July Patch Tuesday - Australian Cyber Security Magazine
09
Jul
2025

July Patch Tuesday – Australian Cyber Security Magazine

Microsoft has addressed 128 CVEs in its July 2025 Patch Tuesday release, with 12 rated critical, and 115 rated important…

Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network
09
Jul
2025

Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network

A critical information disclosure vulnerability in Microsoft SQL Server, designated as CVE-2025-49719, allows unauthorized attackers to access sensitive data over…

Splunk Enterprise Addresses Vulnerabilities in Bundled Third-Party Packages
09
Jul
2025

Splunk Enterprise Addresses Vulnerabilities in Bundled Third-Party Packages

Splunk has released critical security updates for its Enterprise platform, addressing multiple vulnerabilities in bundled third-party packages across several product…

Australian Organisations Must Get Battle-Ready to Prevent AI-Powered Cyberwarfare Attacks
09
Jul
2025

Australian Organisations Must Get Battle-Ready to Prevent AI-Powered Cyberwarfare Attacks

By Nadir Izrael, Co-Founder and CTO, Armis The threat of cyber warfare against Australia has escalated, driving a significant increase…

Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code
09
Jul
2025

Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability in Microsoft Remote Desktop Client could allow attackers to execute arbitrary code on victim systems.  The…

Citrix Windows Virtual Delivery Agent Vulnerability Lets Attackers Escalate to SYSTEM Privileges
09
Jul
2025

Citrix Windows Virtual Delivery Agent Vulnerability Lets Attackers Escalate to SYSTEM Privileges

A critical security vulnerability has been discovered in Citrix’s Windows Virtual Delivery Agent that could allow attackers with low-level system…

It’s time to give AI security its own playbook and the people to run it
09
Jul
2025

It’s time to give AI security its own playbook and the people to run it

In this Help Net Security interview, Dr. Nicole Nichols, Distinguished Engineer in Machine Learning Security at Palo Alto Networks, discusses…

FortiWeb SQL injection Vulnerability Allows Attackers to Execute Malicious SQL Commands
09
Jul
2025

FortiWeb SQL injection Vulnerability Allows Attackers to Execute Malicious SQL Commands

A critical security vulnerability has been discovered in Fortinet’s FortiWeb web application firewall that allows unauthenticated attackers to execute malicious…

US Announces Arresting Chinese Hacker Linked to HAFNIUM Group
09
Jul
2025

US Announces Arresting Chinese Hacker Linked to HAFNIUM Group

In a significant development in international cybercrime efforts, Xu Zewei, a 33-year-old Chinese national, was apprehended in Milan, Italy, on…

Why your security team feels stuck
09
Jul
2025

Why your security team feels stuck

Cybersecurity friction usually gets framed as a user problem: password policies that frustrate employees, MFA that slows down logins, or…

Zoom for Windows Flaw Allows Attackers to Trigger DoS Attacks
09
Jul
2025

Zoom for Windows Flaw Allows Attackers to Trigger DoS Attacks

Security researchers have uncovered two significant vulnerabilities in Zoom Clients for Windows, exposing users to potential Denial of Service (DoS)…

Kanvas: Open-source incident response case management tool
09
Jul
2025

Kanvas: Open-source incident response case management tool

Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators…