A Review of the Best News of the Week on AI, IoT, & Mobile Security

Telefonica breach leaves data on millions exposed (SC Magazine, Jul 16 2018)
Hackers exploited a flaw at Spanish operator Telefonica early Monday and likely exposed all the personal data of millions of the company’s customers.

How to spoof someone’s GPS navigation to send them the wrong way (Naked Security – Sophos, Jul 17 2018)
Researchers have for the first time demonstrated that it’s possible to spoof turn-by-turn GPS road navigation to send users to specific wrong locations.

Advanced Mobile Malware Campaign in India uses Malicious MDM (Cisco, Jul 17 2018)
Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Artificial Intelligence and Machine Learning: A New Approach to API Security (PingTalk, Jul 03 2018)
Artificial intelligence can be used to identify and block API cyberattacks by learning the range of normal patterns of behavior in each API and across your API environment over time, taking into account multiple levels of context.

IoT search engine exposes passwords of over 30,000 vulnerable DVRs (Graham Cluley, Jul 16 2018)
Vulnerabilities in the Chinese manufacturer’s DVRs were first brought to light five years ago, but although patches have been available for years it is clear that tens of thousands of devices have still not had their firmware updated.

Accenture Touchless Testing Platform integrates AI technology (Help Net Security, Jul 13 2018)
Accenture has acquired an artificial intelligence (AI) technology from Real Time Analytics Platform. The technology will be integrated into the Accenture Touchless Testing Platform, strengthening its analytics and cognitive capabilities. Terms of the deal were not disclosed.

Cylance releases Cylance Smart Antivirus (Help Net Security, Jul 13 2018)
Cylance launched Cylance Smart Antivirus, AI-powered antivirus software designed for consumers. By extending the enterprise-grade AI of CylancePROTECT into the home, Cylance provides internet users with security software that predicts and blocks threats.

How Elucd’s ‘Sentiment Meter’ Helps Cops in LA and NYC Understand Their Precincts (Wired, Jul 16 2018)
Cops in LA, NYC, and beyond are using software from Elucd to figure out how the sentiments of the people they protect.

Hide ‘N Seek IoT Botnet Can Infect Database Servers (SecurityWeek, Jul 10 2018)
A peer-to-peer (P2P) botnet, Hide ‘N Seek has continued to evolve, and is currently targeting even more vulnerabilities than before. The botnet now also includes exploits for AVTECH devices (webcam) and Cisco Linksys routers.

IoT security spend to reach $6 billion by 2023 (Help Net Security, Jul 13 2018)
It highlighted rapid growth, with spending by product and service providers (in consumer markets) and end-customers (in industrial and public services markets) to rise nearly 300% over the forecast period.

How Blockchain Can Secure Supply Chains, IoT Devices, and More (eWEEK, Jul 17 2018)
Blockchain is hands down the technology buzzword of 2018. But the distributed digital ledger can lead to better supply chains, more secure IoT networks, and more reliable DNS.

New iOS security feature can be defeated by a $39 adapter… sold by Apple (Graham Cluley, Jul 10 2018)
USB Restricted Mode is designed to disable an iPhone or iPad’s Lightning port, preventing it from transferring data, one hour after the device was last locked.

Your Google phone will soon screen nuisance calls (Naked Security – Sophos, Jul 12 2018)
Google is reportedly adding a new feature to its phone app that will please phone users – built-in screening for nuisance callers.

How the US Government Planted ‘Spy Phones’ on Suspects (Wired, Jul 13 2018)
In at least one instance, DEA agents sold an encrypted BlackBerry to a suspected drug smuggler—and kept the encryption key.

26,000 electronic devices are lost on London Transport in one year (Help Net Security, Jul 17 2018)
The data revealed that the most lost device was mobiles – topping the list with a staggering 23,453 devices handed in to TFL lost property in the last year. The second largest is laptops with a total of 1,155 lost, after that it is tablet computers at 1,082 devices lost. 568 eReaders were reported to be lost, 10 drones and four Amazon Echos.

Guy jailed for refusing to unlock phones (Naked Security – Sophos, Jul 17 2018)
The phones are new, he said, and he can’t remember the passcodes.