//Week in review - 23 Mar 2018

AusCERT Week in Review for 23rd March 2018


This week Cambridge Analytica and Facebook were a hot topic, so all I’d like toadd is a link to this Facebook blocklist that some may find useful:


Here’s a summary (including excerpts) of some of the more interesting stories we’ve seen this week:

Title: ‘I made Steve Bannon’s psychological warfare tool’: meet the data war whistleblower

Date Published: Sun, 18 Mar 2018

Author: Carole Cadwalladr

Excerpt: “For more than a year we’ve been investigating Cambridge Analytica and its links to the Brexit Leave campaign in the UK and Team Trump in the US presidential election. Now, 28-year-old Christopher Wylie goes on the record to discuss his role in hijacking the profiles of millions of Facebook users in order to target the US electorate.”


Title: Don’t waste the Cambridge Analytica scandal: it’s a chance to take control of our data

Date Published: Fri, 23 Mar 2018

Author: Scott Ludlam

Excerpt:  “The real question is whether we are ready, collectively, to draw a line under surveillance capitalism itself, and start taking back a measure of control.”


Title: 15-Year-old Finds Flaw in Ledger Crypto Wallet

Date Published: Tues, 20 Mar 2018

Author: Brian Krebs

Excerpt: “Rashid discovered that a reseller of Ledger’s products could update the devices with malicious code that would lie in wait for a potential buyer to use it, and then siphon the private key and drain the user’s cryptocurrency account(s) when the user goes to use it.”


Title: Hackers ‘led warplanes to Syrian hospital’ after targeting British surgeon’s computer

Date Published: Tues, 20 Mar 2018

Author: Hayley Dixon, Aisha Majid, and Steven Swinford

Excerpt: “Now the International Committee of the Red Cross is to hold a meeting with staff to warn about the dangers of hacking, using Mr Nott’s fears as an example, it is understood. “Mr Nott said on Tuesday: “The thing that gets me is that we now cannot help doctors in war zones, if somebody is watching what we are doing and blows up the hospital then that is a war crime.”


Title: Driverless cars and the 5 ethical questions on risk, safety and trust we still need to answer

Date Published: Wed, 21 Mar 2018

Author: Ariel Bogle

Excerpt: “Car manufacturers need to decide whether they want to reveal how cars are ethically programmed. Or whether their customers should even have a choice.”


Title: Nine years on, Firefox’s master password is still insecure

Date Published: Tue, 20 Mar 2018

Author: John E Dunn

Excerpt: “Choosing an iteration count is a matter of balancing the inconvenience you’re prepared to inflict on users when they log in against the amount of obstruction you want to put in a password cracker’s way.

“The good news is you don’t have to pick one iteration count and stick to it –you can increase the iteration count over time to keep pace with improvements in hardware.

“Unfortunately, Palant noticed, Firefox performs just one iteration.”


Title: What’s your availability? DoS attacks and more

Date Published: Mon, 19 Mar 2018

Author: Mike Bursell

Excerpt: “The attacks we’re talking about here are those most often overlooked: attempts to degrade the availability of a service. There’s an overlap with the related discipline of resilience here, but I think that the key differentiator is that in security we’re generally talking about intentional degradation of availability, whereas resilience also covers (and maybe focuses on) unintentional degradation.”


Here are this week’s noteworthy security bulletins:

1) Drupal: Reduced security – Unknown/unspecified
Drupal have announced a highly critical security release for Drupal 7 and 8 core.

2) Mozilla Firefox, Firefox ESR: Multiple vulnerabilities
An out of bounds memory write in libvorbis and libtremor has caused critical vulnerabilities in Mozilla Firefox.

3) Tenable Nessus : Increased privileges – Existing account
Installing Nessus to a directory outside of the default location could potentially allow local privilege escalation.

4) Geutebruck IP Cameras: Multiple vulnerabilities
Several vulnerabilities in the firmware of Geutebruck IP Cameras have been patched.

Stay safe, stay patched and have a good weekend!