22 Sep 2023
Week in review
Greetings,
This week, two of our team members had the privilege to travel to the tropical island of Vanuatu for an annual cyber security conference. Organised and hosted by the Forum of Incident Response and Security Teams (FIRST), the annual conference centres around the global challenges faced worldwide. The conference features international speakers who delve into a wide array of topics, encompassing the most relevant developments in incident response and prevention, vulnerability analysis, security management and policy issues. This event is always highly anticipated by our team as it provides a valuable opportunity to reconnect with friends from other incident response teams across the globe.
Founded in 1990, FIRST was established with the primary objective of improving communication and relationships among cyber security teams worldwide. Its mission is to foster trust-building amongst its members and eliminate cultural and political borders and boundaries. It has grown into a global forum that fosters collaboration and cooperation across diverse regions and organisations, facilitating a deeper understanding and insight in cyber security. AUSCERT has maintained a strong relationship with FIRST, working together closely for an astonishing twenty-seven years and counting!
Moving on to other updates, AUSCERT has partnered with UQSchoolsNet to create a series of informative workshops for teachers. The “Engaging Minds” workshop is designed to educate teachers on navigating the complexities of the modern cyber world, empowering them to educate and inspire the minds of tomorrow. This workshop offers valuable hands-on learning experiences, enabling them to seamlessly integrate IT and computing into their curriculum. It will cover the following key areas:
- Foundations of AI and its implications
- Interactive sessions led by researchers in IT and computing-related fields
- Fundamentals of binary coding providing tangible tools for teaching
- Societal impact of technology
- Fundamentals of cybersecurity, including knowledge about different threats and methods to safeguard against them
- Insights and knowledge from industry experts in computer science and IT.
Each participant in this workshop will be awarded a Certificate of Participation and provided with essential teaching resources. Additionally, ongoing educational support will be available to ensure continued growth in IT education. The workshop also includes meals throughout the day and accommodation for participants traveling from interstate. The upcoming workshops are scheduled for December 12th and 13th. If you’re interested in participating or would like more information please don’t hesitate to reach out via email at – schoolsnet@uq.edu.au
Industry to gov: improve digital ID as part of cyber security strategy
Date: 2023-09-18
Author: iTnews
A clear industry consensus in favour of government-backed digital ID has emerged across submissions to the govermment's revised cyber security strategy consultation.
NAB explained its support for strong digital ID comes from a desire for a zero-knowledge proof of ID.
ANZ Banking Group agrees, saying such a regime would “help minimise the volume of identity documents collected and stored.”
How the ACSC can help during a cyber security incident
Date: 2023-09-11
Author: Cyber Gov Au
The Australian Signal’s Directorate’s Australian Cyber Security Centre’s (ACSC) incident management capabilities provide technical advice and assistance to support Australian organisations through a cyber security incident response.
In September, ASD’s ACSC introduced a new publication, How the ACSC can help during a cyber security incident.
Read the new publication and learn how ASD’s ACSC can support your organisation if you are impacted by a cyber security incident.
Microsoft Azure Data Leak Exposes Dangers of File-Sharing Links
Date: 2023-09-19
Author: Dark Reading
An overly permissive file-sharing link allowed public access to a massive 38TB storage bucket containing private Microsoft data, leaving a variety of development secrets — including passwords, Teams messages, and files from two employees' workstations — accessible to attackers.
Government to create six "cyber shields" to layer Australian protection
Date: 2023-09-18
Author: iTnews
The government will frame a revised cyber security strategy later this year around six “cyber shields” it plans to build as a multi-layered defence against attacks.
Home Affairs Minister Clare O’Neil unveiled the structure at an AFR Cyber Summit on Monday.
O’Neil described the shields as being built “around our nation” and as being elements of a “cohesive, planned national response that builds to a more protected Australia.”
How the FBI Fights Back Against Worldwide Cyberattacks
Date: 2023-09-19
Author: Security Intelligence
The FBI maintains a division called the Cyber Division (CyD), responsible for investigating and prosecuting cyber crimes. The organization focuses on threats not only to the government and citizens but also to American companies.
More than 1,000 CyD agents and analysts work in 56 US field offices and over 350 sub-offices. They also travel globally in Cyber Action Teams to help foreign nations with cyber crime and learn about threats to US interests. The FBI also works with the major three-letter U.S. agencies, including the CIA, DHS and the NSA.
ESB-2023.5338 – ALERT GitLab Community Edition (CE) and Enterprise Edition (EE): CVSS (Max): 9.6
A critical severity vulnerability has been addressed in GitLab Community Edition and Enterprise Edition
ESB-2023.5394 – Atlassian Products: CVSS (Max): 8.5*
Atlassian has released patches for vulnerabilities identified in multiple products
ESB-2023.5438 – Drupal Core: CVSS (Max): None
A cache poisoning vulnerability has been found in Drupal Core (Drupal 7 is not affected)
ESB-2023.5437 – Jenkins (core) and Jenkins Plugins: CVSS (Max): 8.0
Several vulnerabilities which impacts Jenkins Core and Plugins have been patched
ESB-2023.5457 – macOS Monterey 12.7: CVSS (Max): None
Apple has patched a privilege escalation vulnerability affecting macOS
Stay safe, stay patched and have a good weekend!
The AUSCERT team
