18 Feb 2022

Week in review

Greetings,

February 13 – 19 is “Random acts of kindness Week”, an opportunity for everyone to do one small act of kindness each day! You can help make kindness the norm!

The foundation behind the initiative encourages and challenges everyone to try different activities from giving a gift card to being a kid again and letting someone know that they bring joy!

Although celebrations end this weekend, every day of the year is an opportunity to be kind. To help you, the Random Acts of Kindness Foundation has some great ideas to inspire you to make kindness the norm.

Someone that has made kindness part of their every day is Kath Koschel, our keynote speaker for AuSCERT2022. Kath’s amazing and inspiring story saw her choose to make kindness part of every day.

The flow-on effects resulted in The Kindness Factory, whose mission it is to make the world a kinder place.

The journey to where Kath is today was possible in large part, to her resilience. This aspect of who we are is discussed in our latest episode of “Share Today, Save Tomorrow”, AUSCERT’s podcast series.

You will also hear from Kylie Watson, a Technology Executive and Sociologist, who talks about her experience and perspective of working in the cyber industry that incorporates psychology, providing a unique perspective.

Lastly, AUSCERT recently finalised a range of training sessions that we will deliver in 2022,
designed for anyone that looks after their organisation’s cyber security.

You can view training dates and book directly online HERE.

This training is exclusive for AUSCERT Members only.


‘You can’t stop it’: in rural Australia, digital coercive control can be inescapable
Date: 2022-02-17
Author: The Conversation

[This article contains information about domestic and family violence that may be triggering.]
Domestic and family violence perpetrators commonly use technology such as phones and other devices as a weapon to control and entrap victims and survivors, alongside other forms of abuse. This “digital coercive control” is not bound to a particular location and can follow targets anywhere, any time they access devices or digital media.
For women outside urban Australia, technology-enabled abuse can pose more risk than for those in cities. In research funded by the Australian Institute of Criminology, we spoke to 13 such women who have been subjected to digital coercive control to understand what it is like.

Massive QR breach from NSW Government exposes 500,000 people
Date: 2022-02-15
Author: news.com.au

More than 500,000 addresses – including those of defence sites, domestic violence shelters and a missile maintenance unit – in a massive NSW Government QR code bungle.
The hundreds of thousands of locations were collected by the NSW Customer Services Department through its QR code registration system, having registered as wanting to comply with Covid-Safe directions.

Joint Aust-UK-US intelligence paper highlights ransomware threat
Date: 2022-02-14
Author: InnovationAus

A joint report coordinated by the cybersecurity authorities of the US, the UK, and Australia has warned of the increased global threat of ransomware attack and have advised organisations to take immediate precautions.
In the financial year 2020-21 the Australian Cyber Security Centre (ACSC) received more than 67,500 reports of cybercrime an increase of 13 per cent on the preceding year.
Released on February 9, the ACSC co-authored paper found that ransomware attackers increased their impact by targeting the cloud, managed service providers, industrial processes, the software supply chain, and by timing them on holidays and weekends.

Emotet Now Spreading Through Malicious Excel Files
Date: 2022-02-16
Author: Threatpost

An ongoing malicious email campaign that includes macro-laden files and multiple layers of obfuscation has been active since late December.
The infamous Emotet malware has switched tactics yet again, in an email campaign propagating through malicious Excel files, researchers have found.
Researchers at Palo Alto Networks Unit 42 have observed a new infection approach for the high-volume malware, which is known to modify and change its attack vectors to avoid detection so it can continue to do its nefarious work, they wrote in a report published online Tuesday.

TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands
Date: 2022-02-16
Author: Threatpost

The resurgent trojan has targeted 60 top companies to harvest credentials for a wide range of applications, with an eye to virulent follow-on attacks.
Cyberattackers are targeting 60 different high-profile companies with the TrickBot malware, researchers have warned, with many of those in the U.S. The goal is to attack those companies’ customers, according to Check Point Research (CPR), which are being cherry-picked for victimization.
According to a Wednesday CPR writeup, TrickBot is targeting well-known brands that include Amazon, American Express, JPMorgan Chase, Microsoft, Navy Federal Credit Union, PayPal, RBC, Yahoo and others.


ESB-2022.0621 – Adobe Commerce: CVSS (Max): 9.8

Adobe has released security updates for Adobe Commerce and Magento Open Source. This vulnerability is being exploited in the wild

ESB-2022.0642 – macOS Monterey 12.2.1: CVSS (Max): None

Apple has released updates to its webkit engine used by Safari to address a remote code execution vulnerability

ESB-2022.0653 – Google Chrome: CVSS (Max): None

Google has released stable update for Chrome to address multiple vulnerabilities. Google is also aware that the exploit for CVE-2022-0609 exists in the wild

ESB-2022.0693 – Drupal core: CVSS (Max): None

Drupal has fixed an improper input validation vulnerability affecting Drupal Core

ESB-2022.0695 – Jenkins Plugins: CVSS (Max): 8.8

Multiple command execution vulnerabilities in pipeline related plugins has been addressed by Jenkins


Stay safe, stay patched and have a good weekend!

The AUSCERT team