17 Oct 2025
Week in review
Greetings,
This week, we have released a new episode of the Share Today, Save Tomorrow podcast, Episode 47: Building Cyber Resilience with Lucas from the AUSCERT Dev Team.
Our host, Bek, chats with Lucas Rossdeutscher, one of AUSCERT’s senior software developers, for an engaging behind-the-scenes look at MSINs (Member Security Incident Notifications) – a personalised and vital security service that helps AUSCERT members stay ahead of emerging threats. Lucas offers practical advice on how members can make the most of this tool to strengthen their cyber resilience and streamline their incident response efforts.
Listeners will also get to know the person behind the code, as Lucas shares stories from his half-marathon training journey, his love of coffee, and how his passion for cyber security developed over time.
This episode is available now on Spotify and Apple Podcasts now!
After nearly a decade, Windows 10 is now unsupported as of 14th October 2025, marking a major shift for millions of users and organisations still relying on the operating system. Despite running on over a third of the world’s PCs, Microsoft have now ceased providing security updates, leaving unpatched vulnerabilities that cybercriminals could exploit.
Ondrej Kubovič from ESET (a global digital company) warned that continuing to use unsupported systems creates “a significantly larger attack surface,” exposing users to data theft, malware, and potential operational or reputational damage. He recommends that if upgrading isn’t immediately possible, organisations should implement strict security controls such as restricting user privileges, limiting exposed services, using VPNs, and enhancing monitoring and audits.
Still, Kubovič stresses that these measures are only stopgaps. “Temporary fixes can buy you time, but they are not a substitute for a full upgrade,” he said. “Start planning your transition now to avoid unnecessary risks.”
F5 releases BIG-IP patches for stolen security vulnerabilities
Date: 2025-10-15
Author: Bleeping Computer
[AUSCERT has published security bulletins for these F5 updates and an ASB-https://portal.auscert.org.au/bulletins/ASB-2025.0175]
Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025.
The company disclosed today that state hackers breached its systems and stole source code and information on undisclosed BIG-IP security flaws.
F5 added that there's no evidence the threat actors leveraged the undisclosed vulnerabilities in attacks and said it has not yet found evidence that the flaws have been disclosed.
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
Date: 2025-10-14
Author: Bleeping Computer
[AUSCERT has published security bulletins for these Microsoft updates]
Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities.
This Patch Tuesday also addresses eight "Critical" vulnerabilities, five of which are remote code execution vulnerabilities and three are elevation of privilege vulnerabilities.
Qantas says customer data released by cyber criminals
Date: 2025-10-13
Author: iTnews
Qantas Airways confirmed customer data stolen in a July breach had been published by cybercriminals.
Qantas says customer data released by cyber criminals
The airline said in July that more than a million customers had sensitive details such as phone numbers, birth dates or home addresses accessed in one of Australia's biggest cyber breaches in years. Another four million customers had just their name and email address taken during the hack, it said at the time.
Annual Cyber Threat Report 2024-2025
Date: 2025-10-14
Author: ASD ACSC
Australia is an early and substantial adopter of digital technology which drives public services, productivity and innovation. Our increasing dependency on digital and internet-connected technology means Australia remains an attractive target for criminal and state-sponsored cyber actors.
In FY2024–25, ASD’s ACSC received over 42,500 calls to the Australian Cyber Security Hotline – a 16% increase from the previous year, over 1,200 cyber security incidents – an 11% increase, more than 1,700 times of potentially malicious cyber activity – an 83% increase from last year – highlighting the ongoing need for vigilance and action to mitigate against persistent threats.
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Date: 2025-10-14
Author: Bleeping Computer
Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group.
The flaw was addressed with an out-of-band security update released over the weekend, which Oracle said could be used to access “sensitive resources.”
ESB-2025.7359 – Adobe: Adobe Connect: CVSS (Max): 9.3
Adobe has released a security update for Adobe Connect. This update resolves critical and moderate vulnerabilities that could lead to arbitrary code execution and security feature bypass.
ESB-2025.7350 – F5 Networks: F5 BIG-IP (all modules): CVSS (Max): 9.8
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. (CVE-2016-2148)
ESB-2025.7295 – Debian: Linux: CVSS (Max): 9.8
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
ESB-2025.7269 – Linux kernel (Azure): CVSS (Max): 9.8*
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
ESB-2025.7222 – Red Hat: kernel: CVSS (Max): 7.8
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.
Stay safe, stay patched and have a good weekend!
The AUSCERT team
