A Review of the Best News of the Week on AI, IoT, & Mobile Security
Facebook’s robot coders step into the future of programming (Naked Security – Sophos, Sep 17 2018)
Like a good junior programmer, Facebook’s AI is cutting its teeth with a bit of bug fixing.
California’s Internet of Things cybersecurity bill could lay groundwork for federal action (Washington Post, Sep 18 2018)
California is once again poised to take the lead on important new technology policy. A bill to set cybersecurity standards for Web-connected devices — from thermostats to webcams to cars — is awaiting Gov. Jerry Brown’s (D) signature after cruising through the state legislature late last month. If Brown signs it, California would become the first state to pass legislation to govern security of the Internet of Things…
Beyond deep fakes: Transforming video content into another video’s style, automatically (ScienceDaily, Sep 11 2018)
Researchers have devised a way to automatically transform the content of one video into the style of another, making it possible to transfer the facial expressions of comedian John Oliver to those of a cartoon character, or to make a daffodil bloom in much the same way a hibiscus would.
Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a new way to conduct a strategy assessment.
Deepfake pics and videos set off Facebook’s fake news detector (Naked Security – Sophos, Sep 17 2018)
Facebook will begin officially checking videos and photos for authenticity as part of an expanding effort to stamp out fake news, the company said last week.
MapR introduces 6 new data science offerings to help organizations with their AI journey (Help Net Security, Sep 12 2018)
MapR announced six new data science service offerings to help customers gain immediate value from Machine Learning (ML) and Artificial Intelligence (AI) and expand their competitive edge over competitors, no matter where the customer is in their data science journey.
Urgent Oversight Needed for Police AI (Infosecurity Magazine, Sep 18 2018)
RUSI argued that although machine learning is currently being used in limited scenarios such as supporting custody decisions, there’s potential for a much wider expansion of its role in policing, with forces currently trialing its use in a variety of decision-making processes.
Security Vulnerability in Smart Electric Outlets (Schneier on Security, Sep 12 2018)
A security vulnerability in Belkin’s Wemo Insight “smartplugs” allows hackers to not only take over the plug, but use it as a jumping-off point to attack everything else on the network.
Vizio to send class notices through the TVs that spied on viewers (Naked Security – Sophos, Sep 12 2018)
Millions of smart TVs may soon be forced to admit to viewers that they spied on them, and then sold their data.
Researchers exploring how IoT apps can to imitate human decisions (Help Net Security, Sep 14 2018)
CA Technologies announced its participation in scientific research to discover how Internet of Things (IoT) applications can use a type of AI known as ‘deep learning’ to imitate human decisions. The research will also explore how to prevent that AI-based decisions are not producing biased results.
A closer look at the IT/OT landscape for infosec professionals (Help Net Security, Sep 14 2018)
Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, and Edward Amoroso, CEO of TAG Cyber, talk about the IT/OT landscape and security.
Critical Vulnerability Impacts Hundreds of Thousands of IoT Cameras (SecurityWeek, Sep 18 2018)
A critical vulnerability in NUUO software could allow attackers to remotely view video feeds and tamper with the recordings of hundreds of thousands of surveillance cameras, Tenable reveals.
Google’s Android Team Finds Serious Flaw in Honeywell Devices (SecurityWeek, Sep 17 2018)
Members of Google’s Android team discovered that some of Honeywell’s Android-based handheld computers are affected by a high severity privilege escalation vulnerability. The vendor has released software updates that should address the flaw.
Improved features and security fixes in iOS 12, watchOS 5, tvOS 12, and Safari 12 (Help Net Security, Sep 18 2018)
Apple has released new versions of iOS, watchOS, tvOS and Safari and has plugged a number of security holes in each.
Scan reveals known open source vulnerabilities in popular Android apps (Help Net Security, Sep 12 2018)
Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center for Citizen Research (ACI).
Beware: WhatsApp scammers target children with ‘Olivia’ porn message (Naked Security – Sophos, Sep 12 2018)
Somebody calling themselves “Olivia” is sending WhatsApp messages to kids, claiming to be from a friend of a friend who has a new phone number. However, she soon cuts the small talk short and starts sending links to porn sites.
How to crash and restart an iPhone with a CSS-based web attack (Graham Cluley, Sep 17 2018)
A security researcher has revealed a method of crashing and restarting iPhones and iPads, with just a few lines of code that could be added to any webpage.
91 “child friendly” Android apps accused of exploitation (Naked Security – Sophos, Sep 18 2018)
New Mexico’s AG filed a lawsuit accusing a popular app maker, plus Google’s and Twitter’s ad platforms, of illegally collecting kids’ data.