copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
Search this site

On this site

 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login


AusCERT Week in Review for 10th August 2012

Date: 10 August 2012

Click here for printable version


From a purely nerdy perspective the landing of Curiosity on Mars was an exciting way to start the week. Security-wise, Wired ran an interesting story on the affects of our increasing reliance on technology and interconnectedness.

In brief, Mat Honan described how less than ideal security practices by Amazon and Apple combined with linked email and internet accounts led to pretty much his entire online identity being compromised along with the loss of family photos (and everything else) on his iPhone, iPad, and MacBook.

A positve outcome from the incident is that Amazon have since changed their policy so that customers can not change account information simply by providing a name, email, and mailing address. According to the article Apple have claimed their "internal policies" were not followed completely. However, it is not clear whether this would have provided any additional security.

Rather than relying on business policies, security must be a combined effort. At this point many of you should be wondering what can be done at an indvidual level to avoid a similar situation. Here are some suggestions rehashed and revamped from the Wired article and nicely plonked in the one spot:

  • Backup your data to an offline location, e.g. an external hard disk.
  • Setup two factor authentication where possible, e.g. Gmail gives you the option of setting up a mobile phone for additional account authentication.
  • Use a different nickname for your accounts e.g.,, = bad!

    Now onto the top 5 bulletins for the week:

    1) ESB-2012.0746 - ALERT [Appliance] Siemens Synco OZW Web Server: Administrator compromise - Remote/unauthenticated

    The ye olde default password trick. The Siemens Synco OZW Web Server, used for building automation systems, does not prompt to change the default administrator password.

    2) ESB-2012.0743 - [RedHat] kernel: Denial of service - Remote/unauthenticated

    The most critical update for Red Hat this week was a denial of service vulnerability affecting the kernel.

    3) ESB-2012.0752 - HP Arcsight Logger & Connector: Multiple vulnerabilities

    I have listed this bulletin as one to keep an eye on as there is no patch available and HP have not published an advisory as yet. This is the bulletin as published by US-CERT.

    4) ESB-2012.0729.2 - UPDATE [Debian] isc-dhcp: Multiple Vulnerabilities

    Debian has updated this bulletin as the source package previously provided did not actually include the patched code. Oops.

    5) ASB-2012.0112 - [Win][UNIX/Linux] Google Chrome: Denial of service - Remote/unauthenticated

    Google has released another update this week, just two vulnerabilities this time however no user interaction required to exploit.

    Stay safe,