JULY NEWS WRAP-UP

Australia’s cyber landscape didn’t take a winter break this July. Cybersecurity isn’t just a technical discipline it’s a constant battle against evolving threats, shifting regulations, and unpredictable adversaries. July 2025 was no exception. The past month delivered a mix of headline-grabbing breaches, stealthy malware tactics, and regulatory moves that could reshape how Australian businesses handle encryption and data sovereignty. Our featured news stories reveal the fault lines forming beneath Australia’s digital infrastructure.

Qantas Faces Major Data Theft Following Cyber Attack

Qantas has confirmed a significant data breach following a cyber attack that compromised customer and employee information. While the full scope is still under investigation, early reports suggest that personal data, including travel records and internal communications, may have been accessed.

This incident highlights the critical need for robust data protection measures and incident response planning, especially for organisations managing large volumes of personal and operational data.

Source: www.itnews.com.au, written by Eleanor Dickinson, published on July 2, 2025.

Malware Distributed via DNS in Sophisticated New Campaign

Threat actors have been discovered using DNS protocols to distribute malware, bypassing traditional security filters. This technique allows malicious payloads to be delivered covertly, making detection and mitigation more challenging for enterprise security teams.

Organisations are advised to review DNS traffic monitoring and implement advanced threat detection tools capable of identifying unusual patterns in network behaviour.

Source: www.itnews.com.au, written by Juha Saarinen, published on July 18, 2025.

Cisco Issues Advisory for Critical ISE Vulnerability

Cisco has released a security advisory for a critical remote code execution vulnerability in its Identity Services Engine (ISE). The flaw could allow unauthorised attackers to execute arbitrary code, posing a serious risk to network infrastructure.
Security teams using Cisco ISE are urged to apply the recommended patches immediately and review access controls to mitigate potential exploitation.

Source: www.cisco.com, written by Cisco Security Advisory, published on July 25, 2025.

Microsoft SharePoint Exploits Now Linked to Ransomware Deployment

Source: www.cyberdaily.au, written by Daniel Croft, published on July 28, 2025.

Allianz Life Insurance Cyber Attack Impacts the Majority of U.S. Customers

In a major international breach with implications for global insurers, Allianz Life Insurance confirmed a cyber attack that compromised data belonging to the majority of its U.S. customer base. The attackers reportedly accessed sensitive personal information, including policy details and identification data. While the breach occurred overseas, it serves as a stark reminder for Australian enterprises, especially those with international operations or partnerships, of the importance of cross-border data protection and incident response readiness.

Security leaders are urged to review third-party risk management practices and ensure that data shared across jurisdictions is encrypted and monitored for anomalies.

Source: www.cyberdaily.au, written by Daniel Croft, published on July 28, 2025.

Signal Threatens to Exit Australia Over Encryption Backdoor Proposal

Security leaders are urged to review third-party risk management practices and ensure that data shared across jurisdictions is encrypted and monitored for anomalies.

Source: https://ia.acs.org.au/home.html Information Age, Australian Computer Society (ACS), written by David Braue, published on 31 July 2025

As July’s headlines show, cyber threats are growing more sophisticated, more targeted, and more relentless. Whether it’s ransomware exploiting trusted platforms, DNS-based malware slipping past defences, or regulatory shifts challenging encryption norms, the message is clear: complacency is not an option.