A Review of the Best News of the Week on AI, IoT, & Mobile Security
Signal CEO Hacks Cellebrite iPhone Hacking Device Used By Cops (VICE, Apr 21 2021)
One of the biggest encrypted chat apps in the world just showed how a device used to decrypt messages can be hacked and tampered with.
Massive Android Botnet Hits Smart TV Ad Ecosystem (SecurityWeek, Apr 21 2021)
Security researchers at Human Security (formerly White Ops) have discovered a massive botnet of Android devices being used to conduct fraud in the connected TV advertising ecosystem.
When AIs Start Hacking (Schneier on Security, Apr 26 2021)
“If you don’t have enough to worry about already, consider a world where AIs are hackers.
Hacking is as old as humanity. We are creative problem solvers. We exploit loopholes, manipulate systems, and strive for more influence, power, and wealth. To date, hacking has exclusively been a human activity. Not for long.
As I lay out in a report I just published, artificial intelligence will eventually find vulnerabilities in all sorts of social, economic, and political systems, and then exploit them”
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
AI industry alarmingly unprepared for real-world attacks (Help Net Security, Apr 26 2021)
Adversa has published comprehensive research on the security and trustworthiness of AI systems worldwide during the last decade. The report reveals the most critical real-world security threats facing AI and effective countermeasures to protect these systems.
Expect an Increase in Attacks on AI Systems (Dark Reading, Apr 27 2021)
Companies are quickly adopting machine learning but not focusing on how to verify systems and produce trustworthy results, new report shows.
Trends in the evaluation and implementation of enterprise AI adoption (Help Net Security, Apr 26 2021)
New O’Reilly research explores the techniques, tools, and practices enterprise organizations are using to better understand how artificial intelligence (AI) has evolved over the past year. While this year’s survey generated nearly three times as many responses as last year, indicating overall industry growth, there are still challenges ahead.
FIDO launches protocol to secure IoT onboarding to cloud and on-premise management platforms (Help Net Security, Apr 20 2021)
The FIDO Alliance announced the launch of the FIDO Device Onboard (FDO) protocol, a new, open IoT standard which will enable devices to simply and securely onboard to cloud and on-premise management platforms.
Window Snyder Launches IoT Security Company Thistle Technologies (SecurityWeek, Apr 26 2021)
IoT device security startup Thistle Technologies launched last week with $2.5 million in seed funding from Silicon Valley venture capital firm True Ventures.
EU Unveils AI Rules to Tackle Big Brother Fears (SecurityWeek, Apr 21 2021)
The EU unveiled a plan Wednesday to regulate the sprawling field of artificial intelligence, aimed at helping Europe catch up in the new tech revolution while curbing the threat of Big Brother-like abuses.
Technologies, markets and apps transitioning to the 5G communications era (Help Net Security, Apr 21 2021)
Though based on the industry insiders statistics, in 2019 market share of 4G networks was not more than 7%-12% on the global scale, the industry is already (2018-2020) supporting commercial 5G introduction in several market regions
Why WhatsApp Won’t Let You Appear Offline (VICE, Apr 23 2021)
The app is steadfast about not letting you shield your onlstatus from other users.
Apple’s AirDrop leaks users’ PII, and there’s not much they can do about it (Ars Technica, Apr 24 2021)
Apple has known of the flaw since 2019 but has yet to acknowledge or fix it.
16% of mobile devices in developing markets now infected with malware (Help Net Security, Apr 27 2021)
Mobile users already disadvantaged by an economic and digital divide have suffered the most from digital fraud throughout the COVID-19 pandemic. In emerging markets such as Brazil, Indonesia, South Africa and Thailand, 16 percent of mobile devices that processed a transaction were found to be infected with malware, according to Upstream.
Apple iOS 14.5 Patches 50 Security Vulnerabilities (SecurityWeek, Apr 26 2021)
Apple on Monday shipped the long-awaited iOS and iPadOS 14.5 update with patches for at least 50 documented security vulnerabilities.
The patch, which is currently being rolled out via iOS and iPadOS automatic-updating mechanism, includes cover for a WebKit vulnerability that Apple believes may have been exploited in the wild by attackers.