AusCERT Week in Review for 21st September 2018 21 Sep 2018


There were again numerous updates and patches released this week.
While Microsoft had its turn last week with Patch Tuesday, it seems that it was Apple's turn this week.
Apple released a new version of iOS as well as fixes for Safari, Apple Watch and Apple TV.

Below is a summary (including excerpts) of some of the more interesting
stories we've seen this week:


---


Title: iOS 12 Patches Memory Bugs, Safari 12 Fixes Data Leaks

Date Published: 17-09-2018

URL:

https://www.bleepingcomputer.com/news/security/ios-12-patches-memory-bugs-safari-12-fixes-data-leaks/

Author: Ionut Ilascu

Excerpts:

"A new round of security updates is available from Apple, fixing bugs in Safari, watchOS, tvOS, and iOS."

"Apple released its newest version of iOS today, and apart from adding a performance boost to older iPhone models, it also comes with solutions for security problems."


---


Title: Hackers Mining Cryptos Using Leaked NSA Surveillance Tools, New Report Reveals

Date Published: 20-09-2018

URL:

https://nulltx.com/hackers-mining-cryptos-using-leaked-nsa-surveillance-tools-new-report-reveals/

Author: Steve Kaaru

Excerpt:

"The report revealed that cryptojacking incidences have spiked by over 450 percent in 2018, attributing the increased incidences to an NSA tool that was leaked in late 2017 which has been used by North Korean and Russian hackers in the past to infiltrate strategic targets. Now, the tool is being used to mine cryptos, and the hackers show no sign of slowing down with their lucrative venture."


---


Title: Adobe releases patch out of schedule to squash critical code execution bug

Date Published: 20-09-2018

URL:

https://www.zdnet.com/article/adobe-releases-patch-out-of-schedule-to-squash-code-execution-bugs/

Author: Charlie Osborne

Excerpts:

"Adobe has released a patch out of the usual security update schedules to resolve a set of severe vulnerabilities in Adobe Acrobat and Reader."

"Deemed critical, CVE-2018-12848 can lead to arbitrary code execution in the context of the current user if exploited by attackers."


---


Title: Western Digital goes quiet on unpatched MyCloud flaw

Date Published: 20-09-2018

URL:

https://nakedsecurity.sophos.com/2018/09/20/western-digital-goes-quiet-on-unpatched-mycloud-flaw/

Author: John E Dunn

Excerpt:

"No admin password, nothing – just a simple CGI request to MyCloud’s web server and an attacker would be in via a local network"


---


Title: ICO Fines Equifax £500K After 2017 Breach

Date Published: 20-09-2018

URL:

https://www.infosecurity-magazine.com/news/ico-fines-equifax-500k-after-2017/

Author: Phil Muncaster

Excerpt:

"The Information Commissioner’s Office (ICO) has issued the maximum fine possible to Equifax in response to failings which led to a major 2017 breach."


---

 

Here are a few of this week's noteworthy security bulletins:


ESB-2018.2832 - ALERT [Win][Mac] Adobe Acrobat and Reader: Multiple vulnerabilities

https://www.auscert.org.au/bulletins/68614

Some recent Adobe Acrobat and Reader vulnerabilites to address.

 

ESB-2018.2824 - [SUSE] pango: Denial of service - Remote with user interaction

https://www.auscert.org.au/bulletins/68582

Denial of Service from parsing Emoji!

 

ESB-2018.2782 - [Apple iOS] Apple Support 2.4 for iOS: Access confidential data - Remote/unauthenticated

https://www.auscert.org.au/bulletins/68394

One of a number of Apple advisories released this week which included others for tvOS, watchOS and Safari.

 

ESB-2018.2807 - [Ubuntu] ghostscript: Multiple vulnerabilities

https://www.auscert.org.au/bulletins/68506

Many linux distros released ghostscript fixes this week addressing remote code execution, information disclosure and denial of service issues.

 

ASB-2018.0221 - [Linux] Multiple McAfee products: Denial of service - Remote/unauthenticated

https://www.auscert.org.au/bulletins/68534

Multiple McAfee products based on linux are affected by the kernel vulnerability know as "SegmentSmack" which allows remote attackers to cause a denial of service condition.
A list of products that were vulnerable, not-vulnerable and available patches and mitigations was released.


---


Stay safe, stay patched and have a good weekend!

Marcus.

 


« Back to all blog entries