A large number of power-constrained devices will be connected to the Internet of Things (IoT). Deployed in large areas, the battery-powered IoT devices call for power efficient and long-range communication technologies. Consequently, the Low Power Wide Area Networks(LPWAN) was devoted to being the key IoT enablers. In this context, LoRaWAN, an LPWAN technology, is one of the main IoT communication protocols candidates. Moreover, fog computing is another technology which works as an extension to cloud computing to enable new fog applications and services. Fog technology has many characteristics such as low latency, mobility, a strong presence of streaming and real-time applications. Fog computing is key enabler of the IoT applications, coping with the high IoT network scale. However, LoRaWAN and fog computing suffers from different security and privacy threats. These threats lead to some availability, authentication, confidentiality, integrity and privacy attacks. In this work, we present efficient countermeasures against LoRaWAN activation by personalization (ABP) attacks. The proposed solution aims at making LoRaWAN ABP end-devices safer, more secure and more reliable. In fact, the proposed solution is based on the dynamic key derivation scheme, which means new dynamic confidentiality and authentication session keys. We presented two variants of dynamic key derivation: counter-based and channel information-based. A set of security and performance tests shows that the proposed countermeasures present low overhead in terms of computation and communication resources with a high level of security. Moreover, we investigate the fog computing security threats and countermeasures. Consequently, we make our recommendations for possible solutions and future research directions.