//Week in review - 27 Nov 2020

AusCERT Week in Review for 27th November 2020


Would you believe it, it’s less than a month away ‘til Christmas and end of year holidays for most folks around the country.

We would like to begin this week by congratulating colleagues in Victoria for their tremendous effort in achieving 28-days without any cases of Covid-19. A job very well done!

As we begin to creep closer to the merry and festive season, it is a timely reminder for everyone to stay safe online. For cyber criminals, this is also perceived as the season for exploitation. We’ve shared a couple of handy tips through our ADIR articles this week – so be sure to have a read of them below.

Next week, one of our very own Senior Information Security Analysts, Mal Parkinson, will be presenting on a panel session hosted by the by the Australian Women in Security Network (AWSN). The panel will be discussing the topic of “Life before Cyber Security, how did you start?” on Thursday evening 3 December. To tune in, please register via the following page.

And last but not least, don’t forget – our AusCERT2021 Call for Papers initiative is now open and will remain so until late January 2021. Help us celebrate the 20th anniversary of Australia’s original and oldest information security conference. Do you or someone you know have a great story to tell? We would like to hear it, help us spread the word on Cyber Security.

Until next week, have a wonderful and restful weekend everyone.

Law In Order hit by ransomware attack
Date: 2020-11-24
Author: iTnews

Law In Order, an Australian supplier of document and digital services to law firms, suffered a ransomware infection over the weekend that is believed to be the Netwalker malware.
After detecting the attack, Law In Order said it halted many of its business operations and called in cyber security advisers to assist in the investigation and incident response.
Law In Order said it had alerted authorities including the Australian Federal Police and the Australian Cyber Security Centre to the attack.

Online shoppers warned to be on alert as scams increase, losses climb to $7 million
Date: 2020-11-24
Author: iTWire

Australians have been warned to be careful when buying gifts this holiday season as losses to online shopping scams have already increased 42% this year as the country enters the busy Christmas-New Year period.
The warning from the consumer watchdog ACCC’s Scamwatch service reports that it has received over 12,000 reports of online shopping scams so far this year, with almost $7 million in reported losses.

Don’t give too much away this Christmas!
Date: 2020-11-24
Author: Data at UQ – The University of Queensland

[AusCERT is proudly a part of The University of Queensland.]
For most of us, Christmas is a time of merriment. For cyber criminals however, it’s also the season for exploitation.
Did you know that Australians lost over $14 million through scams last December?
Common Christmas scams include fake email gift certificates, e-cards and parcel delivery notifications which request either confirmation of delivery addresses or payment to collect or hold a parcel. In these scams, criminals use email, mobile apps, social networking and online forums to siphon money from victims. Don’t be a scam statistic this silly season. Give presents, not data this Christmas.
Be careful with the information you share online and follow the tips listed here to protect your data.

Microsoft gives Linux a security boost with these new attack detection tools
Date: 2020-11-19
Author: TechRepublic

Endpoint detection and response (EDR) capabilities for Microsoft Defender for Endpoint on Linux are now available in public preview. Linux EDR will help Defender for Endpoint customers better protect Linux servers and networks and quickly take action against threats, Microsoft said.
Microsoft Defender for Endpoint on Linux supports recent versions of the six most common Linux server distributions supported by Microsoft, which includes RHEL 7.2+, CentOS Linux 7.2+, Ubuntu 16 LTS or higher, SLES 12+, Debian 9+ and Oracle Linux 7.2.

Hacker posts exploits for over 49,000 vulnerable Fortinet VPNs
Date: 2020-11-22
Author: Bleeping Computer

A hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices.
Present on the list of vulnerable targets are domains belonging to high street banks and government organizations from around the world.

ASB-2020.0214 – Chromium Security Updates for Microsoft Edge

Microsoft Edge update has addressed multiple vulnerabilities. Edge is also now available on Linux platforms.

ESB-2020.4160 – VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities

VMware released patches for critical vulnerabilities across numerous products. Local admin privileges are required for this to be exploited.

Stay safe, stay patched and have a good weekend!

The AusCERT team