25 Oct 2019

Week in review

AUSCERT Week in Review for 25th October 2019

Greetings,

This week we saw both Google and Mozilla release updates to patch multiple vulnerabilities in the Chrome and Firefox browsers, part of the on-going battle to ensure we are a little safer whilst we battle the web.

Additionally, with consumer protection in mind, Apple pulled eighteen malicious apps from the iOS store, whilst on Google Play Store, forty two adware Android apps were removed.  However, despite measures taken by vendors to protect us from the ‘evilz’, we must still remember that have to take responsibility for our own actions and choices.  Be vigilant with your app choice and always perform due diligence.

Every day we are more invested in staying connected to both people and systems, and Naked Security informed audiences in an article this week that people still think of phishing as being solely an email borne scam. However, the article correctly reminded readers that the technique is applied by scammers to communications streams available on our electronic devices, including social message, instant messaging and SMS text messages.

Please feel free to dive into the associated articles:
——————————————————————————–

iBye, bad guy: Apple yanks 18 iOS store apps that sheltered advert-mashing malware
Date: October 24
Author: The Register

42 Adware Apps with 8 Million Downloads Traced Back to Vietnamese Student
Date: October 24
Author: The Hacker News

Phishy text message tries to steal your cellphone account
Date: October 18
Author: Naked Security

——————————————————————————–

Here are four of this week’s interesting security bulletins:

ASB-2019.0308
Google Chrome was patched to resolve multiple vulnerabilities which when unpatched offered an interesting selection of impact/access factors.

ESB-2019.3941
Mozilla also patched multiple vulnerabilities in Firefox, resolving a bunch of ‘Remote with User Interaction’ associated impacts.

ESB-2019.3947
Red Hat plugged a nifty vulnerability related to little old sudo which researchers found would lead to root compromise when exploited.

ESB-2019.3958
VMware issued update to resolve a vulnerability associated with its vCenter Server Appliance, addressing a sensitive information disclosure vulnerability (remote unauthenticated) in backup and restore.

——————————————————————————–

As always, stay safe, stay patched, and make it a good weekend!

Best regards,
Colin and Patch the AUSCERT cat