AUSCERT Week in Review for 1st November 2024

Greetings,

As spooky characters roam our streets and candy fills our homes, it’s a season for both thrills and caution. While we might be watching for costumed ghouls at our doorsteps, remember: the real threats this Halloween season could be lurking online. Cyber “monsters” are prowling the digital world, preying on unsuspecting people through deceptive emails, fraudulent links, and even holiday-themed phishing schemes. So as you decorate your homes with pumpkins, don’t forget to sharpen your cyber defences, too. Staying mindful of both physical and digital spaces will help keep this season fun and safe.

This week, the International Cybersecurity Championship & Conference (IC3) took place in Santiago, Chile. Representing team Oceania, UQ Cyber earned an impressive third-place finish in the competition! Often called the ‘World Cup of Cybersecurity”, IC3 is organised by the European Union Agency for Cybersecurity (ENISA) in partnership with UQ and other major cyber security organisation IC3 unites the brightest university students in the field of cybersecurity from Oceania, the USA, Europe, Asia, Africa, Latin America, and Canada.

This year’s IC3 event showcased skill and resilience through intense challenges in cryptography, reverse engineering, and attack/defence simulations. By bringing young cyber defenders together, IC3 aims to cultivate global cooperation and foster skills that will define the future of cyber security. Team Oceania’s strong performance stands as a testament to the region’s commitment to cyber excellence and growing expertise in the field. Well done!

A reminder that AUSCERT2025 has opened its Call for Tutorials, with submissions due by 11 November. If you have innovative topic ideas, this is your chance to contribute to a prestigious event! The Call for Presentations will open shortly after on 19 November.

For those interested in sponsorship opportunities, a webinar is scheduled for next week. Click here to register and join the session to learn more and get your questions answered. If you haven't done so yet, be sure to download the Sponsorship Prospectus for valuable insights that may address your queries. Remember, sponsorship opportunities—including branding, booth positions, and speaking slots—are allocated on a "first come, first served" basis, so act quickly to secure your preferred options!

ASIC urges cyber security to be ‘top of mind’
Date: 2024-10-25
Author: Money Management

ASIC chair Joe Longo has told AFSLs that cyber protection should be “top of mind” for them as they manage their businesses, and flagged the weaknesses demonstrated by RI Advice.
Appearing before the standing committee on economics to discuss ASIC’s FY24 annual report on 25 October, Longo said the regulator had received 600 responses to its Cyber Pulse Survey, including 120 financial advisers.

QNAP patches second zero-day exploited at Pwn2Own to get root
Date: 2024-10-30
Author: Bleeping Computer

QNAP has released security patches for a second zero-day bug exploited by security researchers during last week's Pwn2Own hacking contest.
This critical SQL injection (SQLi) vulnerability, tracked as CVE-2024-50387, was found in QNAP's SMB Service and is now fixed in versions 4.15.002 or later and h4.15.002 and later.

Cybersecurity Training Resources Often Limited to Developers
Date: 2024-10-31
Author: Dark Reading

New studies show that cybersecurity executives often fail to prioritize software security training for the entirety of a company, instead only deeming it necessary for a select few — and not always for the right reasons.
Nearly half of cybersecurity leaders who provide these kind of training tools don't consider awareness efforts to be essential within their organizations, according to a study conducted by CMD+CTRL Security and Wakefield Research. In addition to this, half of the leaders who do provide security training do so to build a "security culture," but only 41% say they provide training because of the increased risk from third parties and supply chains.

What are the top cyber security threats for businesses?
Date: 2024-10-28
Author: In Daily

New technology has given organisations greater data analytics, communication, and operational efficiency capabilities.
However, it has also made threat actors, ranging from nation-state actors to cyber criminals, more sophisticated. As our world becomes more digitally interconnected, we see the integration of artificial intelligence with cyber attacks enhancing the severity of these attacks.

Most Australians have experienced a cyber attack
Date: 2024-10-29
Author: Cyber Daily

Almost two-thirds (63 per cent) of Australians experienced a cyber attack or data breach during the last 12 months, according to a new report released by National Australia Bank (NAB).
Released as part of Cyber Security Awareness Month, the major bank’s latest Consumer Cyber Security Survey draws results from interviews with 1,038 Australians conducted between August and September 2024.

ESB-2024.7018 – Apple Safari: CVSS (Max): 8.8*

An attacker may be able to misuse a trust relationship to
download malicious content

ESB-2024.7004 – Siemens InterMesh Subscriber Devices: CVSS (Max): 10.0

Successful exploitation of these vulnerabilities could allow an attacker to perform remote code execution, execute commands, write arbitrary files, or execute arbitrary commands.

ESB-2024.6963 – activemq: CVSS (Max): 10.0

Implementation of the OpenWire protocol in Apache ActiveMQ was susceptible to the execution of arbitrary code.

ESB-2024.6958 – Cisco Secure Firewall Management Center Software: CVSS (Max): 9.9

This vulnerability is due to insufficient input validation of certain HTTP requests. An attacker could exploit this vulnerability by authenticating to the web-based management interface of an affected device and then sending a crafted HTTP request to the device.

Stay safe, stay patched and have a good weekend!

The AUSCERT team