//Week in review - 3 May 2019

AusCERT Week in Review for 3rd May 2019


Updates to protect against a remote code execution with administration privilege vulnerability in Dell’s SupportAssist were announced this week (CVE-2019-3719). SupportAssist ,which checks software and hardware status, is typically preinstalled on Dell systems running Windows and therefore affects numerous systems. As Proof-of-Concept code has been made available, patching vulnerable Dell systems is critical.

Here’s a summary (including excerpts) of some of the more interesting stories we’ve seen this week:

Title: 2018/2019 Cyber Security Survey Results

Date Published: 1/5/2019

Author: AusCERT and BDO Australia

Excerpt: “For the third year running, AusCERT has teamed up with BDO to conduct an industry-wide survey on the state of cybersecurity. The results of our most recent survey have just been published. AusCERT has long supported the concept of mandatory breach notification, and it is heartening to see evidence that organisations expected to comply with at least one data breach regulation (GDPR, AU NDB) spend approximately 20% more on information security controls. It is also encouraging to observe the Cyber Security Survey’s finding that leadership awareness has increased. This concurs with AusCERT’s own experience of more regular engagement at higher levels within organisations, such as CISOs and CIOs at other universities, and Principal Advisors / CISOs within state governments.”

Title: Docker Hub Database Hack Exposes Sensitive Data of 190K Users

Date Published: 26/4/2019

Author: Bleeping Computer

Excerpt: “An unauthorized person gained access to a Docker Hub database that exposed sensitive information for approximately 190,000 users. This information included some usernames and hashed passwords, as well as tokens for GitHub and Bitbucket repositories.”

Title: Dell laptops and computers vulnerable to remote hijacks

Date Published: 1/5/2019

Author: ZDNet

Excerpt: “A vulnerability [CVE-2019-3719] in the Dell SupportAssist utility exposes Dell laptops and personal computers to a remote attack that can allow hackers to execute code with admin privileges on devices using an older version of this tool and take over users’ systems.”

Stay safe, stay patched and have a good weekend,