//Week in review - 11 Sep 2020

AusCERT Week in Review for 11th September 2020


It seemed like ages ago when we announced that AusCERT2020 will be moved to a virtual platform. Here we are, tutorials kick off in just 4-sleeps on Tuesday 15th September!

Delegates, you would have received a unique targeted email featuring specific areas within our conference program over the past few days this week. Be sure to catch up on those to maximise your delegate experience. We covered the following areas of the conference: Interactive activities, Speakers and Keynotes, Program and Social Activities, Sponsor thank-you, and Delegate Experience.

This week also saw us acknowledging R U OK Day and we realise the question is heavier this year. Sharing this blog piece from our conference charity partner LIVIN here.

Members, don’t forget that we are extending the closing date of the AusCERT Security Bulletins survey (member portal login required) to 5.00pm AEST on Friday 18th September. Every completed survey will go in the draw to win a Nintendo Switch Lite console, valued at AU$299.

Until next week, we hope to catch up with as many of you as possible virtually at AusCERT2020, “We Can be Heroes”.

Have a great weekend everyone!

Universities are a juicy prize for cyber criminals. Here are 5 ways to improve their defences
Date: 2020-09-08
Author: The Conversation

[Dr David Stockdale, AusCERT Director and Deputy Director of Infrastructure Operations Information Technology Services at The University of Queensland, co-authored this article.]
Universities worldwide are a growing target for hackers. A July 2020 report by cybersecurity company Redscan found more than 50% of UK universities recorded a data breach in the previous 12 months.
More recently, a data breach has affected 444,000 users of ProctorU. Universities, including several Australian ones, use this online tool to supervise students sitting exams from home. Personal records from ProctorU were made available on hacker forums.
What can unis do to improve cybersecurity?

Patch Wednesday fixes ‘worst-case scenario’ Exchange bug
Date: 2020-09-09
Author: IT News

Today’s regular set of security updates for Microsoft products fixes 23 critical and 105 important flaws, including a serious vulnerability in Exchange Server that is remotely exploitable.
Dustin Childs of the Zero Day Initiative noted the vulnerability allows an attacker to run code at the high-privilege SYSTEM user level, simply by sending a specially crafted email to an unpatched Exchange server.

Australian cyber companies collaborate on online training program for Defence Force
Date: 2020-09-07
Author: iTWire

A group of Australian sovereign cyber companies are claiming an Australia-first collaboration to create a successful pilot of a fully online, collective cyber training program for the Australian Defence Force.
The companies – Cydarm, Elttam, Penten and Retrospect Labs – each with expertise in niche cyber technology, came together to tailor a solution for the ADF on FifthDomain’s cyber training platform.

Newcastle Uni Ransomware Attack Will “Take Weeks” to Mitigate
Date: 2020-09-08
Author: Infosecurity Magazine

A leading UK university has warned staff and students that it will take weeks to recover from a recent ransomware incident, with a well-known threat group already posting stolen documents.
Newcastle University in the north-east of England is part of the elite Russell Group. It claimed to have been attacked on August 30 2020 with most university systems unavailable or restricted indefinitely.
“The nature of the problem means this is an on-going situation which we anticipate will take a number of weeks to address,” it said in an update on Monday. “We hope to have a better estimate at the end of this week.”

Cybersecurity 101: Protect your privacy from hackers, spies, and the government
Date: 2020-09-09
Author: ZDNet

Privacy used to be considered a concept generally respected in many countries — at least, in the West — with a few changes to rules and regulations here and there often made only in the name of the common good.
Things have changed, and not for the better.
China’s Great Firewall, the UK’s Snooper’s Charter, the US’ mass surveillance and bulk data collection — compliments of the National Security Agency (NSA) and Edward Snowden’s whistleblowing — Russia’s insidious election meddling, and countless censorship and communication blackout schemes across the Middle East are all contributing to a global surveillance state in which privacy is a luxury of the few and not a right of the many.

ASB-2020.0158 – Microsoft Exchange Server: Execute arbitrary code/commands – Existing account

Microsoft’s Patch Tuesday included fixes for a vulnerability in Exchange Server

ASB-2020.0156 – Internet Explorer & ChakraCore: Multiple vulnerabilities

Microsoft released an update that resolves 6 vulnerabilities in Internet Explorer & ChakraCore

ESB-2020.3108 – Threat Intelligence Exchange Server: Multiple vulnerabilities

McAfee Threat Intelligence Exchange Server update includes fixes for five third-party vulnerabilities

ESB-2020.3096 – Intel BIOS firmware: Multiple vulnerabilities

Security vulnerabilities in BIOS firmware for multiple Intel platforms allow escalation of privilege, denial of service and/or information disclosure.

ESB-2020.3095 – IBM Security Access Manager for Enterprise Single Sign-On: Multiple vulnerabilities

Security Vulnerability has been identified in Apache Batik used by IBM WebSphere Application Access Manager for Enterprise Single Sign-On

Stay safe, stay patched and have a good weekend!