A Review of the Best News of the Week on AI, IoT, & Mobile Security

How to Keep Facebook From Detecting Fake Accounts in Leaked Manual (VICE, Sep 22 2020)
A leaked manual from Blackdot Solutions, a British company that offers social media monitoring services, included a step-by-step guide on how to create fake profiles on Facebook and LinkedIn.

Oracle will inherit TikTok security, privacy headaches (SC Media, Sep 17 2020)
By partnering with the popular Chinese videosharing platform TikTok, Oracle will inherit a laundry list of security and privacy issues once the deal is approved, as soon as Sept. 20, by TikTok parent company ByteDance. TikTok boasts 100 million users in the U.S. and 689 million globally.

It’s Impossible for You to Know Which Apps Sell Your Location Data to Trump (VICE, Sep 18 2020)
The Trump campaign paid $4 million to a data broker called Phunware, which collects your sensitive data from dozens of apps.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~16,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Deepfake Detection Poses Problematic Technology Race (Dark Reading, Sep 18 2020)
Experts hold out little hope for a robust technical solution in the long term.

Defending Against Deepfakes: From Tells to Crypto (Dark Reading, Sep 21 2020)
Detecting doctored media has become tricky — and risky — business. Here’s how organizations can better protect themselves from fake video, audio, and other forms of content.

Will federal IoT legislation nudge business standards? Lawmakers say maybe (SC Media, Sep 15 2020)
Discussing the new bill, Sen. Mark Warner, D-Va., noted the lack of security baked into IoT products could have broad national effects.

U.S. House Passes IoT Cybersecurity Bill (SecurityWeek, Sep 16 2020)
The U.S. House of Representatives this week passed the IoT Cybersecurity Improvement Act, a bill whose goal is to improve the security of IoT devices.

Mozi Botnet Accounted for Majority of IoT Traffic: IBM (SecurityWeek, Sep 19 2020)
Mozi, a relatively new botnet, has fueled a significant increase in Internet of Things (IoT) botnet activity, IBM reported this week.

Firefox Flaw Allowed Hackers to Remotely Open Malicious Sites on Android Phones (SecurityWeek, Sep 21 2020)
A vulnerability identified in Firefox for Android could have been exploited to remotely open arbitrary websites on a targeted user’s phone without the need to click on links, install malicious applications, or conduct man-in-the-middle (MitM) attacks.

Mozilla fixes flaw that let attackers hijack Firefox for Android via Wi‑Fi (WeLiveSecurity, Sep 22 2020)
Attackers could have exploited the flaw to steal victims’ login credentials or install malware on their devices

Mobile messengers expose billions of users to privacy attacks (Help Net Security, Sep 17 2020)
Popular mobile messengers expose personal data via discovery services that allow users to find contacts based on phone numbers from their address book, according to researchers. When installing a mobile messenger like WhatsApp, new users can instantly start texting existing contacts based on the phone numbers stored on their device. For this to happen, users must grant the app permission to access and regularly upload their address book to company servers in a process called …

Ongoing and initial costs top list of barriers to 5G implementation (Help Net Security, Sep 17 2020)
5G is set to deliver higher data transfer rates for mission-critical communications and will allow massive broadband capacities, enabling high-speed communication across various applications such as the Internet of Things (IoT), robotics, advanced analytics and artificial intelligence. According to a study from CommScope, only 46% of respondents feel their current network infrastructure is capable of supporting 5G, but 68% think 5G will have a significant impact on their agency operations within…

Whitepaper: Mobile banking regulations, threats and fraud prevention (Help Net Security, Sep 20 2020)
The usage of banking services through a mobile app has quickly been embraced by consumers. At the end of 2019, 74% of the UK and 75% of the US people used mobile devices to manage their finances. To stay ahead of the competition, banks have developed mobile applications offering a wide variety of services to their clients.

The iOS 14 Privacy and Security Features You Should Know (Wired, Sep 20 2020)
The latest update for your iPhone and iPad will make them safer than ever.

A tip from a kid helps detect iOS and Android scam apps’ 2.4 million downloads (Ars Technica, Sep 22 2020)
Smartphone apps raked in ~$500,000, in part thanks to shilling on TikTok and Instagram.

iOS 14: New privacy and security features (Help Net Security, Sep 22 2020)
Apple has released iOS 14, with a bucketload of new and improved functional features and a handful of privacy and security ones. New privacy and security features in iOS 14 The new iOS will tell you when an app is using your camera or microphone It will show an indicator dot (green for when camera or camera+microphone is in use, orange for microphone) in the top right part of the device’s screen.

DaaS, BYOD, leasing and buying: Which is better for cybersecurity? (Help Net Security, Sep 22 2020)
In the digital age, staff expect employers to provide hardware, and companies need hardware that allows employees to work efficiently and securely. There are already a number of models to choose from to purchase and manage hardware, however, with remote work policies becoming more popular, enterprises have to prioritize cybersecurity when making their selection.