Cyber snippets
The summaries below are a snapshot of the cybersecurity news, updates, risks and threat actor activities to improve the awareness for the sector.

If you have a vulnerability, information, article, good practice or item of value, please feel free to share. Any feedback, suggestions or additions please email Greg Sawyer, CAUDIT Director Cybersecurity Program.

Email: greg.sawyer@caudit.edu.au

Sections

  1. Older cyber snippets

Latest cyber snippets

Date
Category
Summary
Notes
Link/ source
22 October 2021
Phishing/ Malware/ Ransomware
Gigabyte Allegedly Hit by AvosLocker Ransomware.

22 October 2021
System and cloud (including patches)
VPN Exposes Data for 1M Users, Leading to Researcher Questioning.

22 October 2021
Phishing/ Malware/ Ransomware
JavaScript Packing Found in More Than 25% of Malicious Sites.

22 October 2021
Cyber good practice, articles, guides and updates
(ISC)² hopes diversity drive will hasten glacial progress on plugging infosec workforce gap.

22 October 2021
Cyber good practice, articles, guides and updates
Security pre-advisories: A simple way to improve the patch management process.

22 October 2021
Legislation/ standards
Security Legislation Amendment (Critical Infrastructure) Bill 2020
The first part of the amended bill (split in two following PCJIS recommendations) was passed in the lower house this week. The bill will now likely be debated and passed in the Senate when it next sits in November. The bill has key three areas that will impact the sector:
  • Mandatory reporting cyber security incident. 
  • Register of critical assets. 
  • Step in powers (Government assistance). 

22 October 2021
Cyber good practice, articles, guides and updates
Female Cybersecurity Leaders: Who Wants Them? (No surprises, we all do)

22 October 2021
Cyber good practice, articles, guides and updates
Cloudflare's APAC Zero Trust study has revealed that over 86 per cent of Australian IT and cyber security decision-makers and influencers have invested in bolstering security measures amid a rise in cyber security attacks.

22 October 2021
Phishing/ Malware/ Ransomware
Compromising a business supply chain is a key goal for cyber attackers, because by gaining access to a company that provides software or services to many other companies, it's possible to find a potential way into thousands of targets at once.

22 October 2021
Phishing/ Malware/ Ransomware
Tech support scams work because they try to trick people into believing there's a serious security crisis with their computers.

21 October 2021
System and cloud (including patches)
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.

21 October 2021
System and cloud (including patches)
The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and in cloud services such as Twilio Electric Imp.

21 October 2021
Phishing/ Malware/ Ransomware
A warning has been issued regarding a new Yanluowang ransomware variant being actively used in targeted attacks.

21 October 2021
Phishing/ Malware/ Ransomware
New details have been revealed about the Lyceum group (aka Hexane), which was first spotted in 2019. Researchers have identified a new set of activities that indicate that the group targeted two entities in Tunisia, while also updating its arsenal.

21 October 2021
System and cloud (including patches)
Oracle announced the release of its latest quarterly Critical Patch Update (CPU), which includes a total of 419 security patches for vulnerabilities across the company’s portfolio.

21 October 2021
Cyber good practice, articles, guides and updates
Microsoft has teamed up with Intel and Goldman Sachs to push for hardware security improvements that could help to mitigate supply chain risks.

21 October 2021
System and cloud (including patches)
Exploit broker Zerodium announced its intention today to buy zero-day vulnerabilities in the Windows clients of three major VPN providers—ExpressVPN, NordVPN, and Surfshark.

21 October 2021
System and cloud (including patches)
Red Hat Security Advisory 2021-3900-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include a spoofing vulnerability.

21 October 2021
System and cloud (including patches)
The numbers don’t look great for Windows 11 as no less than 14 security vulnerabilities have been confirmed by Microsoft just seven days after the official launch of the latest Windows operating system.

21 October 2021
System and cloud (including patches)
The operators of the Magnitude exploit kit have added support for an attack chain targeting the Chrome web browser, a rare sighting since the very few exploit kits that are still active today have only targeted Internet Explorer over the past few years.

21 October 2021
System and cloud (including patches)
Microsoft has asked system administrators to patch PowerShell 7 against two vulnerabilities allowing attackers to bypass Windows Defender Application Control (WDAC) enforcements and gain access to plain text credentials.

21 October 2021
System and cloud (including patches)
A 26-year-old allegedly hacked into an app used by a flight school to manage airplanes in an attempt to get back at her former employer.

21 October 2021
System and cloud (including patches)
Exploit broker Zerodium said that it is looking to acquire zero-day exploits for vulnerabilities in three popular virtual private network (VPN) service providers on the market.

20 October 2021
Phishing/ Malware/ Ransomware
This joint Cybersecurity Advisory was developed by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) to provide information on BlackMatter ransomware. Since July 2021, BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture Sector organizations.

20 October 2021
Cyber good practice, articles, guides and updates
Momentum cybers latest cyber scape showing the intersection of cyber and solutions.