//Week in review - 3 Jan 2020

AusCERT Week in Review for 3rd January 2020


2020 has begun, and with it, the end of party time.

Here is this week’s Week in Review.

Cisco DCNM Users Warned of Serious Vulnerabilities
Date: 2020-01-02
Author: SecurityWeek

Cisco on Thursday informed customers that it has released software updates for its Data Center Network Manager (DCNM) product to address several critical and high-severity vulnerabilities.

Two tips to make multifactor authentication for Office 365 more effective
Date: 2020-01-02
Author: CSO Online

Multifactor authentication (MFA) is a key tool in ensuring that your Office 365 and any online application will be secure in the cloud. For those with Microsoft 365 here are some tips to ensure you provide maximum protection to your Office 365 deployment without sacrificing usability.

Microsoft takes down 50 domains operated by North Korean hackers
Date: 2019-12-30
Author: ZDNet

Microsoft announced today [December 30th] that it successfully took down 50 web domains previously used by a North Korean government-backed hacking group.
The OS maker said the 50 domains were used to launch cyberattacks by a group the company has been tracking as Thallium.

Sextortion Email Scammers Try New Tactics to Bypass Spam Filters
Date: 2019-12-31
Author: Bleeping Computer

Sextortion scams have become so common that spam filters and secure mail gateways have been doing a good job at preventing them from being delivered to their recipients.
To bypass these filters, attackers have started to utilize new tactics such as sending sextortion emails in foreign languages and splitting bitcoin addresses into two parts.

7 Tips for Maximizing Your SOC
Date: 2019-12-31
Author: Threatpost

Use the seven points listed above to create an effective and efficient operational workflow and, importantly, happier analysts who aren’t buried at the bottom of a pile of mostly irrelevant data.

Cisco (DCNM): Execute arbitrary code/commands

Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager.

typo3 Execute arbitrary code

Multiple vulnerabilities which could lead to code execution have been found in typo3, an open-source web content management system.

libxml2 Denial of service

A denial of service vulnerability in libxml2, the GNOME XML parsing library.

Stay safe, stay patched and best wishes from all of us,

Rameez and the team at AusCERT