A Review of the Best News of the Week on AI, IoT, & Mobile Security

Can We Stop Pretending SMS Is Secure Now? (Krebs on Security, Mar 16 2021)
SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we’re learning about an entire ecosystem of companies that anyone could use to silently intercept text messages intended for other mobile users.

A Hacker’s guide to reducing side-channel attack surfaces using deep-learning (Elie Bursztein’s blog, Mar 21 2021)
This talk showcases SCALD, our tool that leverages deep-learning explainability and dynamic execution to automatically find which parts of a crypto-hardware implementation is responsible for leaking the information exploited by side-channel attacks

Chinese APT Targets Telcos in 5G-Related Cyber-Espionage Campaign (Dark Reading, Mar 16 2021)
Telemetry suggests that threat actor behind Operation Dianxun is Mustang Panda, McAfee says.

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

How Those Viral Tom Cruise Deepfakes Were Made (VICE, Mar 19 2021)
Deep fakes are getting better, but there’s more to those viral Tom Cruise-TikTok ones than meets the eye.

Hafnium-inspired cyber-attacks neutralized by AI (Darktrace Blog, Mar 18 2021)
As a result of the wide-reaching Hafnium attacks, various threat actors have begun exploiting ProxyLogon. This blog post shows a real-life example of how Darktrace detected this campaign against vulnerable Exchange servers, before public attribution.

Ransomware and IoT Malware Detections Surge by Over 60% (Infosecurity Magazine, Mar 16 2021)
SonicWall points to a perfect storm for threat actors in 2020

New Mirai Variant Leverages 10 Vulnerabilities to Hijack IoT Devices (SecurityWeek, Mar 17 2021)
Over the past month, a variant of the Mirai botnet was observed targeting new security vulnerabilities within hours after they had been disclosed publicly, researchers with Palo Alto Networks reveal.

TikTok wants to keep tracking iPhone users with state-backed workaround (Ars Technica, Mar 16 2021)
They want to keep tracking iPhone users with solution created by state-backed group.

Where is 5G heading, and how fast will it get there? (Help Net Security, Mar 17 2021)
When it comes to 5G, carriers are optimistic. In fact, more than half of those surveyed by Dimensional Research expect to deliver substantial end-user benefits within two to five years while 47% reported that users already are seeing value or will within one year.

AT&T reveals 2021 strategy to deliver fast, reliable and secure 5G (Help Net Security, Mar 15 2021)
AT&T shared long-term goals to bring AT&T’s fast, reliable and secure 5G to more consumers, businesses and first responders across key areas: sports and venues, entertainment, travel and transportation, business transformation, and security and public safety.

“Expert” hackers used 11 0-days to infect Windows, iOS, and Android users (Ars Technica, Mar 18 2021)
The breadth and abundance of exploits for unknown vulnerabilities sets group apart.

Attackers are trying awfully hard to backdoor iOS developers’ Macs (Ars Technica, Mar 18 2021)
XcodeSpy uses malicious Xcode project to install the EggShell backdoor.

iOS app developers targeted with trojanized Xcode project (Help Net Security, Mar 19 2021)
“We recently became aware of a trojanized Xcode project in the wild targeting iOS developers thanks to a tip from an anonymous researcher. The malicious project is a doctored version of a legitimate, open-source project available on GitHub,” SentinelOne researchers have warned. About XcodeSpy The trojanized Xcode project in question is TabBarInteraction, which offers iOS developers features for animating the iOS Tab Bar based on user interaction – though the researchers have been quick to…

Encrypted Phone Firm ‘Sky’ Shuts Down (VICE, Mar 17 2021)
Internal Sky messages obtained by Motherboard said BlackBerry cut off services to Sky.

Beware Android trojan posing as Clubhouse app (WeLiveSecurity, Mar 18 2021)
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication

Easy SMS Hijacking (Schneier on Security, Mar 19 2021)
Vice is reporting on a cell phone vulnerability caused by commercial SMS services. One of the things these services permit is text message forwarding. It turns out that with a little bit of anonymous money — in this case, $16 off an anonymous prepaid credit card — and a few lies, you can forward the text messages from any phone to any other phone.

China Slams US Plan to Expel Phone Carriers in Tech Clash (SecurityWeek, Mar 20 2021)
China’s government on Thursday called on Washington to drop efforts to expel three state-owned Chinese phone companies from the United States in a new clash over technology and security.

Recently Patched Android Vulnerability Exploited in Attacks (SecurityWeek, Mar 23 2021)
Google has warned Android users that a recently patched vulnerability has been exploited in attacks.