13 Jan 2023

Week in review

Greetings,

The sheer magnitude of computational power available to the average human is truly amazing. A completely fake but realistic human can be rendered in a few seconds (or, if you prefer cats over humans, there’s an equivalent site for you), many vehicles can now accelerate, brake, steer and avoid accidents by themselves with varying degrees of success, and a chatbot can potentially pass a medical exam license.

This has led to questions about how artificial intelligence may affect creativity, introduce biases and inaccuracies, create or remove jobs, or lead to new skills, and even caused universities to rethink pen and paper to prevent students cheating when writing essays. Focusing in on “create or remove jobs” for a moment, perhaps in the not-too-distant future there’ll be a real need to defend against malware created by AI. Although endpoint detection and response theoretically has moved away from pattern matching to identify threats, could AI continuously rewrite code with sufficient changes to create new threats every second? It can already write phishing emails without typos.

All of this is very much back to the future for many of us, having seen the fictional Skynet (Terminator series) and VIKI (I, Robot) rise against humans. How will we defend against threats like this now and into the future? Will Asimov’s Laws actually work? It’s time to submit your presentation ideas to the AUSCERT2023 Cyber Security Conference and share your ideas! We welcome all types of presentations, especially those from first-time presenters. And for your submission you only need to provide a rough outline of the idea, not the entire presentation. The January 27 deadline is looming – get writing!


Twitter: Millions of users’ email addresses ‘stolen’ in data hack
Date: 2023-01-05
Author: BBC News

Data alleged to contain the email addresses of more than 200 million Twitter users is being given away for free on a hacker forum, reports say.
The stolen information includes email addresses used to set up accounts, which will worry anonymous users who registered with a sensitive address.
The BBC has not verified the data, and breaches often turn out to contain duplicate, old or fake information.
Twitter has not responded to requests for comment about the breach.

Slack Discloses Breach of Its Github Code Repository
Date: 2023-01-07
Author: WIRED

Ever since Elon Musk spent $44 billion on Twitter and laid off a large percentage of the company’s staff, there have been concerns about data breaches. Now it seems a security incident that predates Musk’s takeover is causing headaches. This week, it emerged that hackers released a trove of 200 million email addresses and their links to Twitter handles, which were likely gathered between June 2021 and January 2022. The sale of the data may put anonymous Twitter accounts at risk and heap further regulatory scrutiny on the company.

Microsoft fixes Windows 11 bug behind 0x800700b7 provisioning errors
Date: 2023-01-09
Author: Bleeping Computer

Microsoft has addressed a known issue breaking provisioning on Windows 11 22H2 systems and leaving enterprise endpoints partially configured and failing to finish installing.

Australian universities to return to ‘pen and paper’ exams after students caught using AI to write essays
Date: 2023-01-10
Author: The Guardian

Australian universities have been forced to change the way they run exams and other assessments amid fears students are using emerging artificial intelligence software to write essays.
Major institutions have added new rules which state that the use of AI is cheating, with some students already caught using the software. But one AI expert has warned universities are in an “arms race” they can never win.

Trojan Puzzle attack trains AI assistants into suggesting malicious code
Date: 2023-01-10
Author: Bleeping Computer

Researchers at the universities of California, Virginia, and Microsoft have devised a new poisoning attack that could trick AI-based coding assistants into suggesting dangerous code.
Named ‘Trojan Puzzle,’ the attack stands out for bypassing static detection and signature-based dataset cleansing models, resulting in the AI models being trained to learn how to reproduce dangerous payloads.

Royal Mail halts international services after cyberattack
Date: 2023-01-11
Author: Bleeping Computer

The Royal Mail, UK’s leading mail delivery service, has stopped its international shipping services due to “severe service disruption” caused by what it described as a “cyber incident.”
While delivery and collection services across the UK have been unaffected by the incident, the company advised customers to hold export times while the issues are resolved, as they cannot be dispatched to overseas destinations.
“Incident was detected yesterday, UK/ domestic mail remains unaffected,” a Royal Mail spokesperson told BleepingComputer when we reached out for more details earlier today.


ASB-2023.0006 – Microsoft Office, Microsoft Office Services and Web Apps: CVSS (Max): 8.8

Microsoft’s security patch update for January resolves 9 vulnerabilities across Microsoft Office, Microsoft Office Services and Web Apps.

ASB-2023.0001 – ALERT Windows: CVSS (Max): 8.8

Microsoft released a patch update to resolves 66 vulnerabilities in Windows and Windows server.

ESB-2023.0179 – Cisco IP Phone 7800 and 8800 Series: CVSS (Max): 8.6

Cisco has released software updates that address a vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series Phones.

ESB-2023.0150 – linux kernel: CVSS (Max): 9.8

Ubuntu reports several security issues in the Linux kernel and advises their clients to apply the most recent patches.

ESB-2023.0138 – Adobe Acrobat and Reader: CVSS (Max): 7.8

Adobe’s most recent security updates for Adobe Acrobat and Reader for Windows and macOS fix critical and important vulnerabilities.


Stay safe, stay patched and have a good weekend!

The AUSCERT team