A Review of the Best News of the Week on AI, IoT, & Mobile Security
That no-click iOS 0-day reported to be under exploit doesn’t exist (Ars Technica, Apr 24 2020)
Apple says…and other critics also question evidence and say 0day may have been confused with simple bug.
Researchers Say They Caught an iPhone Zero-Day Hack in the Wild (VICE, Apr 22 2020)
The attack shows, once again, that iPhones can be hacked. But there’s no reason to panic yet.
Chinese Threat Actor Targets Uyghurs With New iOS Exploit (SecurityWeek, Apr 23 2020)
A Chinese threat actor tracked as Evil Eye has updated the tools it uses to target Uyghurs, a minority Turkic ethnic group in the Xinjiang Uyghur Autonomous Region in Northwest China, incident response and threat intelligence firm Volexity reports.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
What is the impact of AI and ML tools on cybersecurity? (Help Net Security, Apr 21 2020)
89% of IT professionals believe their company could be doing more to defend against cyberattacks, with 64% admitting they are not sure what AI/ML means – despite increased adoption at a global scale, Webroot reveals.
IT Science Case Study: Using AI to Quickly Resolve Enterprise IT Issues (eWEEK, Apr 28 2020)
automate 95% of password resets;
resolve 84% of employees’ IT support questions; and
automatically handle 20% of all IT issues (and rising) with no agent intervention.
Let’s be realistic about our expectations of AI (Help Net Security, Apr 23 2020)
Pop culture contains no shortage of intelligent robots. When the tool became viable and widely available in real life, people brought a number of enthusiastic but unrealistic expectations to the table. Unfortunately, Amazon’s Alexa isn’t as smart as HAL 9000, and a Roomba can’t clean your home like the Jetsons’ metallic maid, Rosie.
Using Machine Learning to Drive Business Value (eWEEK, Apr 27 2020)
When paired with a persistent, real-time, single customer record, AI and automated machine learning platforms can be utilized to meet those business goals, increase revenue and fundamentally change the way brands communication with customers.
Multiple vulnerabilities discovered in smart home devices (Help Net Security, Apr 22 2020)
ESET researchers found serious security vulnerabilities in three different home hubs: Fibaro Home Center Lite, HomeMatic Central Control Unit (CCU2) and eLAN-RF-003. Some of the flaws could be misused by an attacker to perform MitM attacks, eavesdrop on the victim, create backdoors, or gain root access to some of the devices and their contents.
Healthcare IT workers struggle to secure IoT devices during COVID-19 (SC Media, Apr 21 2020)
Ventilators and respirators, on the front line against the respiratory symptoms often deadly for coronavirus patients, may seem like natural points of vulnerability for medical organizations, but the real threats come from the flood of high-tech IoT medical equipment that must be integrated into a network and properly secured from attack.
Serious flaws found in multiple smart home hubs: Is your device among them? (WeLiveSecurity, Apr 22 2020)
In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them
FCC Expands Vast Quantities of Spectrum to WiFi and Other Uses (eWEEK, Apr 24 2020)
1200 megahertz of new spectrum will be a game changer for WiFi in general and for business users who need it for IoT, network backbones and manufacturing.
Mobile Industry Teams Up to Deny #COVID19 Smishers (Infosecurtity Magazine, Apr 23 2020)
SMS SenderID Protection Registry helps organizations protect their texts
Buying a secondhand device? Here’s what to keep in mind (WeLiveSecurity, Apr 22 2020)
If you’re trying to be responsible towards the planet, also be responsible to yourself and take these steps so that the device doesn’t end up costing you more than you’ve saved
EE warns of ‘risk to human life’ as 53 masts now attacked by ‘mindless’ 5G conspiracy theory arsonists (The Sun, Apr 24 2020)
Reckless conspiracy theorists pose a “risk to human life” by burning down phone masts, EE has warned. It comes as arsonists who falsely believe 5G caused coronavirus have attacked 53 ne…