//Week in review - 19 Nov 2021

AusCERT Week in Review for 19th November 2021


This Sunday, November 21, is World Television Day. A time to pay homage to the tube, and in so many cases, the saviour to our recent spate of lockdown induced boredom!

The day was established by the United Nations in 1996 to recognize the impact television has in bringing world attention to conflicts and threats to peace and security and its potential in highlighting issues of importance and significance.

So, T.V. isn’t just a device to binge watch the latest season of your favourite show, in fact, as technology evolves and becomes more integrated, the use of the humble ‘idiot box’ as a major tool to inform, educate and connect enhances.

For those that have a Smart T.V., the following We Live Security article discusses why such T.V.s make for attractive and potentially soft targets, and how cybercriminals can ruin more than your T.V. viewing experience

Podcasts are another way of sharing information and engaging with people far and wide with the latest in our ‘Share Today, Save Tomorrow’ series released earlier in the week. Episode 7, ‘The future of the cyber security pipeline and education in Australia’. includes a discussion featuring Prof. Ryan Ko and Ivano Bongiovanni on how The University of Queensland Cyber Security is helping build a pipeline of cybersecurity talent.

It also includes insights from AusCERT Senior Analyst Mark about how we are supporting UQ Cyber Security through lectures as well as supervising student capstone and research projects, and more!

Today also marks thirty-six days until Christmas, yikes! With a marked shift to online shopping during the pandemic, many of us may have already started purchasing presents to ensure delivery whilst the rest of us had better get started!

Gov unveils principles to help secure critical technology supply chains
Date: 2021-11-15
Author: iTnews

The federal government has unveiled a final set of regulatory principles aimed at helping businesses secure the supply chains of critical technologies like artificial intelligence and quantum computing.

New study shows workplace blame cultures undermining cloud adoption
Date: 2021-11-17
Author: Cyber Security Connect

New research by Veritas Technologies highlights the damage that workplace blame cultures are having on the success of cloud adoption, which found that businesses are losing critical data, such as customer orders and financial data, because office workers are too scared or too embarrassed to report data loss or ransomware issues when using cloud applications, such as Microsoft Office 365.
Among the latest Veritas findings, half (50 per cent) of office workers have accidentally deleted files hosted in the cloud – such as business documents, presentations and spreadsheets. The report also gathered that as many as 14 per cent of office workers do so multiple times per week.

Amazon’s Dark Secret: It Has Failed to Protect Your Data
Date: 2021-11-18
Author: WIRED

According to internal documents reviewed by Reveal from the Center for Investigative Reporting and WIRED, Amazon’s vast empire of customer data—its metastasizing record of what you search for, what you buy, what shows you watch, what pills you take, what you say to Alexa, and who’s at your front door—had become so sprawling, fragmented, and promiscuously shared within the company that the security division couldn’t even map all of it, much less adequately defend its borders.

Cyber attack affects Federal Group payroll system but staff will still be paid
Date: 2021-11-17
Author: ABC News

Tasmania’s largest private sector employer has been affected by a cyber attack for the second time this year.
Federal Group yesterday made advance payments to staff after the payroll system it uses — run by global company Frontier Software — was affected by a “cyber incident”.
Federal Group is one of more than 1,500 organisations, including the South Australian government and the Melbourne Theatre Company, that use Frontier’s software.

Official FBI email server hacked, used to send fake threat
Date: 2021-11-13
Author: The Record

A group of unidentified hackers have compromised one of the FBI’s email servers and have sent out a massive wave of spam emails containing a warning about a (fake) cyberattack that was allegedly taking place.
The attack, which took place in the early hours of the US East Coast morning [November 13], impacted an email server that the FBI was using for some sort of public ticketing and alerting system, Carel Bitter, Chief Data Officer at Spamhaus, told The Record in an interview today.

91% of IT leaders affected by supply chain disruption: survey
Date: 2021-11-16
Author: ZDNet

A new survey of 400 IT decision-makers from Insight Enterprises found that 95% of IT decision-makers say the impact of the pandemic accelerated business transformation priorities.
The 2022 Insight Intelligent Technology Report found that nearly all of the IT leaders surveyed have been affected in some way by the IT supply chain disruption. The survey featured the responses of 400 North America-based IT leaders to a 23-question survey in September.
About two-thirds said they believe their enterprise has successfully adapted to the COVID-19 pandemic and adjusted to new realities using new tech and IT processes.

ESB-2021.3890 – Moodle: Multiple vulnerabilities

Remote code execution risk found on Moodle when restoring malformed backup file

ESB-2021.3952 – php74: Root compromise – Existing account

The new update for php74 fixes local privilege escalation via PHP-FPM

ESB-2021.3903 – FortiPortal: Cross-site scripting – Remote with user interaction

FortiPortal allows an attacker to perform reflected Cross-site scripting attacks via specially crafted HTTP request parameters

ESB-2021.3933 – Google Chrome: Multiple vulnerabilities

The Chrome team announced the Chrome 96 to the stable channel for Windows, Mac and Linux

ESB-2021.3939 – MozillaFirefox: Multiple vulnerabilities

SUSE has released an update which fixes 8 Mozilla Firefox vulnerabilities

Stay safe, stay patched and have a good weekend!

The AusCERT team