//Week in review - 4 Dec 2020

AusCERT Week in Review for 4th December 2020


It’s officially summer season here in Australia, we hope that everyone’s taking care of themselves as we embrace the change in weather.

We would like to begin this week by commending our colleague Mal Parkinson who was a panel member on a session hosted by the by the Australian Women in Security Network (AWSN) for their AWSN Cadets “Security Sessions” initiative. The panel discussed the topic of “Life before Cyber Security, how did you start?” and we’ve summarised some key advice from this session via our LinkedIn page here. Some sage tips for all those wanting to move into the cyber security sector or are simply starting out as a new graduate.

This week also saw us supporting the team from AustCyber as they launched the 2020 Update to Australia’s Cyber Security Competitiveness Plan (SCP). A copy of their media release can be found here. In summary, the launch and panel discussion events held by the team from AustCyber highlighted the plethora of start-ups and initiatives in the cyber security sector across the states and territories within Australia. The gamut of activities certainly places our country in a position to gain an outstanding posture on cyber security in the coming decade and beyond! Exciting times ahead for our sector.

And last but not least, don’t forget – our AusCERT2021 Call for Papers initiative is now open and will remain so until late January 2021. Help us celebrate the 20th anniversary of Australia’s original and oldest information security conference. Do you or someone you know have a great story to tell? We would like to hear it, help us spread the word on Cyber Security.

Until next week, have a wonderful and restful weekend everyone.

FBI warns of email forwarding rules being abused in recent hacks
Date: 2020-12-01
Author: ZDNet

The US Federal Bureau of Investigation says that cyber-criminals are increasingly relying on email forwarding rules in order to disguise their presence inside hacked email accounts.
Threat actors absolutely love email auto-forwarding rules as they allow them to receive copies of all incoming emails without having to log into an account each day — and be at risk of triggering a security warning for a suspicious login.
FBI officials say that the technique is still making victims in corporate environments because some companies don’t forcibly sync email settings for the web-based accounts with desktop clients.

Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them
Date: 2020-11-30
Author: Microsoft Security Blog

The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming.

New rules to detect, trace and block scam calls
Date: 2020-12-02
Author: The Australian Communications and Media Authority (ACMA)

ACMA has today registered new rules that require telcos to detect, trace and block scam calls. The Reducing Scam Calls Code, developed by the telco industry, was a direct recommendation of the ACMA’s Combating Scams Action Plan.
The ACMA has worked closely with telcos and peak body Communications Alliance to develop the new rules and successfully pilot initiatives to reduce the scale and impact on Australians of scam calls. Major telcos report blocking over 30 million scam calls across the last 12 months as they undertook work to trial the identification and reduction of scam calls.

APRA targets cyber hygiene and board oversight with new security strategy
Date: None
Author: iTnews

The Australian Prudential Regulation Authority (APRA) has unveiled a new cyber security strategy and flagged it will step up its review of current cyber compliance, holding boards accountable for shortfalls.
The prudential regulator’s cyber security strategy for 2020 to 2024 seeks to lift cyber security standards and introduce heightened accountability where companies fail to meet their legally binding requirements.

7 Simple Ways to Make Your Android Phone More Secure
Date: 2020-12-01
Author: WIRED

There are a couple of different ways to think about privacy when it comes to your phone. There’s the data that it collects about your actions and interests, and then there are the protections you can put in place to stop people around you from accessing the physical device. Both are important, and there are easy things you can do to improve each of them.

ESB-2020.4227 – MozillaFirefox: Multiple vulnerabilities

Mozilla Firefox releases an update that fixes 12 issues

ESB-2020.4274 – Thunderbird: Reduced security – Remote with user interaction

Security vulnerabilities fixed in Thunderbird 78.5.1.

ESB-2020.4286 – Red Hat JBoss Enterprise Application Platform 7.3.4: Multiple vulnerabilities

An update has been released that fixes multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform 7.3.

ESB-2020.4284 – Linux Kernel: Multiple vulnerabilities

New Ubuntu packages fix several security issues identified in the Linux kernel.

Stay safe, stay patched and have a good weekend!

The AusCERT team