11 Jul 2025
Week in review
Greetings,
We’re excited to launch a brand new season of Share Today, Save Tomorrow with Episode 41 of the AUSCERT Podcast: “New Season + AUSCERT2025 Conference Wrap-Up.”
In this episode, our very own Bek Cheb, Business Manager at AUSCERT, steps behind the mic to introduce the fresh new format and direction for the season ahead. Bek also shares key insights and standout moments from the AUSCERT2025 Conference held earlier this year. Whether you’re a returning listener or tuning in for the first time, this episode offers an engaging glimpse into what’s next for AUSCERT and the wider cyber security community.
If you missed any presentations from AUSCERT2025 or want to revisit your favourites, don’t forget you can access the recordings now available on our YouTube Channel. From keynote speeches to technical deep dives, you can relive the most impactful moments of the conference at your convenience. Share these sessions with colleagues and peers because sharing knowledge is at the heart of strengthening our collective cyber resilience.
These fraudulent sites publish fabricated articles featuring public figures ranging from world leaders to central bank governors falsely endorsing cryptocurrency investment schemes. Victims are lured via online ads to scam platforms like Eclipse Earn or Solara, which simulate legitimate trading environments but are designed solely to steal funds and personal information. These attacks are regionally-targeted (including Australia), using localised content, native language, and trusted local brands to gain credibility. Once a user engages, their data is often resold or used in future phishing campaigns.
AUSCERT recommends verifying sources, avoiding unsolicited investment offers, and reporting any suspicious sites or ads to your internal security team or national cyber authority.
Microsoft Patch Tuesday, July 2025 Edition
Date: 2025-07-08
Author: Krebs on Security
[AUSCERT has published security bulletins for these Microsoft updates]
Microsoft released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help from users.
New ServiceNow flaw lets attackers enumerate restricted data
Date: 2025-07-09
Author: Bleeping Computer
A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access.
ServiceNow is a cloud-based platform that enables organizations to manage digital workflows for their enterprise operations. It is widely adopted across various industries, including public sector organizations, healthcare, financial institutions, and large enterprises.
Task scams: Why you should never pay to get paid
Date: 2025-07-04
Author: We Live Security
Many of us have been experiencing a cost-of-living crisis for years, and the news headlines remain filled with doom-laden predictions of what the future might hold. Against this backdrop, it’s understandable why many of us are looking for a side hustle or for even a new, better-paid job. But the scammers know this, and are ready to take advantage.
In 2024 alone, employment scams reported to the FBI made fraudsters over $264 million. Many of these are so-called “task scams,” where victims are actually tricked into paying a “deposit” in order to get paid. It might sound unbelievable. But it’s easier to fall for than you think.
Qantas says it has been contacted by a group claiming to have stolen data of its frequent flyers
Date: 2025-07-08
Author: news.com.au
Qantas says it has been contacted by a group claiming to be behind the theft of the data of millions of its frequent flyers last week.
The airline said in a statement late on Monday that “a potential cybercriminal has made contact” but it would not disclose if a ransom was being sought.
“As this is a criminal matter, we have engaged the Australian Federal Police and won’t be commenting any further on the detail of the contact,” a Qantas spokesman said.
ESB-2025.4636 – Siemens SINEC NMS
Successful exploitation of these vulnerabilities could allow an attacker to elevate privileges and execute arbitrary code
ESB-2025.4620 – Juniper Security Director
A Missing Authorization vulnerability in Juniper Networks Security Director allows an unauthenticated network-based attacker to read or tamper with multiple sensitive resources via the web interface
ESB-2025.4591 – GlobalProtect App
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect App on macOS devices enables a locally authenticated non administrative user to escalate their privileges to root on macOS and Linux or NT\AUTHORITY SYSTEM on Windows
ESB-2025.4567 – GitLab Community Edition and Enterprise Edition
GitLab has remediated an issue that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content
Stay safe, stay patched and have a good weekend!
The AUSCERT team
