A Review of the Best News of the Week on AI, IoT, & Mobile Security

Detecting Deep Fakes with a Heartbeat (Schneier on Security, Oct 01 2020)
“Researchers can detect deep fakes because they don’t convincingly mimic human blood circulation in the face:

In particular, video of a person’s face contains subtle shifts in color that result from pulses in blood circulation. You might imagine that these changes would be too minute to detect merely from a video, but viewing videos that have been enhanced to exaggerate these color shifts will quickly disabuse you of that notion. This phenomenon forms the basis of a technique called…”

UK says Huawei coding quality still falls short, as global businesses look toward 5G (SC Media, Oct 01 2020)
The United Kingdom’s official Huawei auditing board claims the beleaguered Chinese telecommunications supplier continues to show “concerning issues” in its approach to software development and data security.

AI email security: Understanding the human behind the keyboard (Darktrace Blog, Oct 01 2020)
Despite organizations adopting ‘secure’ email gateways and extensive employee training, 94% of cyber-attacks still start in the inbox. Cyber AI understands the human beings behind email communications and autonomously responds to anomalous emails it deems malicious, stopping attacks that other tools miss.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Researchers Adapt AI With Aim to Identify Anonymous Authors (Dark Reading, Oct 02 2020)
At Black Hat Asia, artificial intelligence and cybersecurity researchers use neural networks to attempt to identify authors, but accuracy is still wanting.

Progress in implementing ethical and trusted AI-enabled systems still inconsistent (Help Net Security, Oct 05 2020)
COVID-19 has put a spotlight on ethical issues emerging from the increased use of AI applications and the potential for bias and discrimination. A report from the Capgemini Research Institute found that in 2020 45% of organizations have defined an ethical charter to provide guidelines on AI development, up from 5% in 2019, as businesses recognize the importance of having defined standards across industries.

Is IoT vital for the future success of businesses? (Help Net Security, Oct 05 2020)
Vodafone Business launched a report focused on the impact IoT is having on businesses at a time when their digital capabilities are put to the test by the COVID-19 pandemic. The report features responses from 1,639 businesses globally, exploring how they are using IoT and how IoT is helping them be ready for the future. IoT has made the difference for business success

Spawn of Demonbot Attacks IoT Devices (Infosecurity Magazine, Oct 02 2020)
Novel attacker uses Demonbot variant of Mirai malware to attack port 60001

APT‑C‑23 group evolves its Android spyware (WeLiveSecurity, Oct 01 2020)
ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East

Android Camera Bug Under the Microscope (Dark Reading, Oct 05 2020)
Critical Android vulnerability CVE-2019-2234 could enable attackers to take control of a victim’s camera and take photos, record videos, and learn location.

Hackers Inject Skimmer Into Boom! Mobile’s Website (SecurityWeek, Oct 06 2020)
Hackers associated with the “Fullz House” group have compromised the website of Boom! Mobile and planted a web skimmer, Malwarebytes reports.