A Review of the Best News of the Week on Cyber Threats & Defense

Man-in-the-Middle Attack against Electronic Car-Door Openers (Schneier on Security, Nov 28 2017)
The theft took just one minute and the Mercedes car, stolen from the Elmdon area of Solihull on 24 September, has not been recovered.
In the footage, one of the men can be seen waving a box in front of the victim’s house.
The device receives a signal from the key inside and transmits it to the second box next to the car.
The car’s systems are then tricked into thinking the key is present and it unlocks, before the ignition can be started.

The UK’s cybersecurity agency issued a new guidance to ministries about using Russian antivirus software (The Verge, Dec 04 2017)
On Friday, the UK’s National Cyber Security Centre (NCSC) issued a new guidance for how the country’s various ministries should closely manage their use of antivirus software supplied by a foreign nation, such as Russia’s Kaspersky Lab.

A day in the life of a MSSP engineer (CSO Online, Dec 01 2017)
Cybersecurity is a term heard three or four times before breakfast these days. But what really goes into keeping businesses secure? Here we detail a day in the life of one of my senior cybersecurity engineers…and what it takes to ensure if breaches happen, they happen to the other guys.

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

5 Free or Low-Cost Security Tools for Defenders (Dark Reading, Nov 30 2017)
Defending the enterprise is increasingly getting complex, with cloud, mobile, and IoT services expanding the potential attack surface and yet IT security budgets may remain constrained to address new threats, Arun DeSouza, CISO and privacy officer with Nexteer Automotive, said

Deception: Why It’s Not Just Another Honeypot (Dark Reading, Dec 01 2017)
The technology has made huge strides in evolving from limited, static capabilities to adaptive, machine learning deception.

Hacked Password Service Leakbase Goes Dark (Krebs on Security, Dec 04 2017)
“Leakbase, a Web site that indexed and sold access to billions of usernames and passwords stolen in some of the world largest data breaches, has closed up shop. A source close to the matter says the service was taken down in a law enforcement sting that may be tied to the Dutch police raid of the Hansa dark web market earlier this year.”

Former NSA Employee Pleads Guilty to Taking Secret Data (eWEEK, Dec 04 2017)
The U.S. Department of Justice (DOJ) announced on Dec. 1 that former National Security Agency (NSA) developer Nghia Hoang Pho pleaded guilty to charges that he took classified information to his home. Pho was allegedly subsequently hacked by Russian operatives who gained access to the secret information stored on his computer.

Apple’s MacOS High Sierra Update Reintroduces “Root” Bug For Some Users (Wired, Dec 01 2017)
The company’s fix for an embarrassing security bug includes a big bug of its own.

Stealthy in-browser cryptomining continues even after you close window (Help Net Security, Nov 30 2017)
In-browser cryptocurrency mining is, in theory, a neat idea: make users’ computers “mine” Monero for website owners so they don’t have to bombard users with ads in order to earn money. Unfortunately, in this far-from-ideal world of ours, mining scripts – first offered by Coinhive but soon after by other outfits – are mostly used by unscrupulous web admins and hackers silently compromising websites.

PayPal Admits Acquired Company Suffered Major Breach (Infosecurity Magazine, Dec 04 2017)
PayPal has been left red-faced after it was forced to admit a massive data breach at recently acquired TIO Networks affecting 1.6 million customers.