//Week in review - 24 Jan 2020
Week in Review for 24th January 2020
The AusCERT team would like to wish all of you a relaxing Australia Day long weekend; and a Happy Lunar New Year to those who celebrate. A reminder that the firstname.lastname@example.org mailbox will not be monitored on Monday 27 January as it is a nationwide public holiday. However, we will staff the 24/7 member incident hotline as usual, so do call us for any urgent matters during this period.
Fraudsters impersonate Chinese consulate in scam targeting international students
Author: ABC News
Police say scores of international students in Queensland have been stung in a scam where fraudsters impersonated the Chinese consulate and demanded thousands of dollars to avoid deportation.
Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
A hacker has published this week a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) "smart" devices.
The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet.
According to experts to who ZDNet spoke this week, and a statement from the leaker himself, the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker than tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations.
5 tips to avoid spear-phishing attacks
Author: Naked Security
Phishing, very briefly defined, is where a cybercriminal tricks you into revealing something electronically that you ought to have kept to yourself.
The good news is that most of us have learned to spot obvious phishing attacks these days.
The bad news is that you canâ€™t reliably spot phishing attacks just by watching out for obvious mistakes, or by relying on the crooks saying â€œDear Customerâ€ rather than using your name.
You need to watch out for targeted phishing, often rather pointedly called spear-phishing, where the crooks make a genuine effort to tailor each phishing email, for example by customising it both to you and to your company.
Inside Pwn2Own's High-Stakes Industrial Hacking Contest
On a small, blue-lit stage in a dim side room of the Fillmore Theater in Miami on Tuesday, three men sat behind laptops in front of a small crowd. Two of them nervously reviewed the commands on a screen in front of them. Steven Seeley and Chris Anastasio, a hacker duo calling themselves Team Incite, were about to attempt to take over the Dell laptop sitting a few inches away by targeting a very particular piece of software it was running: A so-called human-machine interface, sold by the industrial control systems company Rockwell Automation.
Former ACSC chief MacGibbon blasts calls to legitimise screen scrapers
Australiaâ€™s high profile former cybersecurity tsar Alastair MacGibbon has waded into the increasingly heated debate over the use of screen scrapers by fintech firms, warning any weakening of security controls under open banking will create an instant target list for hackers.
NIST Privacy Framework 1.0: Manage privacy risk, demonstrate compliance
Author: Help Net Security
Our data-driven society has a tricky balancing act to perform: building innovative products and services that use personal data while still protecting peopleâ€™s privacy. To help organizations keep this balance, the National Institute of Standards and Technology (NIST) is offering a new tool for managing privacy risk.
The agency has just released Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management.
The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NISTâ€™s Cybersecurity Framework.
Microsoft Exposed 250 Million Customer Support Records
Nearly 250 million Microsoft Customer Service and Support records were found exposed to the Internet in five insecure Elasticsearch databases, Comparitech reports.
The records on those servers contained 14 yearsâ€™ worth of logs of conversations between support agents and customers, all of which could be accessed by anyone directly from a browser, without any form of authentication.
In an update, Microsoft says that the exposure was the result of a misconfiguration that occurred on December 5, but that its investigation into the incident did not reveal malicious use.
The RCE in Citrix NetScaler which has been making headlines lately & was updated this week with patches for specific versions.
Linux kernel upgrades patching severe vulnerabilities reaches RHEL 8 for SAP
Red Hat releases an Important update for chromium-browser
Stay safe, stay patched and have a good weekend!