Threats & Defense
Intelligence and strategies that help organizations identify, protect, detect, respond, and recover.
Penetration Testing Vulnerability Scans MITRE ATT&CK
Social Engineering Incident Response Cyber Forensics
Red Team Testing
A Review of the Best News of the Week on AI, IoT, & Mobile Security
IoT Unravelled with Scott Helme (Troy Hunt, Nov 28 2020)
“What. A. Week. Blog post every day, massive uptick in comments, DMs, newsletter subscribers, followers and especially, blog traffic. More than 200,000 unique visitors dropped by this week, mostly to read about IoT things. This has been a fascinating experience for me and I’ve enjoyed sharing the journey….”
Popular apps in Google store leak data that adversaries could use to spy on targets (SC Media, Nov 24 2020)
Two popular Baidu apps collect data that can surreptitiously track a user’s location through Stingray devices or intercept phone calls and text messages.
US Air Force deploys robot security dogs to guard base (The Register, Nov 30 2020)
Do they byte?
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
The AI in cybersecurity market to generate $101.8 billion in 2030 (Help Net Security, Nov 26 2020)
The AI in cybersecurity market is projected to generate a revenue of $101.8 billion in 2030, increasing from $8.6 billion in 2019, progressing at a 25.7% CAGR during 2020-2030, ResearchAndMarkets reveals.
Darktrace’s Cyber AI Analyst investigates Sodinokibi (REvil) ransomware (Darktrace Blog, Nov 30 2020)
Darktrace recently detected Sodinokibi, the most lucrative strain of ransomware in 2020, in a retail organization in the US. Cyber AI Analyst launched several automatic, real-time investigations into the incident simultaneously, producing concise and digestible summaries shown in this blog.
IoT Unravelled Part 3: Security (Troy Hunt, Nov 25 2020)
In part 1 of this series, I posited that the IoT landscape is an absolute mess but Home Assistant (HA) does an admirable job of tying it all together. In part 2, I covered IP addresses and the importance of a decent network to run all this stuff on…
IoT Unravelled Part 4: Making it All Work for Humans (Troy Hunt, Nov 26 2020)
The first few parts of this series have all been somewhat technical in nature; part 1 was how much of a mess the IoT ecosystem is and how Home Assistant aims to unify it all, part 2 got into the networking layer with both Wi-Fi and Zigbee and…
IoT Unravelled Part 5: Practical Use Case Videos (Troy Hunt, Nov 26 2020)
This is the fifth and final part of the IoT unravelled blog series. Part 1 was all about what a mess the IoT landscape is, but then there’s Home Assistant to unify it all. In part 2 I delved into networking bits and pieces, namely IP addresses, my Ubiquiti UniFi…
Alexa, Disarm the Victim’s Home Security System (Dark Reading, Nov 24 2020)
Researchers who last year hacked popular voice assistants with laser pointers take their work to the next level.
Using drones to improve 5G network security (Help Net Security, Nov 25 2020)
The introduction of 5G will change the way we communicate, multiply the capacity of the information highways, and allow everyday objects to connect to each other in real time. Its deployment constitutes a true technological revolution not without some security hazards. Until 5G technology has definitively expanded, some challenges remain to be resolved, including those concerning possible eavesdropping, interference and identity theft.
US Extends TikTok Sale Deadline to December 4 (SecurityWeek, Nov 27 2020)
The US Treasury on Wednesday said it had extended by seven days the November 27 deadline given to the Chinese owner of TikTok to sell the popular social media platform’s American business.
SIM swap scam: What it is and how to protect yourself (WeLiveSecurity, Nov 27 2020)
Here’s what to know about attacks where a fraudster has your number, literally and otherwise
UK to Ban New Huawei Gear Installations After Sept (SecurityWeek, Nov 30 2020)
Wireless carriers in the U.K. won’t be allowed to install Huawei equipment in their high-speed 5G networks after September 2021, the British government said Monday, hardening its line against the Chinese technology company.
7 Simple Ways to Make Your Android Phone More Secure (Wired, Dec 01 2020)
Here’s how to lock down your data and stop others from snooping on your personal information.