2 Aug 2024
Week in review
Greetings,
With the Olympic Games in full swing, many of us are thrilled to cheer on our country in every sport, celebrating the incredible athletic talents of all participants. Each event showcases the dedication, skill, and fairness of athletes from around the world, inspiring us with their remarkable performances and unwavering determination. It is a privilege to witness this global celebration of excellence and unity through sport.
Security2Cure is back, bigger and better than ever! This year, the event will be held in Brisbane on August 9th and in Sydney on August 23rd. The event will bring more stories of survival, grief, resilience, and love from within our amazing cyber industry, and we welcome everyone to be part of this inspiring experience.
Now in its fourth year, Security2Cure raises money for cancer research, support, and prevention. The day's schedule in both cities includes a range of engaging talks on various aspects of cyber security, covering both technical and non-technical topics.
Places are limited! Don’t miss the opportunity to hear from industry peers, leaders, and enthusiasts as they share insights from the cyber front lines and embrace the humility and vulnerability surrounding a disease that affects us all. Support a worthy cause and be inspired by the stories of strength and determination from within our community. If you can’t attend you can still donate to this great cause, just head to the website!
Apple Rolls Out Security Updates for iOS, macOS
Date: 2024-07-30
Author: Security Week
[Please also see AUSCERT bulletins: https://portal.auscert.org.au/bulletins/ESB-2024.4910/, https://portal.auscert.org.au/bulletins/ESB-2024.4911/, https://portal.auscert.org.au/bulletins/ESB-2024.4912/, https://portal.auscert.org.au/bulletins/ESB-2024.4913/, https://portal.auscert.org.au/bulletins/ESB-2024.4914/, https://portal.auscert.org.au/bulletins/ESB-2024.4915/, https://portal.auscert.org.au/bulletins/ESB-2024.4916/, https://portal.auscert.org.au/bulletins/ESB-2024.4917/, https://portal.auscert.org.au/bulletins/ESB-2024.4918/]
iOS 17.6 and iPadOS 17.6 were released for the latest generation iPhone and iPad devices with fixes for 35 security defects that could lead to authentication and policy bypasses, unexpected application termination or system shutdown, information disclosure, denial-of-service (DoS), and memory leaks.
Microsoft confirms Azure, 365 outage linked to DDoS attack
Date: 2024-07-31
Author: Cyber Security Dive
Dive Brief:
Microsoft said a DDoS attack led to an eight hour outage Tuesday involving its Azure portal, as well as some Microsoft 365 and Microsoft Purview services.
Microsoft said an unexpected spike in usage led to intermittent errors, spikes and timeouts in Azure Front Door and Azure Content Delivery Network. An initial investigation showed an error in the company’s security response may have compounded the impact of the outage.
Microsoft said it will have a preliminary review of the incident in 72 hours and a final review within two weeks, to see what went wrong and how to better respond.
Google Releases Critical Security Update for Chrome
Date: 2024-07-31
Author: Cyber Security News
[Please see AUSCERT bulletin: https://portal.auscert.org.au/bulletins/ESB-2024.4872/]
Google has rolled out a critical security update for its Chrome browser, addressing a severe flaw that could lead to browser crashes. The update, now available on the Stable channel, brings Chrome to version 127.0.6533.88/89 for Windows and Mac and 127.0.6533.88 for Linux. This update will be distributed over the coming days and weeks.
The latest update includes three significant security fixes, two of which were reported by an external researcher known as “gelatin dessert.” The details of these fixes are as follows:
Cyber ransom payments will need to be disclosed by businesses under new laws
Date: 2024-07-30
Author: ABC News
Australian businesses are paying untold amounts of ransom to hackers, but the government is hoping to claw back some visibility with a landmark cybersecurity law.
The Cyber Security Act would force Australian businesses and government entities to disclose payments or face fines, and is expected to be brought before parliament in the next sitting.
Dark Angels ransomware receives record-breaking $75 million ransom
Date: 2024-07-30
Author: Bleeping Computer
A Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz.
"In early 2024, ThreatLabz uncovered a victim who paid Dark Angels $75 million, higher than any publicly known amount— an achievement that's bound to attract the interest of other attackers looking to replicate such success by adopting their key tactics (which we describe below)," reads the 2024 Zscaler Ransomware Report.
Gov revamps cyber security leadership in ministerial shake-up
Date: 2024-07-28
Author: iTnews
The federal government has named Tony Burke as its new minister for cyber security as well as Home Affairs, with incumbent Clare O’Neil moved to the housing portfolio.
Albanese also announced a new advisory role for MP Andrew Charlton, as “special envoy for cyber security and digital resilience”.
ESB-2024.4872 – Google Chrome: CVSS (Max): None
Google has released an urgent security update for its popular Chrome browser to address three vulnerabilities, including one classified as "critical." These vulnerabilities, identified as CVE-2024-6990, CVE-2024-7255, and CVE-2024-7256, could potentially enable attackers to exploit flaws in the browser, putting user security at risk.
ESB-2024.4948 – Apache Commons Collections: CVSS (Max): 9.8
Apache Commons Collections could be made to execute arbitrary code if it received specially crafted input. The problem can be corrected by updating your system to libcommons-collections3-java – 3.2.1-6ubuntu0.1~esm1 available with Ubuntu Pro
ESB-2024.4912 – Apple iOS and iPad OS: CVSS (Max): 7.5*
Apple has released iOS and iPad OS patches to address vulnerabilities such as a maliciously crafted file potentially leading to unexpected app termination plus various bug fixes and enhancements.
ESB-2024.4973 – Vonets WiFi Bridges: CVSS (Max): 10.0
Vulnerabilities were identified that could allow an attacker to disclose sensitive information, cause a denial of service condition or execute arbitrary code on affected devices. Vonets has not responded to requests by CISA to mitigate this vulnerability. CISA recommended users take defensive measures to minimize the risk of exploitation of these vulnerabilities.
ESB-2024.4960 – IBM QRadar SIEM: CVSS (Max): 9.8
IBM QRadar SIEM includes vulnerable components (e.g., framework libraries) that could be identified and exploited with automated tools. These have been addressed in the update.
Stay safe, stay patched and have a good weekend!
The AUSCERT team
