//Week in review - 12 Feb 2021

AusCERT Week in Review for 12th February 2021


This week saw our team supporting the 2021 Safer Internet Day initiative, it is such an important topic and we’ve shared some tips on how to “start the chat” via a blogpost here.

With Patch Tuesday taking place this week, be sure to note our Security Bulletins highlighted below. A couple of important ones to note from the folks at Adobe and Microsoft.

Members, look out for a copy of our membership newsletter aka The Feed which landed in your inbox earlier this week. Our first edition for the year was a bumper one with updates on our strategy for the year, how to optimise your engagement with our team, an update on the AusCERT2021 conference and a section featuring AusCERT in the media – we hope you found the February issue a valuable read.

Last but not least, a reminder that we will be hosting our very first event for the year, a joint webinar session will take place next Thursday 18th February with the folks from Digital Shadows. The topic of this webinar will be “Automation when you can’t automate – the human process journey”, further details and the link to register can be found here.

Until next week, have a good weekend – to our friends and colleagues in Victoria, we are thinking of you, stay safe and let’s remember to keep washing our hands and practise those good Covid-safe habits; and to those who celebrate the Lunar New Year festivities, may the Year of the Ox be a prosperous and kinder one for all.

Attackers Exploit Critical Adobe Bug, Target Windows
Date: 2021-02-09
Author: Threatpost

[Refer to bulletins ESB-2021.0443 and ESB-2021.0444]
Adobe is warning of a critical vulnerability that has been exploited in the wild to target Adobe Reader users on Windows.
The vulnerability (CVE-2021-21017) has been exploited in “limited attacks,” according to Adobe’s Tuesday advisory, part of its regularly scheduled February updates. The flaw in question is a critical-severity heap-based buffer overflow flaw.

Microsoft urges customers to patch critical Windows TCP/IP bugs
Date: 2021-02-09
Author: Bleeping Computer

[Refer to bulletin ASB-2021.0044]
Microsoft has urged customers today to install security updates for three Windows TCP/IP vulnerabilities rated as critical and high severity as soon as possible.
The three TCP/IP security vulnerabilities impact computers running Windows client and server versions starting with Windows 7 and higher.

Federal government launches $26.5 million grants scheme to boost cyber security workforce
Date: 2021-02-08
Author: SmartCompany

A $26.5 million grants program is set to bolster Australia’s cyber security workforce, in a move that could give a boost to the Aussie industry, and start “the right kind of conversations” around cyber.
The Federal government’s Cyber Security Skills Partnership Innovation Fund is intended to provide both industry participants and education providers with the funding to deliver projects to “improve the quality or availability” of cyber security professionals.
It’s about ensuring a future pipeline of skilled workers in this sector, and it’s specifically targeted at bringing more women into the industry.
The scheme is also designed to build stronger partnerships between the industry and education providers.
Grants of between $250,000 and $3 million will available for projects that see partnering entities working together to “build the next generation of cyber security experts”, Minister for Industry, Science and Technology Karen Andrews said in a statement.

Intel Patches Tens of Vulnerabilities in Software, Hardware Products
Date: 2021-02-10
Author: SecurityWeek

Intel on Tuesday announced the release of updates that patch tens of vulnerabilities across many of the company’s software and hardware products.
The list of high-severity flaws includes a privilege escalation issue in the Intel Solid State Drive Toolbox, and a denial-of-service flaw in the XMM 7360 Cell Modem that can be exploited by an unauthenticated attacker who has network access.
[All 19 advisories are published on our site between ESB-2021.0457 and 486.]

What’s most interesting about the Florida water system hack? That we heard about it at all
Date: 2021-02-10
Author: Krebs on Security

Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material. But for security nerds who’ve been warning about this sort of thing for ages, the most surprising aspect of the incident seems to be that we learned about it at all.
“It’s a difficult thing to get organizations to report cybersecurity incidents,” said Michael Arceneaux, managing director of the Water ISAC, an industry group that tries to facilitate information sharing and the adoption of best practices among utilities in the water sector.

ASB-2021.0044 – ALERT Windows: Multiple vulnerabilities

Microsoft released its monthly security patch update for February 2021 which resolves 28 vulnerabilities.

ESB-2021.0444 – ALERT Magento: Multiple vulnerabilities

Magento’s updates for Magento Commerce and Magento Open Source edition resolve vulnerabilities rated important and critical.

ESB-2021.0443 – ALERT Adobe Acrobat and Reader: Multiple vulnerabilities

The security updates for Adobe Acrobat and Reader for Windows and macOS address multiple critical and important vulnerabilities.

ASB-2021.0047 – Microsoft Office, Microsoft Office Services and Web Apps: Multiple Vulnerabilities

Microsoft’s patch Tuesday updates for the month of February 2021 resolves 11 vulnerabilities across Microsoft Office, Microsoft Office Services and Web Apps.

Stay safe, stay patched and have a good weekend!

The AusCERT team