//Blogs - 12 July 2019

AusCERT Week in Review for 12th July 2019

AusCERT Week in Review
12 July 2019


Greetings,

This week we saw numerous Microsoft vulnerability reports and fixes as part of Patch Tuesday.
We also saw a larger than normal collection of advisories from Juniper and ICS-CERT this week.

There are a number of events occuring in our neighbourhood in the next few weeks that may be of interest:

"Celebrating Diversity and Inclusion in Queensland's ICT security sector"
https://www.auscert.org.au/events/2019-07-18-naidoc-week-2019-auscert-and-baidam-solutions-event

"Cyber Security Public Lecture with Corey Schou"
https://www.eait.uq.edu.au/cyber-security-public-lecture-corey-schou


---


Here are some of this week's noteworthy security bulletins (in no particular order):


ACSC Releases Updated Essential Eight Maturity Model
Author: US-CERT
Date: 05-07-2019

Excerpt:

"The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations
in determining the maturity of their implementation of the Essential Eight--ACSC's list of the top mitigation strategies to help organizations
protect their systems against adversary threats."


British Airways faces record-breaking GDPR fine after data breach
Author: Jon Porter
Date: 08-07-2019

Excerpt:

"The UK's data watchdog has announced plans to fine the airline British Airways a record ?183 million over last year's data breach."


Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
Author: Jonathan Leitschuh
Date: 09-07-2019

Excerpt:

"A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up
to 750,000 companies around the world that use Zoom to conduct day-to-day business."


Patch Tuesday Lowdown, July 2019 Edition
Author: Brian Krebs
Date: 09-07-2019

Excerpt:

"Microsoft today released software updates to plug almost 80 security holes in its Windows operating systems and related software. Among them are
fixes for two zero-day flaws that are actively being exploited in the wild"


German banks are moving away from SMS one-time passcodes
Author: Catalin Cimpanu
Date: 11-07-2019

Excerpt:

"Multiple German banks have announced plans to drop support for SMS-based one-time passcodes (OTP) as a login authentication and transaction
verification method."


---


Here are some of this week's noteworthy security bulletins (in no particular order):


Title: ASB-2019.0190 - [Win][UNIX/Linux] Mozilla Firefox and Mozilla
Firefox ESR: Multiple vulnerabilities
Date: 10 July 2019
URL: http://www.auscert.org.au/84211

"Mozilla advises upgrading to Firefox 68 or Firefox ESR 60.8 to address this vulnerability."


Title: ASB-2019.0187 - ALERT [Win] Microsoft Windows: Multiple
vulnerabilities
Date: 10 July 2019
URL: http://www.auscert.org.au/84193

"CVE-2019-1132 is has been seen exploited in the wild"


Title: ESB-2019.2574 - [Win] Siemens SIMATIC WinCC and PCS7: Multiple vulnerabilities
Date: 12 July 2019
URL: http://www.auscert.org.au/84331

"The SIMATIC WinCC DataMonitor web application of the affected products allows an authenticated user with network access to the WinCC DataMonitor
application to upload arbitrary ASPX code."


Title: ESB-2019.2572 - [Win][UNIX/Linux] Jenkins: Multiple vulnerabilities
Date: 12 July 2019
URL: http://www.auscert.org.au/84327

"Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master."


Title: ESB-2019.2563 - [Juniper] Junos OS: Multiple vulnerabilities
Date: 12 July 2019
URL: http://www.auscert.org.au/84309

"Insufficient validation of environment variables in telnet client may lead to stack-based buffer overflow"


---


Stay safe, stay patched and have a great weekend,
Marcus.


---