17 Feb 2023

Week in review


This week the Australian government’s Attorney-General released its Privacy Act Review Report and is seeking feedback on 116 proposals for privacy reform contained in the Report. Feedback can be provided until March 31, 2023.

The proposals are designed to address the following broad areas:

  • Reducing confusion about what information should be protected and who should be protecting it
  • Providing greater protection of personal information and increasing transparency of how information is used and protected
  • Increasing enforcement of privacy breaches and streamlining regulatory schemes

This is a good reminder of the importance of cyber security and privacy measures and how they should work together to ensure the protection of information.

The latest episode of AUSCERT’s Share Today, Save Tomorrow podcast has just been released! In Episode 19 we hear insights and wisdom about cyber security risk and insurance from widely respected friend of AUSCERT, Ben Di Marco.

Here is a selection of this week’s notable cyber security news articles, compiled by the AUSCERT analyst team:

Cloudflare blocks record-breaking 71 million RPS DDoS attack
Date: 2023-02-13
Author: Bleeping Computer

This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date.
The company said it detected and mitigated not just one but a wave of dozens of hyper-volumetric DDoS attacks targeting its customers over the weekend.
"The majority of attacks peaked in the ballpark of 50-70 million requests per second (rps) with the largest exceeding 71 million rps," Cloudflare's Omer Yoachimik, Julien Desgats, and Alex Forster said.

Adobe Plugs Critical Security Holes in Illustrator, After Effects Software
Date: 2023-02-14
Author: Secuirty Week

Software maker Adobe on Tuesday released security fixes for at least a half dozen vulnerabilities that expose Windows and macOS users to malicious hacker attacks.
The Mountain View, Calif. company warned that the security problems exist on three of its most popular software products — Photoshop, Illustrator and After Effects.
According to Adobe’s security bulletins, the Illustrator and After Effects patches carry critical-severity ratings because of the risk of code execution attacks.

Splunk Enterprise Updates Patch High-Severity Vulnerabilities
Date: 2023-02-15
Author: Security Week

Splunk on Tuesday announced Splunk Enterprise updates that resolve multiple high-severity vulnerabilities, including security defects impacting third-party packages used by the product.
The most severe vulnerabilities are CVE-2023-22939 and CVE-2023-22935 (CVSS score of 8.1), two issues that could lead to the bypass of search processing language (SPL) safeguards for risky commands. Both flaws affect instances with Splunk Web enabled and require a high-privileged user to make a request in their browser.

ICS Patch Tuesday: 100 Vulnerabilities Addressed by Siemens, Schneider Electric
Date: 2023-02-15
Author: Security Week

Siemens and Schneider Electric have addressed a total of nearly 100 vulnerabilities with their February 2023 Patch Tuesday advisories.
Siemens has published 13 new advisories covering a total of 86 vulnerabilities.
The most significant vulnerability — based on its CVSS score of 10 — is a memory corruption issue that can lead to a denial-of-service (DoS) condition or arbitrary code execution in the Comos plant engineering software.

Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
Date: 2023-02-15
Author: Bleeping Computer

[Refer AUSCERT Security Bulletin ESB-2023.0865, ESB-2023.0866 and ESB-2023.0867]
Citrix Systems has released security updates for vulnerabilities in its Virtual Apps and Desktops, and Workspace Apps products.
The addressed security problems are categorized as high-severity and could enable attackers with local access to the target to elevate their privileges and take control of the affected system.
Citrix products are widely used by organizations worldwide, so it’s critical to apply the available security updates to prevent intruders from having an easy way to escalate their privileges on breached systems.

ESB-2023.0871 – Intel Atom and Xeon Processors: CVSS (Max): 7.5

Intel has released firmware updates to mitigate high-severity escalation of privilege issue (CVE-2022-21216) impacting Atom and Xeon processors.

ESB-2023.0879 – macOS Ventura: CVSS (Max): None

Apple has released updates for macOS which include a WebKit patch for a new zero-day vulnerability tracked as CVE-2023-23529.

ESB-2022.0969 – Siemens COMOS: CVSS (Max): 10.0

Siemens has released updates for the critical vulnerability in the Comos plant engineering software. This could allow a malicious cyber actor to execute arbitrary code on the target system or cause a denial-of-service condition.

ASB-2023.0048 – ALERT Microsoft Windows: CVSS (Max): 9.8

Microsoft has released security patch updates for Windows which resolve 36 vulnerabilities.

ESB-2023.0954.2 – Atlassian Products: CVSS (Max): 10.0

Atlassian has released an advisory which addresses critical security vulnerabilities in Git that affect multiple Atlassian products. Atlassian has rated the severity level of these vulnerabilities as critical.

Stay safe, stay patched and have a good weekend!

The AUSCERT team