A Review of the Best News of the Week on AI, IoT, & Mobile Security
Mobile Health Apps Found to Expose Records of Millions of Users (SecurityWeek, Feb 11 2021)
An analysis of 30 popular mobile health (mHealth) applications has revealed that all of them expose the full patient records of millions of people.
With Trump gone, Huawei tells Biden it’s not a security threat (Ars Technica, Feb 10 2021)
With a new president in town, Huawei CEO says he would welcome friendlier relations.
Prosecutors Suspend Government Spyware Used in WhatsApp Phishing Attacks (VICE, Feb 10 2021)
Because of a serious malfunction, prosecutors in Italy suspend the use of a spyware used to go after organized crime, according to two sources with knowledge of the case.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Artificial emotional intelligence: a safer, smarter future with 5G and emotion recognition (ScienceDaily, Feb 13 2021)
The combination of new 5G communication technologies with AI-based systems are ushering in a ‘smart generation’ of vehicles, drones, and even entire cities. Now, researchers take things one step further by introducing a 5G-assisted emotion detection system that uses wireless signals and body movement. In their latest publication, they outline its working principle, application prospects, and potential security threats, highlighting the need for a robust, impregnable AI algorithm to drive it.
IoT Security Firm Armis Raises $125 Million at $2 Billion Valuation (SecurityWeek, Feb 10 2021)
Enterprise IoT security company Armis on Wednesday announced another major funding round that brings its valuation to $2 billion.
Vulnerabilities in widely used TCP/IP stacks open IoT, OT devices to attack (Help Net Security, Feb 11 2021)
Forescout researchers have discovered nine vulnerabilities affecting nine different TCP/IP stacks widely used in IoT and OT devices. The vulnerabilities are due to weak Initial Sequence Number (ISN) generation, and could be exploited to mount limited DoS attacks against the vulnerable devices, to inject malicious data on a device, or to bypass authentication.
5G experimentation and security grows in govt, military sectors (Help Net Security, Feb 10 2021)
Spirent Communications released its 5G outlook report, based on analysis and takeaways from over 600 global 5G engagements in 2020. The report provides insights from across the 5G eco-system on the current status of 5G, illustrating the accelerated timetables from service providers in upgrading to 5G standalone (SA) with the new 5G Core, and revealing how 5G is driving new initiatives and sector engagements.
Newly Discovered Android Spyware Linked to State-Sponsored Indian Hackers (SecurityWeek, Feb 11 2021)
Researchers at mobile security firm Lookout have published information on two recently discovered Android spyware families employed by an advanced persistent threat (APT) group named Confucius.
Several Vulnerabilities Found in Popular File Sharing App SHAREit (SecurityWeek, Feb 16 2021)
Researchers have discovered several vulnerabilities in the SHAREit Android application, including flaws that could expose sensitive user data and allow remote code execution.