A Review of the Best News of the Week on AI, IoT, & Mobile Security
Mysterious Bugs Were Used to Hack iPhones and Android Phones (VICE, Nov 10 2020)
Google found at least seven critical bugs being exploited by hackers in the wild. But after disclosing them days ago, the company has yet to reveal key details about who used them and against whom.
New Brazilian Banking Trojan Targets Mobile Users in Multiple Countries (Dark Reading, Nov 09 2020)
Ghimob is a full-fledged spy in your pocket, Kaspersky says.
Police Are Tapping Into Ring Cameras to Expand Surveillance Network In Mississippi (VICE, Nov 06 2020)
The police department in Jackson, Mississippi is partnering with two companies to stream surveillance footage from Ring cameras in a 45-day pilot program.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
How smartphones became IoT’s best friend and worst enemy (Help Net Security, Nov 03 2020)
These days, you’d be hard-pressed to find connected devices that do not come with companion smartphone applications. In fact, it’s very common for contemporary devices to offload most (if not all) of its display to the user handset.
New data shows just how badly home users overestimate IoT security (SC Media, Nov 04 2020)
While the survey was for all adults, not just teleworkers, it shows just how much risk is hiding at home.
Global number of industrial IoT connections to reach 36.8 billion by 2025 (Help Net Security, Nov 04 2020)
The global number of industrial IoT connections will increase from 17.7 billion in 2020 to 36.8 billion in 2025, representing an overall growth rate of 107%, Juniper Research found. The research identified smart manufacturing as a key growth sector of the industrial IoT market over the next five years, accounting for 22 billion connections by 2025.
Americans Confident in IoT Device Security (Infosecurity Magazine, Nov 04 2020)
Americans believe their connected devices are secure despite overlooking basic security hygiene
Guide: Security measures for IoT product development (Help Net Security, Nov 09 2020)
The European Union Agency for Cybersecurity (ENISA) released its Guidelines for Securing the IoT, which covers the entire IoT supply chain – hardware, software and services. Supply chains are currently facing a broad range of threats, from physical threats to cybersecurity threats. Organisations are becoming more dependent than ever before on third parties.
Another Chrome zero-day, this time on Android – check your version! (Naked Security – Sophos, Nov 04 2020)
Another week, another Chrome zero-day, this time on your phone.
Google Patches 30 Vulnerabilities With November 2020 Android Updates (SecurityWeek, Nov 03 2020)
Google this week announced the availability of a new set of monthly patches for the Android operating system, containing fixes for a total of 30 vulnerabilities.
The One Critical Element to Hardening Your Employees’ Mobile Security (Dark Reading, Nov 05 2020)
COVID-19 has exposed longstanding gaps in enterprise mobile security. Creating a comprehensive mobile security plan and mandating compliance with that plan are essential to closing them.
Let’s Encrypt Warns Some Android Users of Compatibility Issues (SecurityWeek, Nov 09 2020)
Let’s Encrypt has warned users whose devices are running older versions of Android that they may start getting errors next year when visiting websites secured by its certificates.
Apple patches three actively exploited zero‑day flaws in iOS (WeLiveSecurity, Nov 07 2020)
The vulnerabilities, which are all being abused for targeted attacks, affect a long list of devices
Update iOS Right Now to Fix Some Bad Security Bugs (Wired, Nov 07 2020)
Plus: Ransomware hits Capcom, the US seizes Iranian domains, and more of the week’s top security news.