A Review of the Best News of the Week on AI, IoT, & Mobile Security
Bombshell Report Finds Phone Network Encryption Was Deliberately Weakened (VICE, Jun 17 2021)
A new paper shows that two old encryption algorithms still used in mobile networks can be exploited to spy on phones’ internet traffic.
The Future of Machine Learning and Cybersecurity (Schneier on Security, Jun 21 2021)
“The Center for Security and Emerging Technology has a new report: “Machine Learning and Cybersecurity: Hype and Reality.” Here’s the bottom line:
The report offers four conclusions:
Machine learning can help defenders more accurately detect and triage potential attacks. However, in many cases these technologies are elaborations on long-standing methods — not fundamentally new approaches — that bring new attack surfaces of their own.”…
Instructions Show How Cops Use GrayKey to Brute Force iPhones (VICE, Jun 22 2021)
Newly released documents provide new insight into the capabilities of the iPhone unlocking tech.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Security Experts Scrutinize Apple, Amazon IoT Networks (Dark Reading, Jun 15 2021)
Both companies have done their due diligence in creating connected-device networks, but the pervasiveness of the devices worries some security researchers.
IoT Supply Chain Bug Hits Millions of Cameras (Infosecurity Magazine, Jun 16 2021)
Critical vulnerability could allow attackers to eavesdrop on users
5G mobile subscriptions to exceed 580 million by the end of 2021 (Help Net Security, Jun 21 2021)
Ericsson projects that 5G mobile subscriptions will exceed 580 million by the end of 2021, driven by an estimated one million new 5G mobile subscriptions every day. 5G mobile subscriptions The forecast enhances the expectation that 5G will become the fastest adopted mobile generation.
Apple fixes actively exploited vulnerabilities affecting older iDevices (Help Net Security, Jun 16 2021)
Apple has released a security update for older iDevices (iPhones, iPads and iPods) to fix three vulnerabilities, two of which are zero-days that are apparently actively exploited in attacks in the wild. About the fixed flaws
Apple Warns EU Law ‘Risks Destroying iPhone Security’ (SecurityWeek, Jun 16 2021)
The EU’s proposed new rules to rein in tech giants risk undermining the security of the iPhone, Apple chief Tim Cook warned Wednesday.
A Bug in the Android Google App Put Privacy at Risk (Wired, Jun 19 2021)
Plus: Airbnb’s safety squad, a fake pharmacy crackdown, and more of the week’s top security news.
Connecting to malicious Wi-Fi networks can mess with your iPhone (Ars Technica, Jun 21 2021)
The world’s most secure consumer OS is bitten by a garden-variety programming bug.