24 Nov 2023

Week in review

Greetings,

This week we released a new episode of our Share Today, Save Tomorrow podcast – episode 28: Cyber Artefacts. In this episode Anthony sits down with Mike Pritchard from Cydarm Technologies to discuss Mike’s passion for collecting hardware artefacts that provide insights into the history of cyber security. Mike showcases extraordinary artefacts dating back 60-70 years, offering a glimpse into the foundations of the computer industry.

In the final part of the episode, Anthony hands over to Bek Cheb, AUSCERT’s Business Manager, who has a chat with our Principal Analyst, Mark Carey-Smith, about AUSCERT2024 and the exceptional mentoring support available for speakers. If you’re interested in speaking at AUSCERT2024 but are unsure about what to present or struggling to choose a topic, we’re hosting a webinar to address any concerns and guide you through the process of formulating a concept for your presentation. If you’d like to attend, please register here

AUSCERT is thrilled to introduce a new service for our members – AusMISP. So, what is AusMISP, you might be asking? Well, AusMISP is a platform that facilitates the sharing of threat intelligence with members. The platform features a shared curated
feed of threat indicators that members can utilise to enhance their network security. This collaborative effort includes threat intelligence acquired from trusted communities and organisations, contributing to the enhancement of members' cyber security posture.

For our higher education members, we have an existing special sector specific platform AHECS ISAC, which includes AusMISP data and additional threat indicators relevant to this sector. Eager to learn more about AusMISP and exactly what it entails? Head to our website or message our membership team who can provide you with a Starter Guide and other resources to help your organisation implement it as part of your cyber security strategy!

To conclude if you’re looking for some captivating reading this weekend, then delve into the “Australia’s Strategic Vision in Cyber Security” written by Sasenka Abeysooriya, Program Director and Senior Strategic Advisor at UQ and AUSCERT Director and UQ CISO David Stockdale. The article summarises the visionary leadership, strategic layers of defence, and the broader implications of Australia’s 2023-2030 Cyber Security Strategy.


Securing Customer Personal Data for Small to Medium Businesses
Date: 2023-11-17
Author: ASD

The latest Annual Cyber Threat Report found that cybercrime reports have increased compared to data from the previous year, with one report now received every 6 minutes. During the 2022-23 financial year, the cost of cybercrime to businesses increased by 14%. Per cybercrime report, small businesses experienced an average financial loss of $46,000, while cybercrime cost medium businesses an average of $97,200.
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has launched a new publication on Securing Customer Personal Data for Small and Medium Businesses.

Gov commits $18.2m for SME cyber security boost
Date: 2023-11-21
Author: iTnews

The federal government has announced two initiatives aimed at boosting support to small and medium businesses (SMEs) to fortify their cyber security skills.
The government has promised $7.2 million to set up a voluntary cyber health-check program, enabling access to a free, self-assessments of cyber security maturity.
It’s also committed another $11 million towards the Small Business Cyber Resilience Service, which offers one-on-one assistance towards cyber challenges, and covers cyber attack recovery.

Malware dev says they can revive expired Google auth cookies
Date: 2023-11-21
Author: Bleeping Computer

The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
Session cookies are specific web cookies used to allow a browsing session to log in to a website's services automatically. As these cookies allow anyone possessing them to log in to the owner's account, they commonly have a limited lifespan for security reasons to prevent misuse if stolen.

Researchers want more detail on industrial control system alerts
Date: 2023-11-22
Author: CyberScoop

At the beginning of July, Rockwell Automation released a security advisory about a vulnerability in one of its products. Working with the U.S. government, the company said it had become aware that a state-backed hacking unit had developed the ability to run malicious code on the communication modules of an industrial controller.
The company wouldn’t identify who had this ability to attack its products and an accompanying advisory from the Cybersecurity and Infrastructure Security Agency said there were no known instances of the vulnerability being exploited in the wild.

Cybersecurity Investment Involves More Than Just Technology
Date: 2023-11-17
Author: Dark Reading

Organizations are looking for a "high value for money" when deciding how to allocate their cybersecurity budgets, and there is a "greater focus on getting value from existing resources," according to S-RM's "Cyber Security Insights Report 2023." The report, which reflects responses from 600 C-suite business leaders and senior IT professionals within large organizations, found that the top five investment areas were cybersecurity technologies (49%), threat intelligence (46%), risk assessment (42%), cyber insurance (42%), and third-party risk management (40%). Fewer organizations highlighted technology as good value for money in 2023 (49%) than in 2022 (58%).


ESB-2023.6886 – Tenable Security Center: CVSS (Max): 8.8

Tenable Security Center has been updated to address vulnerabilities affecting third-party components

ESB-2023.6945 – Atlassian Products: CVSS (Max): 8.5

Several high severity vulnerabilities have been patched in various Atlassian products

ESB-2023.6949 – Firefox: CVSS (Max): 7.5

Mozilla has updated Firefox to address multiple vulnerabilities

ESB-2023.6997 – Intel NUC Software Products: CVSS (Max): 8.8

Intel has addressed several vulnerabilities affecting NUC Software products in its quarterly update


Stay safe, stay patched and have a good weekend!

The AUSCERT team