A Review of the Best News of the Week on AI, IoT, & Mobile Security

Attacks against machine learning — an overview (Elie Bursztein – Google, May 31 2018)
This blog post survey the attacks techniques that target AI (artificial intelligence) systems and how to protect against them.

How Mirai spawned the current IoT malware landscape (Help Net Security, Jun 04 2018)
As expected, other malicious actors took it and used it as a base for many malware variants targeting IoT devices.

New security, privacy features in iOS 12 and macOS Mojave (Help Net Security, Jun 05 2018)
Apple has announced a slew of new features for iOS 12 and macOS Mojave (10.14), but also some security and privacy improvements that should make privacy-minded users very happy.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

What is AI? Everything you need to know about Artificial Intelligence (ZDNet, Jun 04 2018)
An executive guide to artificial intelligence, from machine learning and general AI to neural networks.

The Current Limitations and Future Potential of AI in Cybersecurity (SecurityWeek, May 31 2018)
The study focused on facial recognition and tested the accuracy of a group of 184 humans and the accuracy of four of the latest facial recognition algorithms.

Artificial Intelligence And The Future Of Financial Fraud Detection (Forbes, Jun 05 2018)
Specific AI implications could mean increased brand transparency and fraud protection.

What happens if IoT security doesn’t get solved? (Network World Security, Jun 05 2018)

What happens if IoT security doesn’t get solved?
A new Bain & Company report says security concerns are slowing IoT adoption. Is this problem fixable — and what if it isn’t?

NIST Develops Guide to Securely Converting Industrial IoT to Wireless (eWEEK, May 30 2018)
A newly released guide to deploying industrial wireless systems from the National Institute of Standards and Technology provides a solid background for your factory.

Tips for Hardening Networks Against IoT-based DDoS Attacks (SecurityWeek, May 30 2018)
Stopping DDoS attacks is not a matter of improving security of IoT devices. Enterprises need to take responsibility and be better at identifying and preventing DDoS attacks as they happen in real time.

Apple’s iOS 11.4 security update arrives in an iCloud of silence (Naked Security – Sophos, May 31 2018)
We updated to iOS 11.4, because that’s our habit – but Apple still isn’t saying what was fixed yet. How we wish Apple wouldn’t do that!

We found 1 good reason to get the iOS 11.4 update – rogue message handling (Naked Security – Sophos, May 31 2018)
We can’t be sure that Apple set out to fix this flaw, but it looks as though the Messages app is now automatically cutting off long messages to limit the number of invisible Unicode control characters that can be flung at the app.

Ok Google, What’s New in Android Security? (The Duo Blog, May 30 2018)
Google announced the next major version of its Mobile Operating system Android P, advancements in cloud and on-device machine learning and much, much more.

Samsung doesn’t have to offer updates for phones older than two years (Help Net Security, Jun 01 2018)
Dutch consumer protection organization Consumentenbond took Samsung Netherlands to court, arguing that the company should provide updates and upgrades for their telephones “within one month after these become available, for a period of four years after the introduction to the market and/or two years after the time of the sale.”

Mobile users ignore shady app permissions at their own risk, warns NY State Cyber Command (SC Magazine, Jun 01 2018)
Mobile users who download untrustworthy apps on their phone often agree to dangerous permissions requests that give attackers essentially unfettered access to their devices’ data and functions

Google Password Protects Pixel 2 Firmware (SecurityWeek, Jun 04 2018)
Google has made the firmware of Pixel 2 devices resistant to unauthorized attempts to upgrade it by password protecting it.

Drastic changes required to protect mobile users against cyber-attacks (SC Magazine, Jun 04 2018)
Organisational practices and end-user behaviour must both change fast, to deal with rising mobile-focused cyber- attacks, such as phishing, that are now more pervasive than malware.