15 Jan 2021

Week in review

AUSCERT Week in Review for 15th January 2021

Greetings

As promised, we released details on our Strategic Plans for 2021 earlier this week. We’ve outlined this via the following “AUSCERT: What to Expect in 2021” blog post.

Here are some key issues on the AUSCERT agenda this year:

  • Expand and enhance our delivery of threat intelligence

  • Remain a trusted incident response partner, both locally and globally

  • Consistent and useful engagement with our members

With 2021’s first Patch Tuesday taking place this week, be sure to note our Security Bulletins highlighted below. For those handing Cisco patches, we hope you got through them all.

We would also like to share the following statement re: a QuoVadis Global SSL ICA G3 issue which impacted some of our members today. The AUSCERT team was not made aware of the revocation and began investigating this problem as soon as we were alerted by affected members. DigiCert + QuoVadis apologise that significant notice had not been provided with regards to this change, and for any inconvenience caused to AUSCERT members.

Last but not least, don’t forget – our AUSCERT2021 Call for Papers initiative is still open until the end of this month and we welcome submissions in line with this year’s theme which focuses on the automation of the cyber security response, whether these stories are big or small.

Until next week folks, have a good weekend.


Are Australians at a ‘turning point’ on cybersecurity or still unprepared?
Date: 2021-01-11
Author: ABC News

Australians are on high alert about the threat of cyber attacks following Prime Minister Scott Morrison’s warning in June that Australia was targeted by a sophisticated “state-based” cyber-attack.
Key points:
– An average of 164 cybercrime reports are made by Australians every day according to the Australian Cyber Security Centre
– Ransomware has become the biggest threat, used by criminals to lock up people’s systems and data and then demand a ransom in return for their release
– The ACSC has launched a cybersecurity campaign that provides easy-to-follow advice for all Australians to prepare against cyber attacks

Microsoft January 2021 Patch Tuesday fixes 83 flaws, 1 zero-day
Date: 2021-01-12
Author: Bleeping Computer

[Related AUSCERT security bulletins can be found on our website; accessing these will require a member portal login.]
With the January 2021 Patch Tuesday security updates release, Microsoft has released fixes for 83 vulnerabilities, with ten classified as Critical and 73 as Important.
There is also one zero-day and one previously disclosed vulnerabilities fixed as part of the January 2021 updates.

Accellion hack behind Reserve Bank of NZ data breach
Date: 2021-01-12
Author: iTnews

The Reserve Bank of New Zealand, which yesterday disclosed it had suffered a data breach, now says it was caught up in a hack of enterprise data protection provider Accellion.
Accellion’s file transfer appliance (FTA) was accessed illegally, RBNZ said in a statement. “We have been advised by the third party provider that this wasn’t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised,” RBNZ governer Adrian Orr said.
The FTA system, which was used to store and share sensitive information, has been secured and taken offline, RBNZ said.

Third malware strain discovered in SolarWinds supply chain attack
Date: 2021-01-12
Author: ZDNet

Cyber-security firm CrowdStrike, one of the companies directly involved in investigating the SolarWinds supply chain attack, said today it identified a third malware strain directly involved in the recent hack.
Named Sunspot, this finding adds to the previously discovered Sunburst (Solorigate) and Teardrop malware strains.


ASB-2021.0011 – Microsoft Patch Tuesday update for Microsoft System Center for January 2021

This zero-day RCE vulnerability has been reportedly exploited in the wild.

ASB-2021.0010 – Microsoft Patch Tuesday update for Windows for January 2021

Many important Windows updates to apply ASAP.

ESB-2021.0135 – Cisco Webex Meetings Open Redirect Vulnerability

Phishing via Webex.

ESB-2021.0119 – APSB21-01 Security update available for Adobe Photoshop

Adobe released a raft of updates this week also.


Stay safe, stay patched and have a good weekend!

The AUSCERT team