A Review of the Best News of the Week on AI, IoT, & Mobile Security
US ‘unprepared’ to defend against new AI threats, report finds (The Hill, Mar 01 2021)
The federal government is “unprepared” to defend the nation against new threats posed by the increased adoption of artificial intelligence technologies, according to a report released Monday.
The report, compiled by the National Security Commission on Artificial Intelligence, recommended that the U.S. implement a “significant change” to keep up with countries such as China and Russia in the field of AI to address national security concerns.
Cybersecurity researchers build a better ‘canary trap’ (ScienceDaily, Mar 02 2021)
This new tool uses an artificial intelligence system to generate fake documents that foil IP theft by fooling adversaries.
New Jailbreak Tool Works on Most iPhones (Dark Reading, Mar 01 2021)
The Unc0ver team has released a tool that works on iOS 11 and later, and exploits a vulnerability that was recently under attack.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
AI Panel Urges US to Boost Tech Skills Amid China’s Rise (SecurityWeek, Mar 01 2021)
An artificial intelligence commission led by former Google CEO Eric Schmidt is urging the U.S. to boost its AI skills to counter China, including by pursuing “AI-enabled” weapons – something that Google itself has shied away from on ethical grounds.
Juniper Networks on the Importance of AI in Networking (eWEEK, Feb 26 2021)
In March 2019, Juniper Networks announced it was acquiring Mist Systems, one of the pioneers in cloud-managed WiFi. While there were other cloud WiFi vendors in the mix, what made Mist stand out was that its solution is powered by artificial intelligence (AI), emphasizing the importance of AI in networking.
IoT security tips and a cautionary tale (Network World Security, Feb 24 2021)
You will have more connected devices than ever on your network in 2021, especially if you’re in healthcare, retail, or logistics, industries that are among the early adopters of the Internet of Things (IoT).
Infrastructure breaches show the importance of locking down IoT systems (SC Media, Feb 24 2021)
A few years ago hackers entered an unnamed casino’s data network by exploiting IoT devices in a lobby fish tank. Today’s columnist, Ian Ferguson of Lynx Software Technologies, offers advice on how to lock down IoT systems.
Alexa Skills: Security gaps and data protection problems (Help Net Security, Mar 02 2021)
With the voice commands “Alexa Skills,” users can load numerous extra functions onto their Amazon voice assistant. Amazon screens special voice assistant functions for security. However, scammers can circumvent this check.
Android users now have an easy way to check the security of their passwords (Ars Technica, Feb 24 2021)
Feature checks user credentials against a list of billions of compromised passwords.
Popular password manager in the spotlight over web trackers (WeLiveSecurity, Mar 01 2021)
While the trackers in LastPass’ Android app don’t collect any personal data or passwords, the news may not sit well with some privacy-minded users
Huawei 5G, The UK Gets A Lesson In Go (Privacy, Power, & Protection In The Cyber Century, Feb 28 2021)
This post was circulated privately in April 2020. Three months later the government announced that Huawei 5G equipment will be removed from the UK by 2027, a reversal of their previous position. I’ve updated the timeline with that development. Otherwise, the text is almost unchanged from the original. Keep that in mind.
Google Patches Critical Remote Code Execution Vulnerability in Android (SecurityWeek, Mar 02 2021)
Google this week announced the release of patches for 37 vulnerabilities as part of the Android security updates for March 2021, including a fix for a critical flaw in the System component.