26 Aug 2022

Week in review

Greetings,

Today, August 26, is Wear it Purple Day which is aimed at fostering supportive, safe, empowering, and inclusive environments for LGBTQIA+ youth.

Founded in 2010, Wear it Purple has developed into an international movement in response to the challenges, obstacles, prejudice and dire situations queer youth face each day.

There are events, training and educational tools amongst other resources aimed at raising awareness and promoting understanding at the Wear it Purple website that everyone can access and help be part of the change.

Earlier this week, Google reported that it had blocked the largest Distributed Denial of Service, or DDoS, attack with over 46 million requests per second. A Senior Product Manager for Cloud Armor likened the attack to “receiving all the daily requests to Wikipedia – in just ten seconds”.

The growth in DDoS attacks is on the rise with a 200+% increase in attacks thus far in 2022 and has progressed from being perceived as a minor nuisance to extremely sophisticated attacks.

A recent blog explains what a DDoS is and, how it works.

What commenced as a “hobby” twenty-five years ago on August 25, 1991, Linux is celebrating 31 years as a technological revolution!

The importance of this innovation cannot be understated. It’s found in servers, desktop PCs, smartphones, routers and more. Even if a product isn’t deemed ‘Linux’, it’s quite likely that it was still influenced or affected by Linux along the path to its own creation.

Lastly, today is also International Dog Day during which we celebrate all dogs, mixed breed and pure, with a focus on celebrating man’s best friend and encouraging adoption first rather than buying dogs from pet stores, backyard breeders or via the internet.

If you already have a pet companion or are not quite ready to commit to a dog full time, there are plenty of ways to show your support and assist organisations like the RSPCA through volunteering, donating and even, fostering!


Labor to overhaul national cyber security strategy
Date: 2022-08-19
Author: Cyber Security Connect

The Albanese government is set to reform former prime minister Scott Morrison’s $1.7 billion, 10-year cyber security strategy.
As a top priority, Home Affairs Minister and Minister for Cyber Security Clare O’Neil has ordered her department to “recast the cyber security strategy” rushed out during the COVID-19 pandemic by the former prime minister in mid-2020.
According to The Australian, Minister O’Neil outlined that the new strategy will be designed to focus on building closer links with Quad partners, the US, Japan and India, to accelerate the shift from ­reliance on China for critical technologies, amid concerns about Beijing’s global supply chain ­dominance.

Google Blocks Record-Setting DDoS Attack That Peaked at 46 Million RPS
Date: 2022-08-19
Author: Security Week

In June 2022, Google mitigated a Layer 7 distributed denial-of-service (DDoS) attack that peaked at 46 million requests per second (RPS).
Disclosed this week, this is the third HTTPS attack this year to reach tens of millions of RPS, after two lower-volume assaults were mitigated by Cloudflare.
The first of them peaked at 15.3 million RPS, Cloudflare announced in April, while the second reached 26 million RPS, the web security company announced in June.

Ransomware variants almost double in six months
Date: 2022-08-22
Author: Security Brief

Ransomware variants have almost doubled in the past six months, with exploit trends demonstrating the endpoint remains a target as work-from-anywhere continues, according to the latest semiannual FortiGuard Labs Global Threat Landscape Report.
“Cyber adversaries are advancing their playbooks to thwart defence and scale their criminal affiliate networks,” says Derek Manky, chief security strategist and VP global threat intelligence, FortiGuard Labs.
“They are using aggressive execution strategies such as extortion or wiping data as well as focusing on reconnaissance tactics pre-attack to ensure better return on threat investment,” he says.

ACCC warns of steady uptick in ‘Hi Mum’ message scams
Date: 2022-08-23
Author: Cyber Security Connect

More than 1,150 Australians have already fallen victim to the so-called “Hi Mum” scam in the first seven months of this year, with total reported losses of $2.6 million so far.
Known as “Hi Mum” or “family impersonation” scams, victims are contacted most often through WhatsApp and text message by a scammer posing as a family member or friend.
Following a significant rise in “Hi Mum” scams in recent months, Scamwatch is urging the public to be wary of phone messages from a family member or friend claiming they need help.

Twitter savaged by former security boss Mudge in whistleblower complaint
Date: 2022-08-23
Author: The Register

Twitter’s former security chief Peiter “Mudge” Zatko accused the company and its board of directors of violating financial rules, of fraud, and of grossly neglecting its security obligations in a complaint to the US Securities & Exchange Commission, the Federal Trade Commission, and the US Justice Department last month.
The Washington Post obtained and published a redacted copy of the complaint, which makes numerous allegations about occurrences and practices preceding and during Zatko’s time at the company, which ran from November 16, 2020 through January 19, 2022, when he was terminated by the new CEO Parag Agrawal.
Zatko’s complaint was filed by nonprofit law firm Whistleblower Aid, which confirmed the authenticity of the Post’s republished document to The Register.


ESB-2022.4149 – GitLab Community Edition (CE) and GitLab Enterprise Edition (EE): CVSS (Max): 9.9

A critical remote code execution vulnerability via Github Import has been fixed in the latest version of Github Enterprise Edition and Community Edition

ESB-2022.4172 – Firefox: CVSS (Max): None

Mozilla has fixed multiple vulnerabilities in its recent version of Firefox 104

ESB-2022.4177 – VMware Tools: CVSS (Max): 7.0

VMware Tools update addresses a local privilege escalation vulnerability (CVE-2022-31676)

ESB-2022.4196 – Cisco FXOS and NX-OS Software: CVSS (Max): 8.8

A denial of service vulnerability affecting NX-OS and FXOS has been addressed by Cisco Systems


Stay safe, stay patched and have a good weekend!

The AUSCERT team