A Review of the Best News of the Week on AI, IoT, & Mobile Security

Timehop Data Breach Hits 21 Million Users (SecurityWeek, Jul 09 2018)
New York-based Timehop has created an application that shows users the photos, videos and posts they shared on the current day in previous years on Facebook, Instagram, Twitter and other websites.

The Ability to Fake Voice and Video is About to Change Everything (Daniel Miessler, Jul 09 2018)
“Most people think the way AI is going to significantly impact society is by taking all our jobs or creating robots that try to kill everyone. But while we focus on all the distant or unlikely impacts of artificial intelligence we’re about to get completely blindsided by a very real and practical one.”

ZTE appoints new C-suite to comply with U.S. settlement, resumes some operations (SC Magazine, Jul 05 2018)
ZTE tapped Xu Ziyang as CEO, replacing Zhao Xianming, and other executives, in an attempt to comply with the terms of a settlement that would lift a seven-year ban imposed by the U.S. in April.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Google says no, Duplex AI won’t take over human call centers (CNET, Jul 10 2018)
Reports claimed that one company is looking to use the tech for customer service, but Google denies this.

Inside the creepy and impressive startup funded by the Chinese government that is developing AI that can recognize anyone, anywhere (Business Insider, Jul 10 2018)
Inside the creepy and impressive startup funded by the Chinese government that is developing AI that can recognize anyone, anywhere

Global revenue from the IoT and analytics for utilities market is expected to grow (Help Net Security, Jul 06 2018)
The utilities industry is attempting to leverage a plethora of generating assets, transmission and distribution system equipment, and smart meters connected to the grid, creating large amounts of data. However, the IoT has invaded their space, according to Navigant Research.

Smart TVs are spying on you through your phone (Naked Security – Sophos, Jul 09 2018)
Smart TVs in millions of homes are using other devices on the same network in order to snitch on everything you watch and everywhere you go.

Unpatched ABD gateways and routers vulnerable to jailbreak, remote access attacks (SC Magazine, Jul 06 2018)
Broadband gateways and routers from Swiss vendor ABD that are based on the Epicentro platform are vulnerable to three vulnerabilities…

Fitness app Polar Flow reveals home addresses of soldiers, spies (Help Net Security, Jul 09 2018)
By perusing the Polar Flow user activity map, using information provided by the users themselves in their profile (photo, name, city) and combining it with other information that can be found on the Internet, the researchers identified military and intelligence personnel by name and discovered where they live.

Hidden malware in Fortnite cheating app shells gamers with barrage of ads (SC Magazine, Jul 03 2018)
Gamers who recently downloaded a Fortnite cheating app in order to gain an unfair advantage over fellow players found they had a hard time surviving a barrage of malicious ads that followed.

Samsung glitch randomly sends users pictures to contacts (SC Magazine, Jul 03 2018)
A glitch in Samsung’s Messaging app is causing user’s phones to quietly send picture messages to random contacts without leaving a trace on the sender’s phone.

How the Pentagon Keeps Its App Store Secure (Wired, Jul 03 2018)
To keep malware at bay, the GEOINT App Store has created a screening process that no commercial platform could ever match.

Your smartphone can watch you if it wants to, study finds (Naked Security – Sophos, Jul 05 2018)
Internet users have grown used to the idea that they can be tracked and profiled as they browse the web, but what about the specific risks of smartphones?

Five tips for pentesters in iOS (WeLiveSecurity, Jul 05 2018)
1 – Put yourself in the shoes of the programmer, 2 – Get the source code, 3 – Keep in mind the weak points of the language, 4 – Identify the possible reuse of vulnerable code, and 5 – Use two testing teams: one with jailbreak and the other with factory

How to Check App Permissions on iOS, Android, Windows, and macOS (Wired, Jul 05 2018)
It’s never a bad time to audit your app permissions. In fact, it’s more important than ever.

Google Fixes Critical Android Vulnerabilities (SecurityWeek, Jul 05 2018)
Google this week released its July 2018 set of Android patches to address tens of vulnerabilities in the mobile operating system, including several rated as Critical.

Android devices with pre-installed malware sold in developing markets (Help Net Security, Jul 09 2018)
New low-end Android smartphone devices being sold to consumers in developing markets, many of whom are coming online for the first time, contain pre-installed malware, according to Upstream.

Apple iOS 12 Security: All the Improvements Coming to Your iPhone (Wired, Jul 08 2018)
From hacking protections to smarter two-factor authentication, Apple’s iOS 12 will lock down your iPhone better than ever.