Week in review
AUSCERT Week in Review for 11th February 2022
Greetings,
International Safer Internet Day took place on February 8, which was an opportunity for everyone to ensure they play it safe and fair online.
There is no place for online abuse. We can all help to make life online enjoyable by being kind and respectful to each other.
Research shows that Australians are learning and caring more about online safety than ever before and if you wish to learn more, visit the eSafety Commissioner website to help you to Play it Fair!
The beginning of this week also saw Meta (formerly Facebook) lose a bid to dismiss legal action against them that related to the misuse of information of some of its Australian users. The social media giant was also flagged for not taking âresponsible stepsâ to keep that information safe.
This was the second time Metaâs request was denied following a ruling in late 2020 with authorities ruling that the company operated within Australia and collected data therein.
Business Insider details the journey to the decision, made by the full bench of the Federal Court, which could have long-lasting and broad ramifications.
Elsewhere, Telstra revealed plans to improve and increase itsâ cyber security offerings to the Australian government.
The pandemic has been identified as the catalyst for the increase in digital adoption which has also seen cyber attacks adapt and increase. itnews highlights how that, along with the governmentâs plans to centralise networks, are part of the reason for Telstra to create a specialised team to provide cyber security services at all levels of government.
Have a great weekend!
Microsoft February 2022 Patch Tuesday: 48 bugs squashed, one zero-day resolved
Date: 2022-02-09
Author: ZDNet
Microsoft has released 48 security fixes for software, including a patch for a zero-day bug, but there are no critical-severity flaws on the list this month.
In the Redmond giant’s latest round of patches, usually released on the second Tuesday of each month in what is known as Patch Tuesday, Microsoft has fixed problems including remote code execution (RCE) vulnerabilities, privilege escalation bugs, spoofing issues, information leaks, and policy bypass exploits.
Products impacted by February’s security update include the Windows Kernel, Hyper-V, Microsoft Outlook and Office, Azure Data Explorer, and Microsoft SharePoint.
ASIO tracking foreign spies on dating apps Tinder and Bumble
Date: 2022-02-09
Author: The Sydney Morning Herald
The boss of Australiaâs counter-espionage agency ASIO has warned foreign spies appear to be using dating apps such as Tinder, Bumble and Hinge to get sensitive information from Australians.
In his latest annual threat assessment delivered on Wednesday night, Mr Burgess for the first time confirmed thatâŻespionage and foreign interference has supplanted terrorism as ASIOâs principalâŻsecurityâŻconcern.
[Mr Burgess] also revealed his agency recently foiled a foreign interference plot in the lead-up to an election in Australia, which involved an attempt to install political candidates at the behest of a foreign government.
Microsoft will block downloaded macros in Office versions going back to 2013
Date: 2022-02-08
Author: Ars Technica
In the interest of combating ransomware and other malware, Microsoft is planning a major change in how its Office software handles macros: when files that use macros are downloaded from the Internet, those macros will now be disabled entirely by default. Current versions of the software offer an alert banner on these kinds of files that can be clicked through, but the new version of the banner offers no way to enable the macros.
The change will be previewed starting in April in Office version 2203, before being rolled out to all users of the continuously updated Microsoft 365 version of Office starting in June. The change will also be enabled for all currently supported standalone versions of Office, including versions 2021, 2019, 2016, and 2013. The Mac, iOS, Android, and web versions of Office won’t be affected.
China suspected of cyber attack on News Corp
Date: 2022-02-07
Author: Cyber Security Connect
According to Reuters, hackers broke into News Corp email accounts and compromised the data of an unspecified number of journalists, the media firm disclosed last week.
The hack was likely aimed at gathering intelligence for Beijing’s benefit, according to News Corp’s internet security adviser.
The breach was discovered in late January and affected emails and documents of what it described as a limited number of employees, including journalists. News Corp, which publishes The Wall Street Journal, confirmed that cyber security firm Mandiant had contained the breach.
Australia’s anti-trolling Bill enters Parliament retaining defamation focus
Date: 2022-02-10
Author: ZDNet
The federal government has officially introduced the highly-publicised anti-trolling Bill into Parliament.
The Bill, Social Media (Anti-Trolling) Bill 2022, was first announced by Australian Prime Minister Scott Morrison in November as a mechanism that would “unmask anonymous online trolls” and address toxic content existing on social media platforms.
The anti-trolling Bill has since been touted by the Liberal Senator and Attorney-General Michaelia Cash as one of her party’s primary items that it wants to push out before the federal election.
UK.gov threatens to make adults give credit card details for access to Facebook or TikTok
Date: 2022-02-08
Author: The Register
Adults will have to hand over credit card or passport details before they can access social media sites, the British government threatened this morning.
Internet use age verification â first floated and then abandoned via the country’s 2017 Digital Economy Act â will return in the UK’s Online Safety Bill, digital minister Chris Philp MP has vowed, linking the technology, widely criticised by privacy activists, to protecting children from pornography websites.
No early data on use of Australia’s cyber-abuse takedown laws
Date: 2022-02-08
Author: iTnews
Immmediate applications of Australia’s new cyber-abuse takedown laws that came into force on January 23 remain unclear, with parties on all sides saying it is too early to have access to meaningful data.
The “world-first scheme” gives Australia’s eSafety commissioner Julie Inman Grant authority to have the ‘worst of the worst’ content removed from the internet, “no matter where it is hosted”.
Vodafone Portugal struggles to restore service following cyberattack
Date: 2022-02-09
Author: ViralAmo
Vodafone Portugal is slowly working to recover following a âdeliberate and malicious cyberattackâ that brought down services used by millions of people and businesses in that country, including those for ambulances and other emergency services.
Vodafone Portugalâa subsidiary of UK-based Vodafone Group with 4.3 million cell phone subscribers and 3.4 million fibre subscribersâsaid in a statement that the attack began on Monday evening. The attack quickly took down the subsidiaryâs 4G and 5G networks and halted fixed voice, television, SMS, and voice and digital answering services.
Google fixes remote escalation of privileges bug on Android
Date: 2022-02-08
Author: Bleeping Computer
Google has released the February 2022 Android security updates, addressing two critical vulnerabilities, one being a remote escalation of privilege that requires no user interaction.
The vulnerability is tracked as CVE-2021-39675, carrying a âcriticalâ severity rating, and affects only Android 12, the latest version of the popular OS.
These flaws are typically leveraged by sophisticated spyware vendors that independently discover and privately use zero-days in mobile operating systems. However, in this case, Google hasnât seen any signs of active exploitation.
ASB-2022.0050 – Microsoft 365 Apps for Enterprise: CVSS (Max): 8.8
Microsoft has released its monthly security patch update for the month of February 2022.
ESB-2022.0532 – Adobe Creative Cloud Desktop Application: CVSS (Max): 7.0
Adobe has released an update for the Creative Cloud Installer for Windows. This update includes a fix for a critical vulnerability that could lead to arbitrary code execution in the context of the current user.
ESB-2022.0554 – Python: CVSS (Max): 9.8
Python could be made to execute arbitrary code or denial of service if it received a specially crafted input.
ESB-2022.0524 – Android: CVSS (Max): 9.1*
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices.
Stay safe, stay patched and have a good weekend!
The AUSCERT team
Learn more