SECURITY REPORT
AUGUST 2020
SECURITY REPORT
AUGUST 2020
Our Monthly Security Report is a roundup of all the essential cyber news you need from Australia and beyond.
CVE | Brand | Description | CVSS Score V3.1 |
CVE-2020-14606 | Oracle | Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge. While the vulnerability is in Oracle SD-WAN Edge, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle SD-WAN Edge. | 10 |
CVE-2020-1350 | Microsoft | A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka ‘Windows DNS Server Remote Code Execution Vulnerability’. | 10 |
CVE-2020-3374 | Cisco | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. The vulnerability is due to insufficient authorization checking on the affected system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to gain privileges beyond what would normally be authorized for their configured user authorization level. The attacker may be able to access sensitive information, modify the system configuration, or impact the availability of the affected system. | 9.9 |
CVE-2020-3382 | Cisco | IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533. | 9.8 |
CVE-2020-9480 | Apache | In Apache Spark 2.4.5 and earlier, a standalone resource manager’s master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application’s resources on the Spark cluster, even without the shared key. This can be leveraged to execute shell commands on the host machine. | 9.8 |
The launch of the new 2020 Cyber Strategy provides a framework for Government, industry and the broader community to work together in addressing Australia’s cyber challenges.
According to Alastair MacGibbon, Chief Strategy Officer at CyberCX:
“Three elements of the strategy are particularly significant to the private sector: increased regulation, new critical infrastructure obligations and a scaled approach to protecting smaller businesses and families.”
“Industry and government will co-design new legislation introducing economy-wide cyber security responsibilities, so in the same way as workplace health and safety is now fully accepted as a board responsibility, soon boards and executives will likely be held accountable for cyber security risk management … A security baseline will drive innovation, stability and profitability.”
Source : www.afr.com/technology/
RMIT University launched a new cyber security research centre that will focus on helping industry address rapidly evolving security threats in Australia and globally.
Source : www.itnews.com.au
The CSIRO’s digital arm, Data61, has come up with a new way to automatically identify phishing attempts that is more effective than current techniques.
Source : www.itnews.com.au
Westpac, CBA and NAB want to see a centrally-coordinated security operation set up to protect consumers and industry participants from attacks and exploits of Consumer Data Right functions.
Source : www.itnews.com.au
The Australian Cyber Security Centre (ACSC) has released new guidance to help Government agencies assess the risk posed by cloud services as part of the move away from a centrally-controlled security model to one of self-assessment.
Source : www.itnews.com.au
In response to two devastating ransomware attacks, Toll Group has developed a year-long cyber resilience program to prevent further breaches.
Source : www.itnews.com.au
Australians have become more trusting of organisations and governments to handle their personal data and privacy during the COVID-19 pandemic, according to new research by the Australian National University.
Source : www.itnews.com.au
A big year for privacy just got bigger. On July 16, Europe’s top court ruled on the legality of two mechanisms for cross-border transfers of personal data which could have significant implications for many Australian organisations.
Source : www.innovationaus.com
An encrypted BlackBerry device that was cracked five years after it was first seized by police is poised to be the key piece of evidence in one of Australia’s longest-running drug importation investigations.
Source : www.schneier.com
The University of Queensland has introduced Multi-Factor Authentication (MFA) as part of it’s drive towards adopting a Zero-Trust security model. The move is designed to secure data whilst enabling staff and students to access its network from anywhere in the world.
Source : www.itnews.com.au
ProctorU, an online exam monitoring tool, was one of 18 companies that saw the data of 444,000 users compromised. The tool is used by many Australian universities including the Universities of Sydney, Melbourne, Adelaide, Queensland and WA, was breached. The data included usernames, unencrypted passwords, legal names and full residential addresses.
Source : www.itnews.com.au
The Government released draft legislation for proposed changes to Australia’s foreign investment regime. The changes would force telcos and data centres that store information with a security classification to seek approval before any prospective foreign investment. The goal is to strengthen controls around data sovereignty.
Source : www.itnews.com.au
The New Zealand Defence Force websites were out of action for a whole week due to a hardware failure that affected storage. The Navy, Army and Air Force websites were all impacted.
Source : www.itnews.com.au
The Office of the Australian Information Commissioner (OAIC) released its eighth notifiable data breaches report, showing a sharp increase in the number of data breaches caused by ransomware attacks and the highest ever number of monthly notifications recorded over the past six months.
Source : www.itnews.com.au
A critical 17-year-old vulnerability, known as SigRed, has been uncovered in all Windows DNS servers, with administrators being urged to apply a workaround or patch from Microsoft as soon as possible.
Source : www.itnews.com.au
A growing number of high-profile verified Twitter accounts were after Twitter staff were tricked using a coordinated social engineering campaign.
Source : www.itnews.com.au
Users of Google’s office productivity and collaboration G-Suite tools will get a new set of security features to prevent phishing and meeting bombing, and to make device management easier.
Source : www.itnews.com.au
The automatically generated passwords protecting private Zoom meetings could be cracked with relative ease, allowing access to sensitive conferences.
Source : www.itnews.com.au
Cisco informed customers that it has patched critical and high-severity vulnerabilities in its Data Center Network Manager (DCNM) platform. The vulnerabilities allow a remote, unauthenticated attacker to bypass authentication and perform actions with admin privileges on the targeted device.
Source : www.securityweek.com
Critical vulnerabilities have been discovered in industrial VPN technology used to allow remote access to Operational Technology (OT) networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems (ICS)
Source : thehackernews.com
This Information Security Report is brought to you by Shearwater Solutions.
The Information Security Report is a monthly summary, compiled by Shearwater’s experienced cybersecurity professionals, to highlight the vulnerabilities and new attack vectors in some of the latest active threats, exploits and breaches and share recommendations to help you protect your data and stay a step ahead.
Whatever your Information Security challenge, we’re here to help you find the right solution.