2018)
Some network communication protocol vulnerabilities have been known for more than a decade and still aren’t fixed. Now they’re being exploited.

2.7 Million UK Businesses Wide Open to IoT Hacks (Infosecurity Magazine, Apr 04 2018)
Half of UK businesses don’t update default passwords on IoT devices when they are added to corporate networks.

IoT Security Firm Red Balloon Raises $22 Million (SecurityWeek, Apr 04 2018)
Red Balloon Security, a provider of embedded device security solutions, announced on Wednesday that it has secured $21.9 million through a Series A funding round led by Bain Capital Ventures.

Mirai-Variant IoT Botnet Used to Target Financial Sector in January 2018 (Recorded Future, Apr 05 2018)
Insikt Group assesses that a Mirai botnet variant, possibly linked to the IoTroop or Reaper botnet, was utilized in attacks on at least one company, and probably more, in the financial sector in late January 2018.

Hospitals Exposed by Connected Devices (Infosecurity Magazine, Apr 06 2018)
At any one time the world’s connected hospitals could be running as many as 80,000 exposed devices, putting hospital operations, data privacy and patient health at risk, according to Trend Micro.

Israeli IoT cybersecurity co Armis raises $30m (Globes, Apr 09 2018)
Armis has developed a technology platform that allows enterprises to see and control compromised and unmanaged devices and rogue networks.

6 Myths About IoT Security (Dark Reading, Apr 09 2018)
Here are common misconceptions about these securing these devices – and tips for locking them down.

Fake AV Investigation Unearths KevDroid, New Android Malware (Talos Cisco Blog, Apr 02 2018)
Talos identified two variants of the Android Remote Administration Tool (RAT) with the capability to steal information on the compromised device (contacts, SMS and phone history) and record phone calls.

Reaper Group’s Updated Mobile Arsenal (Palo Alto Networks, Apr 10 2018)
Unit 42 examines the Reaper Group’s updated mobile arsenal, including a Bitcoin Ticker Widget and a PyeongChang Winter Games application.

Google’s 2017 Android Security Report Shines Light on ExpensiveWall (Check Point, Apr 05 2018)
Google notes the technical sophistication of ExpensiveWall, and that unlike the other malware highlighted in the report, the outbreak was concentrated primarily in Europe. ExpensiveWall spread through 50 apps on Google Play, reaching between 5.9M and 21.1M downloads.

89% of Android Users Didn’t Consent to Facebook Data Collection (Dark Reading, Apr 10 2018)
A new survey shows most Android users did not give Facebook permission to collect their call and text data.

Major uptick in mobile phishing URL click rate (Help Net Security, Apr 10 2018)
In a study of Lookout users, more than half clicked mobile phishing URLs that bypassed existing security controls. Since 2011, Lookout has observed this mobile phishing URL click rate increase 85 percent year-over-year.

Brazilian Criminals Use HTTP Injectors to Gain Free Mobile Internet Access (Infosecurity Magazine, Apr 09 2018)
The injectors modify HTTP headers on network requests with malicious code; the code then tricks captive portals into connecting to the internet.

China forces spyware onto Muslim’s Android phones, complete with security holes (Graham Cluley, Apr 10 2018)
The Chinese have demanded that some eight million Uyghurs, a Turkic ethnic group, install a spyware app known as JingWang Weishi their Android smartphones.