//Week in review - 20 Dec 2019

AusCERT Week in Review for 20th December 2019


This week may be drawing to a close, but there’s some life left in 2019! If you’re looking for something creative to do during the upcoming break, why not submit a presentation or tutorial idea to our Call For Presentations for the AusCERT2020 Cyber Security Conference? If selected, we’ll cover your travel and accommodation costs and we’re especially keen to see presentations by AusCERT members.

Just a reminder that although AusCERT remains on call for emergency assistance via the 24/7 member hotline, the Membership Team are taking a break until Monday 6 January. Similarly AusCERT’s Operations Team will close from 25 December to 1 January, so the auscert@auscert.org.au email address (and IRC) will not be monitored during that time.

And now here’s some reading material to ease you into the weekend:

Microsoft: We never encourage a ransomware victim to pay
Date: 2019-12-17
Author: ZDNet

Microsoft advocates for organizations to take preemptive measures. Says companies should treat cyberattacks “as a matter of when” and not “whether.”

Chrome Will Automatically Scan Your Passwords Against Data Breaches
Date: 2019-12-16
Author: WIRED

Google’s password checking feature has slowly been spreading across the Google ecosystem this past year. It started as the “Password Checkup” extension for desktop versions of Chrome, which would audit individual passwords when you entered them, and several months later it was integrated into every Google account as an on-demand audit you can run on all your saved passwords. Now, instead of a Chrome extension, Password Checkup is being integrated into the desktop and mobile versions of Chrome 79.

10 cyber security trends to look out for in 2020
Date: 2019-12-19
Author: Information Age

When looking for possible cyber security trends in 2020, it is clear to see that 2019 was an interesting year for all things cyber security. It was the year that brought major breaches pretty much every week. Recently, it was found that charities reported over 100 data breaches to the ICO in the second quarter of 2019-20 alone.
Cyber security is still the issue on every business leaders mind. This year, the need for organisations to keep GDPR in mind has remained prominent. The stakes for protecting your organisation from cyber threats have never been higher. So, what cyber security trends can we expect to see in 2020 then? Here are some things to consider.

Inside Evil Corp, a $100M Cybercrime Menace
Date: 2019-12-17
Author: Krebs on Security

So, each day for several years my morning routine went as follows: Make a pot of coffee; shuffle over to the computer and view the messages Aqua and his co-conspirators had sent to their money mules over the previous 12-24 hours; look up the victim company names in Google; pick up the phone to warn each that they were in the process of being robbed by the Russian Cyber Mob.
[This is a very narrative dive into payroll compromises and money mules.]

debian-edu-config: Unauthorised access – Existing account

An insecure configuration allowed every user to change other users’ passwords, which is less than ideal.

Citrix Application Delivery Controller and Citrix Gateway: Execute arbitrary code/commands – Remote/unauthenticated

An unauthenticated attacker may be able to execute arbitrary code via this vulnerability.

python-django: Unauthorised access – Remote/unauthenticated

A case insensitive query on Django’s password reset form for email addresses could result in unauthorised access.

Firefox: Multiple vulnerabilities

Nine CVEs are patched in this Firefox update.

We wish you and your loved ones all the best for the holiday season and look forward to returning in 2020, reinvigorated and ready to conquer new cyber security challenges with you!

Kind regards,

Mike and the AusCERT Team