A Review of the Best News of the Week on AI, IoT, & Mobile Security

A Hacker Got All My Texts for $16 (VICE, Mar 16 2021)
A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages.

Malware Operator Employs New Trick to Upload Its Dropper into Google Play (Dark Reading, Mar 10 2021)
Check Point researchers recently discovered the Clast82 dropper hidden in nine legitimate Android utility apps.

White House Weighs New Cybersecurity Approach After Failure to Detect Hacks (NYTimes, Mar 14 2021)
White House Weighs New Cybersecurity Approach After Failure to Detect Hacks  The New York Times

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

The AI-Enabled Cameras Surveilling Towns Across America‬ (VICE, Mar 12 2021)
On CYBER we talk about how Flock, an unknown surveillance-camera company, is becoming a major tool of American police.

Hackers access security cameras inside Cloudflare, jails, and hospitals (Ars Technica, Mar 10 2021)
Cloud-based camera service Verkada exposed hardcoded password—and its customers.

Call Recorder iPhone App Flaw Uncovered (Dark Reading, Mar 10 2021)
Researcher finds thousands of recorded calls easily accessible to others.

COVID-19 Contact-Tracing Apps Signal Broader Mobile App Security Concerns (Dark Reading, Mar 09 2021)
The rapid launch of contract-tracing apps to control COVID-19’s spread opened the door to multiple security and privacy vulnerabilities.

Belgian Police Say They Decrypted Half a Billion ‘Sky’ Messages, Arrested 48 People (VICE, Mar 10 2021)
Sky ECC is a popular, custom encrypted phone with organized crime. Now police say their operation against the company’s users is wider in scope than previously reported.

Vodafone Calls for New Cybersecurity Policies to Help SMEs (Infosecurity Magazine, Mar 09 2021)
Comms company asks UK government to slash VAT on cybersecurity products

Government Spyware Firm That Put Rogue Apps on Play Store Goes Bankrupt (VICE, Mar 15 2021)
A court just declared eSurv, a company that sold spyware to Italian cops, bankrupt.

Indicted CEO of Encrypted Phone Firm ‘Sky’ Says He Will Clear His Name (VICE, Mar 14 2021)
The CEO of Sky Jean-Francois Eap told Motherboard "The unfounded allegations of involvement in criminal activity by me and our company are entirely false."