30 Jun 2017

Week in review

AUSCERT Week in Review for 30th June 2017

Hope you all have had a chance to investigate the new website. Please email us at auscert@auscert.org.au or call 07 3365 4417 with any questions or concerns about the new website.

As Friday 30th June comes to a close, there have been numerous security related news items this week. Here’s a summary (including excerpts) of some of the more interesting stories we’ve seen this week:

Title: The Petya ransomware is starting to look like a cyberattack in disguise
Date Published: 28/06/2017
URL: https://www.theverge.com/2017/6/28/15888632/petya-goldeneye-ransomware-cyberattack-ukraine-russia
Author: Russell Brandom
Excerpt: “The haze of yesterdays massive ransomware attack is clearing, and Ukraine has already emerged as the epicenter of the damage. Kaspersky Labs reports that as many as 60 percent of the systems infected by the Petya ransomware were located within Ukraine, far more than anywhere else. The hacks reach touched some of the countrys most crucial infrastructure including its central bank, airport, metro transport, and even the Chernobyl power plant, which was forced to move radiation-sensing systems to manual.”

—–

Title: Google Slapped With Record $3.6 Billion Fine In Europe For Manipulating Shopping Results

Date Published: 28/06/2017
URL:  https://www.gizmodo.com.au/2017/06/google-slapped-with-record-3-6-billion-fine-in-europe-for-manipulating-shopping-results/
Author: Matt Novak
Excerpt: “Yesterday, government regulators in Europe hit Google with a record 2.42 billion fine, roughly the equivalent of $3.5 billion. The search engine company was found to be manipulating search results to favour its own shopping service, a violation of antitrust laws. And if it doesn’t fix the problem within 90 days it faces an additional 12.5 million ($18.7 million) fine per day.”

—–

Title: Defence launches ‘Information Warfare Division’
Date Published: 30/06/2017
URL: https://www.computerworld.com.au/article/621324/defence-launches-information-warfare-division/
Author: George Nott
Excerpt: “The Australian Defence Force is launching a new Information Warfare Division responsible for electronic warfare, the government announced today.”

—–

Title: Turnbull government continues push against online encryption ahead of Five Eyes meeting
Date Published: 26/06/2017
URL: http://www.news.com.au/technology/online/security/turnbull-government-continues-push-against-online-encryption-ahead-of-five-eyes-meeting/news-story/cae2303d24bcfe90cf3d490083c208e9
Author: Nick Whigham and AAP
Excerpt: “AUSTRALIA will be leading the discussion on an encrypted technology crack down when ministers meet with Five
Eyes nations to talk terror prevention. Leaders from Australia, the United States, United Kingdom, Canada and New Zealand, will meet in the Canadian city of Ottawa where they will discuss tactics to combat terrorism and the spread of extremism.”

—–

Title: Qld ex-cop charged with 44 counts of database snooping
Date Published: 28/06/2017
URL: https://www.itnews.com.au/news/qld-ex-cop-charged-with-44-counts-of-database-snooping-466817
Author: Allie Coyne
Excerpt: “The Queensland Crime and Corruption Commission has charged a former police officer with accessing information in the force’s
core crimes database 44 times over six years without authorisation.”

Here are this week’s noteworthy security bulletins:

1) ESB-2017.1639 – [Ubuntu] Kernel: Multiple vulnerabilities
https://portal.auscert.org.au/bulletins/49422

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. That is a lot of regressions ๐Ÿ™

2) ESB-2017.1643 – [Win] OpenSource Apache Struts: Multiple vulnerabilities
https://portal.auscert.org.au/bulletins/49438

Struts is in all sorts of products.

3) ESB-2017.1644 – [Appliance] Cisco IOS and IOS XE Software: Multiple vulnerabilities

https://portal.auscert.org.au/bulletins/49442

Root compromise that is significant.

4) ESB-2017.1602 – [Win][Linux][AIX] IBM Java SDK: Multiple vulnerabilities

https://portal.auscert.org.au/bulletins/49270

Oh no not Java vulnerabilities

—-

Stay safe, stay patched and have a good weekend!

Peter