Threat activity

Recent Advisories

2025 May

• CrushFTP auth bypass vulnerability - 20250520002
• Mozilla Patches 2 Firefox Zero-Day Vulnerabilities - 20250520001
• Jenkins Critical Vulnerability - 20250519001
• Fortinet Critical Vulnerability - 20250516002
• Chromium-based Browser Active Exploit Vulnerability - 20250516001
• Fortinet Products Critical Vulnerability - 20250515001
• Microsoft Monthly Security Updates - 20250514001
• Cisco IOS XE Software Vulnerability - 20250508001
• Apache ActiveMQ Vulnerability - 20250502001
• SonicWall Critical Vulnerability - 20250501001

2025 April

• Increased Financial Fraud Activity - 20250429001
• SAP New Critical Vulnerabilities - 20250428001
• Commvault Critical Vulnerability - 20250424001
• Oracle Releases Multiple Critical Patches - 20250423001
• Apple Patches Zero-Day Vulnerabilites - 20250417001
• Jenkins Critical Vulnerabilities - 20250414001
• Fortinet Publishes Active Exploitation Blog - 20250411001
• ASD Publishes Joint Advisory on new Malicious Cyber Actors and Guidance - 20250410001
• Critical Siemens Vulnerabilities - 20250409004
• SAP Critical Updates - 20250409003
• Fortinet Critical Vulnerability - 20250409002
• Microsoft Monthly Security Updates - 20250409001

2025 March

• Mozilla Critical Advisory - 20250328001
• Next.js Critical Vulnerability - 20250325002
• Ingress NGINX Critical Vulnerability - 20250325001
• Veeam Patches Critical Vulnerbility - 20250321001
• Apache Tomcat Remote Code Execution Vulnerability - 20250318001
• Bitdefender Releases Updates Fixing Critical Vulnerabilities - 20250313002
• Apple releases patches for zero-day vulnerabilities - 20250312002
• Microsoft Releases March 2025 Patch - 20250312001
• CISA Releases New ICS Advisories - 20250310001
• Microsoft Publishes Silk Typhoon Threat Intelligence Article - 20250306001
• CISA Releases New ICS Advisories - 20250305002
• VMWare and Linux added to CISA Known Exploited Catalog - 20250305001
• CISA Adds Known Exploited Vulnerabilities to Catalog - 20250304001

WA SOC - Recent Threat Activity (April 2025)

Based on recent high impact incidents seen by the WA SOC, security teams should be focusing on the below areas of improvement based on phishing and phishing resistant MFA:

WASOC Guidance targeted on recent escalation of state-based actor threat activity

• Financial Fraud Campaigns Increased Financial Fraud Activity

Recent WA SOC advisories this month worth staying across include:

• Fortinet Critical Vulnerabilities Fortinet Critical Vulnerability
• SAP Releases Critical Updates to Security Vulnerabilities SAP Critical Updates

Agencies should review the latest WA Government Cyber Security Policy

WASOC - General Advice

Security Hardening remains a focus for all organisations. Please refer to the below guides to ensure all external and internal sign-ins are appropriately monitored.

• Policy The Government of Western Australia’s Artificial Intelligence Policy specifies the principles that must be applied by WA Government agencies who are developing or using Artificial Intelligence (AI) tools. WA Government Artificial Intelligence Policy and Assurance Framework
• ASD's Blueprint for Secure Cloud