//Week in review - 12 Jun 2020

AusCERT Week in Review for 12th June 2020


The winter chill has certainly set in as we head into the 3rd week of June.

Thank you to those who participated in our joint webinar session on the topic of “An Integrated Approach to Embedding Security into DevOps” with the team from Checkmarx. This webinar took place on Wednesday 10th June. To view a recording of this session, please visit our YouTube channel here.

Members, keep an eye out for a couple of emails landing in your inbox next week: an update on our member tokens for Virtual AusCERT2020 and the June edition of our member newsletter aka The Feed.

And last but not least, we shared the news that the Microsoft June 2020 Patch Tuesday was the largest ever with 129 fixes so don’t forget to action these items and patch those vulnerabilities. A great reference point is of course our very own Security Bulletins page.

Until next time, we hope everyone enjoys a safe and restful weekend.

Microsoft June 2020 Patch Tuesday: largest ever with 129 fixes
Date: 2020-06-09
Author: Bleeping Computer

Today is Microsoft’s June 2020 Patch Tuesday, and as many Windows administrators will be routinely screaming at computers, please be nice to them!
With the release of the June 2020 Patch Tuesday security updates, Microsoft has released one advisory for an Adobe Flash Player update and fixes for 129 vulnerabilities in Microsoft products.
Of these vulnerabilities, 11 are classified as Critical, 109 as Important, 7 as Moderate, and 2 as Low.
This is the largest Patch Tuesday update ever released by Microsoft, with the second-largest being 115 fixes in March 2020, and the third-largest with 113 fixes in April 2020.

Fisher & Paykel Appliances struck by Nefilim ransomware
Date: 2020-06-10
Author: IT News

Fisher & Paykel Appliances is the latest big brand name to be struck down by ransomware, shutting down its operations while it recovered following the attack.
The whitegoods manufacturer’s spokesperson Andrew Luxmoore confirmed the attack to iTnews, saying it took place early last week.
“The attempt was identified quickly and, as a result, we locked down our IT ecosystem immediately,” he said.

Drinks maker Lion shuts IT systems after ‘cyber incident’
Date: 2020-06-09
Author: IT News

Fast moving consumer goods giant Lion has shut down its IT systems after a “cyber incident” on Tuesday.
The attack was first reported by the Sydney Morning Herald, which said the attack had “disrupted” manufacturing and remote access to systems.
“Lion has experienced a cyber incident and has taken the precaution of shutting down our IT systems, causing some disruption to our suppliers and customers,” the company said in a brief statement on its website.

Because things aren’t bad enough already: COVID-19 is going to mess up election security assumptions too
Date: 2020-06-08
Author: The Register

The social distancing measures brought about by the COVID-19 pandemic will weaken election security in the US, according to a non-profit’s security check.
A report from New York University’s Brennan Center for Justice warns that as election workers and local officials are forced to do their jobs remotely, the risk of attack skyrockets.

We have Huawei to make the internet more secure: Dump TCP/IP to make folks safer says Chinese mobe slinger
Date: 2020-06-04
Author: The Register

Chinese telecom companies and the Middle Kingdom government contend that the TCP/IP protocol stack is ill-suited for future networking needs and have proposed reworking the internet’s technical architecture with new, more secure internet protocols.
Huawei, China Mobile, China Unicom, and China Ministry of Industry and Information Technology are backing a plan titled “New IP, Shaping Future Network.”
The specifics have not been made public but Huawei – currently subject to US trade sanctions for allegedly engaging in activities contrary to national security interests – has described the goals of the initiative as an attempt to improve the flexibility, privacy, and security of the internet.

ASB-2020.0107 – Windows: Multiple vulnerabilities

Microsoft Patch Tuesday updates (login required).

ESB-2020.1990 – 2020.1 IPU BIOS Advisory

Intel advisory of new firmware vulnerabilities.

ESB-2020.1991 – 2020.1 IPU Intel CSME, SPS, TXE, AMT, ISM and DAL Advisory

Intel advisory of new management subsystem vulnerabilities.

ESB-2020.2008.2 – linux security update

Many linux distros released kernel and microcode patches for the Special Register Buffer Data Sampling (SRBDS) attack [CVE-2020-0543] alongside other fixes.

Stay safe, stay patched and have a good weekend!

The AusCERT Team.