//Week in review - 15 Sep 2023


R U OK? Day serves as a powerful reminder of the significance of checking in on the well-being of others and actively listening to their concerns. In many cases individuals who are facing challenges may not openly express their feelings, and a simple empathetic conversation can make a world of difference. The act of asking “Are you okay” and genuinely listening, can provide emotional support and let someone know that they are not alone in their struggles.

Meaningful connections and open dialogues about mental health contribute to building a supportive and compassionate community. Prioritizing mental health reduces the stigma and fosters an environment where people feel comfortable sharing their feelings and seeking help when needed. It’s a reminder that small acts of kindness and genuine concern can have a profound impact on someone’s life. The R U OK? Day website features a range of free resources for your workplace, home or community click here to visit their website.

AUSCERT has always been an avid supporter and endorser of mental health support and services. This year at AUSCERT2023 we once again featured an on-site psychologist for attendees to visit and discuss anything from mental well-being right through to life coaching. We have created an on-going commitment to fostering a culture of support and understanding through promoting open conversations and creating a safe, inclusive environment for our community.

Episode 15 of our Podcast explored the importance of understanding mental and physical well-being in the workplace with Dr Carla Rogers. Dr Carla Rogers, a renowned holistic psychologist, discusses the importance of understanding mental and physical well-being in the workplace. Dr Rogers explains the connection between mind and body along with techniques to help individuals identify, treat, and overcome challenges in the workplace. The Australian Department of Health also provides a useful resource – Head to Health which features a range of information resources to provide mental health support.

In other news, some of our team ventured to the BSides Melbourne conference last weekend. We sat down with Lucas this week to hear his experience and highlights – you can read the full interview here. Also, there are still a few spots remaining in our upcoming Data Governance Principles and Practices training course, both the in-person session and online sessions. Get in quick before spaces fill up!

Google fixes another Chrome zero-day bug exploited in attacks
Date: 2023-09-11
Author: Bleeping Computer

[See AusCERT Security Bulletin 13 September 2023: ESB-2023.5207]
Google released emergency security updates to fix the fourth Chrome zero-day vulnerability exploited in attacks since the start of the year.
"Google is aware that an exploit for CVE-2023-4863 exists in the wild," the company revealed in a security advisory published on Monday.
The new version is currently rolling out to users in the Stable and Extended stable channels, and it's estimated that it will reach the entire user base over the coming days or weeks.

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits
Date: 2023-09-12
Author: Security Week

[See AusCERT Security Bulletins 13 September 2023: ASB-2023.0169 and ASB-2023.0171]
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh warning that two new Windows vulnerabilities are being targeted by malware attacks in the wild.
As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation detected” category and urged Windows sysadmins to urgently apply available fixes.

Adobe warns of critical Acrobat and Reader zero-day exploited in attacks
Date: 2023-09-12
Author: Bleeping Computer

[See AusCERT Security Bulletin 13 September 2023: ESB-2023.5195]
Adobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks.
Even though additional information on the attacks is yet to be disclosed, the zero-day is known to affect both Windows and macOS systems.
"Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader," the company said in a security advisory published today.

Apple races to patch the latest zero-day iPhone exploit
Date: 2023-09-08
Author: The Register

[See AusCERT Security Bulletin 8 September 2023: ESB-2023.5123.2]
Apple devices are again under attack, with a zero-click, zero-day vulnerability used to deliver Pegasus spyware to iPhones discovered in the wild.
Even running the latest version of iOS (16.6) is no defence against the exploit, which involves PassKit attachments containing malicious images. Once sent to the victim's iMessage account, the NSO Group's Pegasus spyware can be deployed without interaction.

MGM Resorts ESXi servers allegedly encrypted in ransomware attack
Date: 2023-09-14
Author: Bleeping Computer

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts’ operations, forcing the company to shut down IT systems.
In a statement today, the BlackCat ransomware group claims that they had infiltrated MGM’s infrastructure since Friday and encrypted more than 100 ESXi hypervisors after the company took down the internal infrastructure.

ASB-2023.0169 – ALERT Windows: CVSS (Max): 8.8

Microsoft’s most recent patch update resolves 21 vulnerabilities across Windows and Windows Server.

ASB-2023.0171 – ALERT Microsoft 365 Apps: CVSS (Max): 8.8

Microsoft’s most recent patch Tuesday update resolves 8 vulnerabilities across Office, Office Services and Web Apps.

ESB-2023.5195 – Adobe Acrobat and Reader: CVSS (Max): 7.8

Adobe has released security updates to patch a zero-day vulnerability exploited in the wild, impacting Acrobat and Reader.

ESB-2023.5197 – Thunderbird, Firefox and Firefox ESR: CVSS (Max): 8.8

Mozilla has released security updates to patch a zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.

ESB-2023.5207 – Google Chrome: CVSS (Max): 8.8

Google released emergency security updates to fix the Chrome zero-day vulnerability exploited in the wild.

Stay safe, stay patched and have a good weekend!

The AusCERT team