Threat activity

Recent Advisories

2025 August

• ASD Publishes Joint Advisory on China PRC Operations - 20250829002
• Citrix NetScaler Critical Vulnerability - 20250827001
• Docker Critical Vulnerability - 20250826001
• Tableau Critical Vulnerability - 20250825003
• CISA Releases New ICS Advisories - 20250825002
• IBM Critical Vulnerability - 20250825001
• Apple Zero-day Vulnerability - 20250821002
• Commvault Bug Chain Vulnerabilities - 20250821001
• Cisco Secure FMC Critical Vulnerability - 20250819001
• ICS Critical Vulnerabilities - 20250815003
• Zoom Critical Vulnerability - 20250815002
• Cisco Critical Vulnerability - 20250815001
• ICS Critical Vulnerabilities - 20250813006
• Wazuh Critical Vulnerability - 20250813005
• Linux Critical Vulnerability - 20250813004
• Fortinet Critical Vulnerability - 20250813003
• SAP Monthly Security Patch - 20250813002
• Microsoft Monthly Security Updates - 20250813001
• WinRAR Known Exploited Vulnerability - 20250812001
• Erlang/OTP SSH Vulnerability - 20250811001
• CISA ICS Critical Vulnerability - 20250806004
• Zscaler Critical Vulnerability - 20250806003
• Adobe Critical Update - 20250806002
• Trend Micro Critical Vulnerability - 20250806001
• Squid Critical Vulnerability - 20250805001

2025 July

• Apple Critical OS Security Updates - 20250731002
• SonicWall Critical Vulnerability - 20250731001
• Mitel Critical Vulnerability - 20250725002
• New ICS Critical Vulnerabilities - 20250725001
• Sophos Critical Vulnerabilities - 20250724003
• SonicWall Critical Vulnerability - 20250724002
• Mozilla Firefox Critical Vulnerabilities - 20250724001
• Microsoft SharePoint Active Exploitation - 20250721001
• Cisco Critical Security Vulnerabilities - 20250718001
• IBM WebSphere Application Vulnerability - 20250717002
• Google Chrome Zero-Day Vulnerability - 20250716003
• Oracle Critical Updates - 20250716002
• Broadcom Critical Updates - 20250716001
• Mozilla Critical Vulnerabilities - 20250714001
• CISA Releases New ICS Advisories - 20250711001
• SAP New Critical Vulnerabilities Updates - 202509004
• Adobe Critical Update - 20250709003
• Fortinet Critical Update - 20250709002
• Microsoft Monthly Security Updates - 20250709001
• Phishing Campaigns Using M365 Direct Send - 20250707001
• Cisco Unified Communications Manager Vulnerability - 20250703001
• Linux Sudo chroot Vulnerability - 20250702002
• Google Chrome Zero-Day Vulnerability - 20250702001

2025 June

• Critical Cisco ISE RCE Vulnerability - 20250627001
• Citrix NetScaler Critical Vulnerability - 20250626001
• Critical ICS Vulnerabilities - 20250625001
• ICS Critical Vulnerabilities - 20250619003
• GeoTools Critical Vulnerability - 20250619002
• Citrix NetScaler Critical Vulnerability - 20250619001
• Veeam Patches Critical Vulnerability - 20250618001
• Google Chrome Zero-Day Vulnerability - 20250617001
• ICS Critical Vulnerabilities - 20250613002
• Trend Micro Critical Vulnerabilties - 20250613001
• Wazuh Server Deserialization of Untrusted Data Vulnerability - 20250612002
• Mozilla Firefox Critical Vulnerabilities - 20250612001
• SAP Critical Vulnerability - 20250611002
• Microsoft Monthly Security Updates - 20250611001
• ManageEngine Critical Vulnerability - 20250610001
• Cisco Critical Vulnerability - 20250605001
• Google Chrome Active Exploitation - 20250603001

WA SOC - Recent Threat Activity (July 2025)

Based on recent high impact incidents seen by the WA SOC, security teams should be focusing on the below areas of improvement based on phishing and phishing resistant MFA:

WASOC Guidance targeted on recent escalation of state-based actor threat activity

• Heightened Awareness: Securing Edge Devices

Recent WA SOC advisories this month worth staying across include:

• Microsoft SharePoint Active Exploitation
• SonicWall Critical Vulnerability SSL VPN
• SonicWall Critical Vulnerability SMA
• Cisco Critical Security Vulnerabilities
• Linux Sudo chroot Vulnerability

WASOC - General Advice

Security Hardening remains a focus for all organisations. Please refer to the below guides to ensure all external and internal sign-ins are appropriately monitored.

• Policy The Government of Western Australia’s Artificial Intelligence Policy specifies the principles that must be applied by WA Government agencies who are developing or using Artificial Intelligence (AI) tools. WA Government Artificial Intelligence Policy and Assurance Framework

• ASD's Blueprint for Secure Cloud

• SIEM And SOAR Practitioners Guidance