A Review of the Best News of the Week on AI, IoT, & Mobile Security
To Fight Deepfakes, Researchers Built a Smarter Camera (Wired, May 28 2019)
One way to tell if an image has been faked? Bake the tamper-proofing into the camera itself.
Google-protected mobile browsers were open to phishing for over a year (Naked Security – Sophos, May 28 2019)
Researchers revealed a massive hole in Google Safe Browsing’s mobile browser protection that existed for over a year.
US May Ban Chinese Surveillance Camera Companies (Infosecurity Magazine, May 22 2019)
Several of China’s surveillance camera companies may be added to the US Entity List.
One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Volume and quality of training data are the largest barriers to applying machine learning (Help Net Security, May 28 2019)
IDC predicts worldwide spending on artificial intelligence (AI) systems will reach $35.8 billion in 2019, and 84% of enterprises believe investing in AI will lead to greater competitive advantages (Statista). However, nearly eight out of 10 enterprise organizations currently engaged in AI and machine learning (ML) report that projects have stalled, and 96% of these companies have run into problems with data quality, data labeling required to train AI, and building model confidence, according to Alegion.
Consumer IoT Devices Are Compromising Enterprise Networks (Dark Reading, May 22 2019)
While IoT devices continue to multiply, the latest studies show a dangerous lack of visibility into those connected to enterprise networks.
IoT Attacks Cost UK Firms Over £1bn (Infosecurity Magazine, May 24 2019)
Irdeto report reveals impact of customer data loss and attrition
Study: Most enterprise IoT transactions are unencrypted (Network World Security, May 23 2019)
The research by cloud-based security provider Zscaler found that about 91.5 percent of transactions by internet of things devices took place over plaintext, while 8.5 percent were encrypted with SSL. That means if attackers could intercept the unencrypted traffic, they’d be able to read it and possibly alter it.
Unlucky 13: Mirai variant uses baker’s dozen of exploits to compromise IoT devices (SC Magazine, May 24 2019)
Researchers at Trend Micro have discovered another new variant of Mirai botnet malware that uses a unique combination of 13 exploits designed to hijack IoT devices.
It’s not just WhatsApp, most messaging apps likely have security vulnerabilities (CNBC, May 22 2019)
“Pretty much the entire suite of apps that ‘talk’ over the internet could be vulnerable,” said Tom Uren, a senior analyst at the Australian Strategic Policy Institute’s International Cyber Policy Centre.
Fake cryptocurrency apps on Google Play try to profit on bitcoin price surge (Ars Technica, May 23 2019)
Researchers uncover two purported wallets uploaded after bitcoin prices rise.
Snapchat Employees Abused Data Access to Spy on Users (Vice, May 28 2019)
Multiple sources and emails also describe SnapLion, an internal tool used by various departments to access Snapchat user data.
Some Androids don’t call 911 when you tell them to call an ambulance (Naked Security – Sophos, May 22 2019)
Sometimes you get a list of ambulance companies, sometimes a blog post on when it’s OK to call an ambulance.
Mobile Banking Malware Rose 58% in Q1 (Infosecurity Magazine, May 23 2019)
Nearly 30k variants of banking Trojans have been detected so far this year, says Kaspersky Lab.
Apple Agrees to Tell Users If an iOS Update Will Slow Down Their iPhones (VICE, May 23 2019)
A watchdog group in the United Kingdom got Apple to agree to tell users when its software updates will affect device performance.
Bittium Tough Mobile 2: Smartphone with multilayered security structure (Help Net Security, May 27 2019)
The core of the information security of the new Bittium Tough Mobile 2 is its multilayered security structure, which is based on the hardened Android 9 Pie operating system, unique hardware solutions, and the information security features and software integrated in the source code. T