7 Jan 2022

Week in review

Greetings,

Happy New Year! The first week of 2022 saw a few people in the AUSCERT office return to work following a short break over the Christmas and New Year period โ€“ one down, 51 more to go!

A reminder to those that may have a great story to tell, or know someone else that does, the Call for Presentations for the AUSCERT2022 Conference is NOW OPEN. The Conference will be held as a hybrid event from Tuesday, 10th May – Friday, 13th May 2022 at The Star Gold Coast, Broadbeach and online via the OnAIR Virtual Conferencing Platform.

You must submit by Monday, 10 January to receive feedback from our committee for further improvements before the final deadline of 30 January.

Submit to our AUSCERT2022. Call for Presentations and Tutorials, due in January 2022.

An interesting article featured on the info security website from earlier in the week predicts some of the trends for the Cyber Security sector in 2022. Specifically, it looks at Resilience, Secure by Design, Skills and Technology and offers some food for thought regarding our ever-evolving digital landscape.


Google Chrome update includes 37 security fixes
Date: 2022-01-06
Author: ZDNet

[See AUSCERT Bulletin ASB-2022.0049, published January 06.]
Google rolled out an update for Chrome this week on Windows, Mac and Linux that included 37 security fixes, one of which was rated critical.
Google Chrome’s Prudhvikumar Bommana thanked dozens of security researchers for helping them find bugs, many of which were given a high severity rating.
Chrome 97.0.4692.71 includes fixes for CVE-2022-0096 — a critical use-after-free (UAF) vulnerability — as well as other UAFs like CVE-2022-0098, CVE-2022-0099, CVE-2022-0103, CVE-2022-0105 and CVE-2022-0106. There are also three heap buffer overflow issues rated high severity.

Detecting Evasive Malware on IoT Devices Using Electromagetic Emanations
Date: 2022-01-03
Author: The Hacker News

Cybersecurity researchers have proposed a novel approach that leverages electromagnetic field emanations from the Internet of Things (IoT) devices as a side-channel to glean precise knowledge about the different kinds of malware targeting the embedded systems, even in scenarios where obfuscation techniques have been applied to hinder analysis.
With the rapid adoption of IoT appliances presenting an attractive attack surface for threat actors, in part due to them being equipped with higher processing power and capable of running fully functional operating systems, the latest research aims to improve malware analysis to mitigate potential security risks.

FTC threatens legal action over unpatched Log4j systems
Date: 2022-01-05
Author: The Register

The US Federal Trade Commission on Tuesday warned companies that vulnerable Log4j software needs to be patched โ€ฆ or else. […]
The FTC is advising companies to consult the US Cybersecurity and Infrastructure Security Agency’s (CISA) guidance on dealing with the Log4j flaws. If companies fail to fix their code and lose customer data, the FTC says it may just see what a judge thinks about that.

The biggest data breaches, hacks of 2021
Date: 2022-01-01
Author: ZDNet

In 2021, thousands of new cybersecurity incidents have been recorded — and while cryptocurrency theft and data loss are now commonplace, this year stands out due to several high-profile incidents involving ransomware, supply chain attacks, and the exploitation of critical vulnerabilities.
The Identity Theft Research Center (ITRC) has reported an increase of 17% in the number of recorded data breaches during 2021 in comparison to 2020. However, an entrenched lack of transparency around the disclosure of security incidents continues to persist — and so this may be a low ball estimation.

Don’t copy-paste commands from webpages โ€” you can get hacked
Date: 2022-01-03
Author: Bleeping Computer

Programmers, sysadmins, security researchers, and tech hobbyists copying-pasting commands from web pages into a console or terminal are warned they risk having their system compromised.
A technologist demonstrates a simple trick that’ll make you think twice before copying and pasting text from web pages.


ASB-2021.0244.6 – UPDATED ALERT log4j: Multiple vulnerabilities

Apache has released updates for log4j2 to address CVE-2021-44832 fixing another remote code execution vulnerability

ESB-2022.0028 – wireshark: Multiple vulnerabilities

Several vulnerabilities leading to a remote code execution or denial of service have been fixed in Wireshark

ESB-2022.0042 – VMWare products: Execute arbitrary code/commands – Existing account

VMWare has addressed a heap-overflow vulnerability affecting multiple products

ESB-2022.0049 – Google Chrome: Multiple vulnerabilities

Google has now released Chrome 97 which also addresses multiple security vulnerabilities including a critical vulnerability: CVE-2022-0096 which leads to a remote code execution

ESB-2022.0059 – Tenable.sc: Multiple vulnerabilities

Tenable has released Tenable.sc 5.20.0 to address multiple vulnerabilities including a critical vulnerability related to Apache HTTP server


Stay safe, stay patched and have a good weekend!

The AUSCERT team