26 May 2023

Week in review

Greetings,

Today, we respectfully recognise and remember the unjust treatment endured by Aboriginal and Torres Strait Islander individuals and communities who have been forcibly separated from their families and culture. National Sorry Day is an opportunity for us to come together as a nation to commemorate the strength and resilience of the Stolen Generation survivors and reflect on how we can all contribute to the healing process. With National Reconciliation Week just around the corner, there are plenty of opportunities to learn about our shared histories, cultures and achievements and to explore how each of us can contribute to achieving reconciliation in Australia.

Registrations are now open for AUSCERT’s upcoming training courses, designed to enhance your skills and empower your mind! Our courses are facilitated by trainers who possess extensive industry experience and pride themselves on creating engaging, interactive and high quality learning experiences. In two half-day, online sessions they will guide you through the principles and practices whilst also drawing from their own valuable career insights to enrich your learning experience. Our first upcoming course, Cyber Security Risk Management, is designed to provide participants with the ability to perform risk assessments including how to rate, assess and report business risks rather than technical vulnerabilities. We have a wide range of courses to choose from, for more information visit AUSCERT Education.

In other news, Telstra has launched a new scam reporting service allowing customers to forward suspicious SMS and MMS messages to a national phone number (7226) to help identify and block scam messages. With scams on a rapid rise in Australia the best defence is to stay informed and question every unexpected communication regardless of the sender. Although, it is becoming increasing difficult to detect a fraudulent message as scammers are appearing more and more authentic. For tips and tools on how to recognise, avoid and report scams visit Scamwatch. Or alternatively, if you’re an AUSCERT member you can contact our 24/7 Incident Support Service where we can help you detect, interpret and respond to attacks. It’s better to be too safe than sorry when it comes to scams!


Experts Warn of Voice Cloning-as-a-Service
Date: 2023-05-19
Author: Infosecurity Magazine

Security experts are warning of surging threat actor interest in voice cloning-as-a-service (VCaaS) offerings on the dark web, designed to streamline deepfake-based fraud.
Recorded Future’s latest report, I Have No Mouth and I Must Do Crime, is based on threat intelligence analysis of chatter on the cybercrime underground.
Deepfake audio technology can mimic the voice of a target to bypass multi-factor authentication, spread mis- and disinformation and enhance the effectiveness of social engineering in business email compromise (BEC)-style attacks, among other things.

Google will delete accounts inactive for more than 2 years
Date: 2023-05-21
Author: Bleeping Computer

Google has updated its policy for personal accounts across its services to allow a maximum period of inactivity of two years.
After that time has passed, the accounts "may" be deleted, along with all their contents, settings, preferences, and user-saved data. This includes all data stored on services such as Gmail, Docs, Drive, Meet, Calendar, Google Photos, and YouTube.

Here's how you can help report SMS and MMS scams to Telstra
Date: 2023-05-24
Author: techAU

Telstra has launched a new scam reporting service that allows customers to forward suspicious SMS and MMS messages to a national phone number. The service, which is free to use, will help Telstra to better identify and block scam messages.
To report a scam message, customers simply need to forward the message to 7226. Telstra will then investigate the message and take appropriate action, such as blocking the sender or reporting the message to the relevant authorities.

Australian critical infrastructure operators urged to move off Chinese tech
Date: 2023-05-23
Author: iTnews

A sweep of Chinese-made hardware and software from the federal government could be expanded to cover critical infrastructure operators as well, with the government already assessing its powers for “market intervention”.
The comments, made by Home Affairs officials at senate estimates yesterday, come as the government increasingly suspends its use of Chinese-made technology over security concerns.

Home Affairs to migrate AUSTRAC, ACIC out of cyber hub
Date: 2023-05-23
Author: iTnews

Home Affairs will spend $3.7 million helping AUSTRAC and the Australian Criminal Intelligence Commission (ACIC) transition off cyber security services it provided under the government’s axed cyber hubs pilot.
The pilot was discontinued earlier this month after a Finance-led review of the pilot scheme.


ESB-2023.2979 – Tomcat: CVSS (Max): 7.5

The previous fix for CVE-2023-24998 was incomplete. Apache has released regression update to address the issue

ESB-2023.3006 – ALERT GitLab Community Edition and Enterprise Edition: CVSS (Max): 10.0

A critical file read vulnerability has been addressed in the new releases of GitLab

ESB-2023.3025 – jenkins and jenkins-2-plugins: CVSS (Max): 9.8

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for Red Hat OCP

ESB-2023.2965 – WordPress: CVSS (Max): None

WordPress 6.2.2 is now available which addresses 1 security issue and 1 bug issue


Stay safe, stay patched and have a good weekend!

The AUSCERT team