4 Jan 2019

Week in review

AUSCERT Week in Review for 4th January 2019

AUSCERT Week in Review
4th January 2019

Greetings,

Welcome back to work, and the start of a new year in infosec! We hope you had a relaxing break away from the office, and enough time to enjoy the “life” in your work/life balance.

It’s been a quiet week in the news, but don’t let your guard down.
Here’s a summary (including excerpts) of some of the more interesting
stories we’ve seen this week:

Title: Microsoft opens more security features to O365 E3 users
Date: 3 January
URL: https://www.itnews.com.au/news/microsoft-opens-more-security-features-to-o365-e3-users-517461
Author: Staff Writer

“Microsoft is set to make available extra security and compliance services to users of its lowest enterprise tier for Office 365. The company said in a blog post that it would make available the two new offerings on February 1 this year.

The first package of services, called ‘Identity & Threat Protection’, “brings together security value across Office 365, Windows 10, and EMS ‘enterprise mobility and security’ in a single offering” for US$12 a user a month.

A second package of services, called ‘Information Protection & Compliance’, “combines Office 365 Advance Compliance and Azure Information Protection”, Microsoft said.”

——

Title: Adobe Acrobat and Reader Security Updates Released for Critical Bugs
Date: 3 January
URL: https://www.bleepingcomputer.com/news/security/adobe-acrobat-and-reader-security-updates-released-for-critical-bugs/
Author: Lawrence Abrams

“Today, Adobe released security bulletin APSB19-02 that describes two security updates for critical vulnerabilities in Adobe Acrobat and Reader. In these updates only two vulnerabilities were fixed, but they are classified as Critical because they allow privilege escalation and arbitrary code execution.”

——

Title: Data breach sees Victorian Government employees’ details stolen
Date: 1 January
URL: https://www.abc.net.au/news/2019-01-01/victorian-government-employee-directory-data-breach/10676932
Author: ABC News

“The work details of 30,000 Victorian public servants have been stolen in a data breach, after part of the Victorian Government directory was downloaded by an unknown party.

The list is available to government employees and contains work emails, job titles and work phone numbers.

Employees affected by the breach were told in an email their mobile phone numbers may have also been accessed if they had been entered into the directory.

The Premier’s Department said it had referred the breach to police, the Australian Cyber Security Centre and the Office of the Victorian Information Commissioner for investigation.”

——

Here are this week’s noteworthy security bulletins:

1) ESB-2019.0056 – [Win][Mac] Adobe products: Multiple vulnerabilities

Opening a malicious PDF document could lead to code execution and privilege
escalation.

2) ESB-2019.0005 – [UNIX/Linux][Debian] sqlite3: Execute arbitrary code/commands – Existing account

An attacker with the ability to run custom SQL queries could achieve
arbitrary code execution in sqlite3.

3) ESB-2019.0041 – [Debian] tzdata: Reduced security – Unknown/unspecified

A new year brings with it new timezone rules, and the possibility of
date-time errors.

——

Stay safe, stay patched, and make this year the best ever for your
organisation’s security!

Anthony