A Review of the Best News of the Week on AI, IoT, & Mobile Security

2019 Mobile Threat Predictions – Smishing (Avast Blog, Jan 15 2019)
Smishing is phishing via SMS with the goal of encouraging victims either into giving up personal information or installing spyware. We now expect smishing to become a major new attack vector when it comes to delivering mobile malware on both iOS and Android operating systems..

Some Android apps are secretly sharing your data with Facebook (Naked Security – Sophos, Jan 09 2019)
Apps have been secretly sharing usage data with Facebook, even when users are logged – or don’t have an account at all.

Facial and emotional recognition; how one man is advancing artificial intelligence (CBS News, Jan 14 2019)
Scott Pelley reports on the developments in artificial intelligence brought about by venture capitalist Kai-Fu Lee’s investments and China’s effort to dominate the AI field

Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a new way to conduct a strategy assessment.

The Weaponization Of Artificial Intelligence (Forbes, Jan 14 2019)
Weaponized artificial intelligence is almost here. As algorithms begin to change warfare, the rise of autonomous weapons systems is becoming a terrifying reality.

Artifical Intelligence in Cybersecurity Is Vulnerable (SC Magazine, Jan 15 2019)
So, you might ask, what is the actual potential for bringing a seemingly robust AI detection system to its knees? It doesn’t take much, in fact. In one study, malware that was detected 99% of the time was now accepted as benign 99% of the time. In this example, only 11 features out of 700 per malware sample were changed.

Cutting Through the Jargon of AI & ML: 5 Key Issues (Dark Reading, Jan 09 2019)
When looking at the artificial intelligence (AI) and machine learning (ML) components of information security products, it’s easy to get overwhelmed by the glut of marketing buzzwords. As a decision maker, how do you cut through the jargon to fully understand what you’re purchasing?

How edge computing can help secure the IoT (Network World, Jan 10 2019)
IoT security could shift to the network level, especially the edge, as the need for data anonymization and customized security becomes essential.

Amazon’s Ring allegedly let employees access customer live video feeds (SC Magazine, Jan 11 2019)
Amazon’s Ring devices reportedly granted the company’s Ukraine-based research and development team as well as U.S. executives and engineers virtually unfettered round the clock access to live feeds from some customer’s cameras, claims which Ring denies.

IoT weaknesses leave hot tub owners in deep water (Naked Security – Sophos, Jan 09 2019)
It looks as if at least one hot tub maker has left robust security off the to-do list.

Consumers Demand Security from Smart Device Makers (Dark Reading, Jan 10 2019)
Poll shows individuals want better security from IoT device manufacturers as connected products flood the market.

IoT Community announces formation of Security, Privacy & Trust IoT Center of Excellence (SPTIoTCoE) (Help Net Security, Jan 13 2019)
The IoT Community (Internet of Things Community) unveiled the formation of its security, privacy and trust focused IoT Center of Excellence (SPTIoTCoE)…

Top 10 IoT vulnerabilities (Network World, Jan 14 2019)
Everyone knows security is a big issue for the Internet of Things, but what specifically should we be most afraid of? OWASP identifies the top 10 vulnerabilities.

Schneider Electric Vehicle Charging Stations Exposed to Hacker Attacks (SecurityWeek, Jan 14 2019)
EVlink Parking electric vehicle charging stations made by Schneider Electric are affected by vulnerabilities that can be exploited remotely to take control of the devices.

Nearly Half of Organizations Can’t Tell If Their IoT Devices Were Breached, Finds Study (Gemalto, Jan 15 2019)
Gemalto surveyed 950 IT and business decision makers globally for its report, The State of IoT Security.

85 adware apps pose as game, TV, and remote control simulator apps in Google Play (SC Magazine, Jan 08 2019)
Across the globe, adware disguised as 85 game, TV, and remote control simulator apps in the Google Play store have been downloaded nine million times. Trend Micro researchers spotted the adware which has the ability to display full-screen sized ads, hide itself, monitor a device’s screen unlocking functionality and run in the device’s background…

Google Patches Critical Vulnerability in Android (SecurityWeek, Jan 09 2019)
Google this week released its first set of security patches for Android in 2019, with fixes for more than two dozen vulnerabilities.