//Week in review - 23 Jul 2021
AusCERT Week in Review for 23rd July 2021
Patch fatigue is definitely setting in, another big week for our analysts issuing bulletins from Adobe and Oracle particularly.
This week we released our Quarter 2, 2021 Report with some great stats and updates for the period from 1 April to 30 June 2021.
Reminder, there are only 8 days left to nominate for the Australian Women in Security Awards, such a great opportunity to recognise the amazing women in our industry.
Hope everyone is keeping safe in these crazy times, have a great weekend.
Shriro Hacked, Feds Cyber Security Called In
Sydney based appliance distributor Shriro Holdings has been hacked with the business impacted claims management.
CEO Tim Hargraves claims that the distributor of Casio, Blanco, Omega and Everdure barbecues was subject to a cyber security incident involving unauthorised access to its operating systems last week.
Microsoft takes down domains used to scam Office 365 users
Author: Bleeping Computer
Microsoft’s Digital Crimes Unit has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company’s customers.
The domains taken down by Microsoft were so-called “homoglyph” domains registered to resemble those of legitimate business. This technique allowed the threat actors to impersonate companies when communicating with their clients.
This password-stealing Windows malware is distributed via ads in search results
A newly discovered form of malware delivered to victims via adverts in search results is being used as a gateway to stealing passwords, installing cryptocurrency miners and delivering additional trojan malware.
Detailed by cybersecurity company Bitdefender, the malware – which targets Windows – has been dubbed MosaicLoader and has infected victims around the world as those behind it attempt to compromise as many systems as possible.
HiveNightmare aka SeriousSAM — anybody can read the registry in Windows 10
Author: Double Pulsar
This is the story of how all non-admin users can read the registry — and so elevate privileges and access sensitive credential information — on various flavours of Windows 10. It appears this vulnerability has existed for years, and nobody noticed. In this post I made an exploit to test it.
Australian organisations are quietly paying hackers millions in a ‘tsunami of cyber crime’
Author: ABC News
It’s an open secret within the tight-lipped world of cybersecurity.
For years, Australian organisations have been quietly paying millions in ransoms to hackers who have stolen or encrypted their data.
This money has gone to criminal organisations and encouraged further attacks, creating a vicious cycle.
Now experts say Australia and the rest of the world is facing a “tsunami of cyber crime”.
MITRE – 2021 CWE Top 25 Most Dangerous Software Weaknesses
The [CWE Top 25] is a demonstrative list of the most common and impactful issues experienced over the previous two calendar years. These weaknesses are dangerous because they are often easy to find, exploit, and can allow adversaries to completely take over a system, steal data, or prevent an application from working. The CWE Top 25 is a valuable community resource that can help developers, testers, and users — as well as project managers, security researchers, and educators — provide insight into the most severe and current security weaknesses.
Oracle’s July Patch Update includes 41 new security patches to address multiple vulnerabilities in Oracle MySQL
Oracle releases fixes to address multiple vulnerabilities in PeopleSoft Enterprise products
The Critical Patch Update contains 11 new security patches for Oracle Systems
Multiple third-party vulnerabilities identified in Tenable .sc 5.19.0
Multiple vulnerabilities in Oracle Financial Services Applications are addressed in the Oracle’s most recent Patch Update
The Chrome team releases Chrome 92.0.4515.107 with a number of fixes and improvements
Adobe’s updates for Photoshop for Windows and macOS resolve a critical and a moderate vulnerability
Stay safe, stay patched and have a good weekend!
The AusCERT team