David Leane

Microsoft Addresses Serious “BadSuccessor” Zero-Day Authentication Vulnerability

David Leane on August 14, 2025

We independently review everything we recommend. When you buy through our links, we may earn a commission which is paid directly to our Australia-based writers, editors, and support staff. Thank you for your support!

Microsoft’s August Patch Update: Resolving the ‘BadSuccessor’ Zero-Day Issue

Quick Overview

Microsoft tackles ‘BadSuccessor’, a zero-day vulnerability, in its August 2025 Patch Wednesday rollout.
This issue impacts Windows Server 2025’s use of the Kerberos protocol.
Security expert Yuval Gordon recorded the vulnerability, recognized as CVE-2025-53779.
Despite its possible seriousness, Microsoft initially classified it as moderate.
The August update resolves 107 vulnerabilities, encompassing critical remote code execution defects.

Microsoft Tackles ‘BadSuccessor’ Vulnerability

Microsoft addresses "BadSuccessor" zero-day authentication flaw

In the most recent Patch Wednesday update for August 2025, Microsoft has introduced a vital correction for a zero-day vulnerability known as “BadSuccessor.” This flaw, which became public prior to having a patch available, affects the implementation of the Kerberos network authentication protocol in Windows Server 2025.

Detection and Documentation

The flaw was initially documented in May 2025 by Akamai security professional Yuval Gordon. Listed as CVE-2025-53779, this privilege escalation vulnerability permits attackers to compromise any user within Active Directory. Gordon’s findings suggested that taking advantage of this vulnerability is quite simple, raising alarms about its possible consequences.

Microsoft’s Reaction

After receiving a notification from Gordon, Microsoft’s Security Response Centre (MSRC) validated the flaw. Nevertheless, early evaluations categorized the vulnerability as moderate, which postponed immediate action. Despite this, security companies, such as Rapid7 and Qualys, have emphasized the flaw’s capacity to promote attackers to domain administrator capabilities.

Patch Wednesday: Tackling Major Vulnerabilities

In addition to addressing BadSuccessor, Microsoft’s August patch bundle resolves a total of 107 vulnerabilities. These encompass significant remote code execution flaws in Windows, Microsoft Office, the Hyper-V hypervisor, and the Message Queuing component. Although there is no proof of active exploitation of the BadSuccessor vulnerability, the extensive nature of the update highlights the vital need for strong cybersecurity practices.

Conclusion

Microsoft’s August 2025 Patch Wednesday is a pivotal update in confronting the ‘BadSuccessor’ zero-day vulnerability. Initially deemed moderate, this flaw was subsequently acknowledged for its significant severity, especially regarding the risk to Active Directory environments. The update not only mitigates this particular vulnerability but also enhances defenses against a variety of other critical security threats.

Q: What is the ‘BadSuccessor’ vulnerability?

A: ‘BadSuccessor’ is a zero-day privilege escalation vulnerability in the Kerberos authentication protocol of Windows Server 2025, enabling attackers to compromise Active Directory users.

Q: How was the vulnerability identified?

A: The vulnerability was identified by Akamai security researcher Yuval Gordon in May 2025 and subsequently reported to Microsoft’s Security Response Centre.

Q: What is the importance of the August Patch Wednesday update?

A: The update addresses 107 vulnerabilities, including critical issues, thereby ensuring enhanced security across numerous Microsoft products.

Q: Was the ‘BadSuccessor’ vulnerability being actively exploited?

A: There is no evidence indicating active exploitation of the ‘BadSuccessor’ vulnerability at this moment.

Q: Why did Microsoft initially classify the vulnerability as moderate?

A: Microsoft’s initial evaluation did not regard the vulnerability as severe enough for swift action, although subsequent assessments by security firms highlighted its possible ramifications.

Q: What other vulnerabilities were resolved in the August update?

A: Along with ‘BadSuccessor’, the update rectified critical remote code execution bugs in Windows, Microsoft Office, Hyper-V, and the Message Queuing component.

Q: How can users protect themselves from such vulnerabilities?

A: Users should consistently update their software, promptly apply security patches, and adopt effective cybersecurity strategies to mitigate potential risks.

Researchers Discover Fresh Weaknesses in TETRA Secured Wireless Communications

David Leane on August 12, 2025

vulnerabilities in TETRA Encrypted Wireless Communications

Quick Overview

Recent vulnerabilities in TETRA networks influence encryption robustness.
Serious weaknesses could enable attackers to insert harmful data.
Australian mining firms heavily rely on TETRA for their communication needs.
Experts urge for independent evaluations of TETRA networks.

Revealing New Weaknesses in TETRA Networks

Security researchers from Midnight Blue in the Netherlands have disclosed a series of critical vulnerabilities within TETRA (Terrestrial Trunked Radio) communication networks. These issues, unveiled via reverse-engineering and termed 2TETRA:2BURST, compromise the end-to-end encryption (E2EE) utilized by security agencies and elite forces.

Researchers detect vulnerabilities in TETRA wireless encryption

Insights into the Vulnerabilities

The investigation reveals six new security weaknesses, supplementing five that were previously recognized in 2023. The most critical, CVE-2025-52941, involves a compromised AES-128 encryption algorithm, diminishing its strength to a concerning 56 bits. Another weakness, CVE-2025-52943, targets networks employing multiple encryption methods, permitting attackers to take advantage of less secure keys to decrypt communications believed to be protected.

Consequences for the Industry

These vulnerabilities could allow intruders to interfere with industrial control systems within TETRA networks, leading to threats in sectors such as mining operations. This situation could result in unauthorized control over vital equipment such as SCADA systems.

Difficulties in Addressing the Issues

In contrast to conventional software vulnerabilities, these issues originate from essential design flaws in TETRA, which lack message authentication and replay resistance. The particular weaknesses affect the Sepura Embedded E2EE solution, yet other versions may also be vulnerable.

A Call for Openness

The cryptographic principles of TETRA have remained undisclosed for many years, impeding independent security assessments. Announcements to publish these principles were made in 2023, signaling a departure from the “security by obscurity” tactic adopted earlier by ETSI, which standardized TETRA back in 1995.

Effects on Australian Industries

TETRA networks function in more than 100 nations, constituting the foundation for emergency communications. In Australia, mining firms have widely incorporated TETRA for remote operations over the last decade, emphasizing the urgency for swift security evaluations.

Conclusion

The recent identification of vulnerabilities in TETRA networks by Midnight Blue underscores significant security issues for encrypted communications internationally. The flaws, which involve compromised encryption algorithms, threaten essential infrastructures and necessitate immediate independent assessments.

Q&A Section

Q: What is TETRA?

A: TETRA (Terrestrial Trunked Radio) is a communication standard commonly employed by emergency services and various industry sectors for secure radio communications.

Q: What new vulnerabilities have been discovered in TETRA networks?

A: The vulnerabilities encompass weakened encryption algorithms and flaws that could permit attackers to inject harmful data, jeopardizing communication security.

Q: What is the significance of publishing TETRA algorithms?

A: Publishing the algorithms concludes a long-standing “security by obscurity” approach, allowing independent security researchers to assess and find potential weaknesses.

Q: How do these vulnerabilities impact Australian industries?

A: Mining companies in Australia, reliant on TETRA for remote operations, may face the threat of unauthorized control over crucial systems, making comprehensive security evaluations essential.

OpenAI Launches GPT-5: More Intelligent, Quicker, and Stronger Than Ever Before

David Leane on August 8, 2025

Quick Read

OpenAI introduces GPT-5, providing state-of-the-art AI functionalities.
Notable enhancements include a widened context window and improved reasoning abilities.
New capabilities are designed for both developers and general users.
Enhanced compatibility with tools such as Microsoft 365 Copilot.
Now available with various plans for individuals and businesses.

OpenAI Reveals Revolutionary Progress with GPT-5

The recent unveiling of GPT-5 by OpenAI signifies a major leap in AI advancement, set to transform multiple sectors with its smarter, quicker, and more adaptable functionalities. The launch presentation, spearheaded by Sam Altman, highlighted the model’s exceptional performance, surpassing that of its forerunners and competitors.

Groundbreaking Features and Abilities

Widened Context Window

GPT-5 expands its context window to an unmatched 400,000 tokens, redefining its ability to process and remember complex details across extensive documents or discussions effortlessly.

Enhanced Reasoning and Agentic Features

Boasting advanced agentic features, GPT-5 excels in methodical reasoning, making it perfect for intricate problem-solving challenges in areas like programming and scientific studies.

Superior Coding Support

The model can quickly generate and elucidate extensive amounts of code, proving to be an invaluable resource for developers in a variety of sectors.

Upgraded Voice and Educational Modes

GPT-5 presents natural voice interaction capabilities and introduces a new ‘Study and Learn Mode’ for educational purposes, augmenting its functionality in diverse learning contexts.

Improved Writing and Content Creation

The AI delivers more human-like results in creative writing endeavors, addressing earlier limitations with nuanced and coherent responses.

Safety and Refusal Protocols

OpenAI has implemented more intelligent refusal protocols, providing partial answers with clarifications and strong safeguards against misuse.

Multimodal Functionality and Tool Integration

GPT-5 accommodates native web searching, file processing, and image creation, with seamless integration into enterprise tools like Microsoft 365 Copilot to boost productivity.

Access and Availability

GPT-5 is available now to all ChatGPT users under a free tier with usage limits. For unrestricted access, users can choose ChatGPT Pro or higher tiers. Enterprises and educational institutions will soon gain access, with pricing information listed on OpenAI’s official website.

Overview

OpenAI’s GPT-5 establishes a new benchmark in AI technology, providing enhanced abilities that are set to change the way we engage with machines. With its advanced features and wide-ranging applicability, GPT-5 is expected to become a crucial component in various professional and educational domains.

Common Questions

Q: What are the primary enhancements in GPT-5?

A: GPT-5 features a broader context window, improved reasoning capabilities, better coding support, and enhanced writing skills, among other developments.

Q: In what ways does GPT-5 enhance safety and dependability?

A: The model includes smarter refusal protocols and protections against harmful content, ensuring safe and responsible interactions with AI.

Q: Who is eligible to use GPT-5?

A: GPT-5 is accessible to all ChatGPT users, with extra features available for Pro users, businesses, and educational organizations.

Q: How does GPT-5 integrate with existing applications?

A: GPT-5 allows seamless integration with applications like Microsoft 365 Copilot, enhancing workflow efficiency in various industries.

OVIC Enforces Limitations on GenAI Tools for External Meetings

David Leane on August 8, 2025

OVIC Imposes Restrictions on GenAI Tools for External Meetings

Brief Overview

OVIC has prohibited the use of publicly accessible GenAI tools in meetings with external entities.
Tools such as ChatGPT, Google Gemini, and similar services are impacted by this directive.
Utilization of GenAI tools may be permitted on an individual basis with appropriate oversight.
Attendees must notify OVIC personnel if GenAI tools are utilized during meetings.
OVIC’s directives are centered on safeguarding confidential information in meetings.

Overview

The Office of the Victorian Information Commissioner (OVIC) has established new protocols that limit the employment of generative AI (GenAI) tools in meetings involving its personnel and external groups. These protocols are designed to protect sensitive data and uphold the integrity of meeting documentation.

Protocols for GenAI Tool Usage

OVIC’s latest recommendations firmly discourage the employment of GenAI services like ChatGPT, Google Gemini, and others for documenting or transcribing meeting information, particularly during discussions involving sensitive issues. The use of these tools is completely prohibited in meetings with OVIC staff, regardless of whether they occur online or in person.

Conditional Allowance

While the general approach is prohibitive, OVIC does permit the potential usage of GenAI tools on a conditional basis. This exception depends on the tools being securely managed and limited to authorized individuals, ensuring there is no external access.

Impacted Stakeholders

The revised protocols are relevant to a wide array of stakeholders, including state agencies, local councils, contractors, and the general public. All involved parties must declare the use of GenAI tools at the beginning of any meeting, detailing which tool is being used and how its outputs will be handled.

Ensuring Openness

In meetings categorized as sensitive, OVIC personnel may choose to limit participation if GenAI tools are in use. If a tool is believed to be utilized without proper notice, staff may request access to the produced minutes to verify their correctness.

Expanding on Previous Guidance

This directive builds upon OVIC’s previous guidance warning Victorian government bodies against entering personal data into public GenAI platforms. The emphasis remains on restricting inputs to publicly available or pre-approved data to avert data breaches.

Conclusion

OVIC’s limitations on GenAI tool usage during meetings are aimed at safeguarding sensitive information and fostering trust in meeting documentation. While some leeway exists regarding tool usage, transparency and secure management are crucial for compliance.

Q: What constitutes GenAI tools?

A: Generative AI tools are software applications that leverage artificial intelligence to create content such as text, audio, or visuals. Examples include ChatGPT and Google Gemini.

Q: Why has OVIC imposed restrictions on GenAI tools in meetings?

A: OVIC’s objective is to protect sensitive information and ensure precise meeting records, particularly in sessions involving delicate discussions.

Q: Is there ever an opportunity to use GenAI tools in OVIC meetings?

A: Yes, they may be used on a case-by-case basis, provided they are securely managed and limited to authorized personnel only.

Q: Who must be notified about the deployment of GenAI tools in meetings?

A: All attendees, including state agencies, local councils, contractors, and the public, are required to inform OVIC staff regarding the use of GenAI tools in meetings.

Q: What occurs if a GenAI tool is employed without notification in a meeting?

A: OVIC personnel may request details and copies of the produced minutes to confirm their accuracy and ensure adherence to guidelines.

“ReVault Firmware Flaw Leaves Dell Laptops Open to Ongoing Access Hazards”

David Leane on August 6, 2025

ReVault Firmware Vulnerability: Ongoing Security Dangers for Dell Laptops

Quick Read

ReVault is a serious vulnerability present in Dell laptops, impacting Broadcom’s ControlVault3 firmware.
The flaw enables attackers to retain access even after an OS reinstall.
Dell has released a security update to remediate these vulnerabilities.
More than 100 Dell laptop models, including those in the Latitude and Precision lines, are impacted.
Gaining physical access to devices can heighten the risk of exploitation.

Grasping the ReVault Vulnerability

Experts from Cisco’s Talos Intelligence have unveiled a serious vulnerability chain dubbed “ReVault” in the security hardware of Dell laptops. This vulnerability exists in Broadcom’s ControlVault3 firmware and related Windows APIs, presenting substantial security threats to users.

Dell laptops facing persistent access threats due to ReVault firmware vulnerabilities

Open Dell Latitude with the USH board highlighted.

Talos Intelligence

Mechanism of ReVault

The ReVault vulnerabilities are located within Dell’s ControlVault3, designed to provide hardware-based security by securely storing sensitive information like passwords and biometrics on a distinct circuit board called the Unified Security Hub (USH). Paradoxically, the USH, which was intended to enhance security, now represents a vulnerable point, allowing attackers to implant untraceable malicious software.

Risks and Exploitation Potential

Talos researcher Philippe Laulheret pointed out that malicious actors can leverage these vulnerabilities to secure persistent access to devices. For instance, compromised firmware might disclose cryptographic keys, enabling attackers to alter firmware and retain access even following a thorough OS reinstallation. Physical access to laptops increases the risk, as attackers may directly connect to the USH using specialized USB connectors, circumventing physical security protocols.

Models Affected and Mitigation Strategies

More than 100 Dell laptop models, especially from the Latitude and Precision business lines, are susceptible to ReVault. Dell has responded by releasing a security update, urging users to apply these updates without delay. For those not utilizing biometric or smartcard authentication, disabling ControlVault services via the Windows Service Manager can help reduce risks.

Conclusion

The ReVault firmware vulnerability poses a grave threat to Dell laptop users, particularly in sensitive sectors that demand high security. Users are recommended to update their firmware immediately and consider additional protective measures to defend against potential exploitation.

Q: What exactly is the ReVault vulnerability?

A: ReVault is a collection of critical vulnerabilities discovered in Dell laptops, impacting Broadcom’s ControlVault3 firmware, which allows attackers to maintain access post OS reinstallation.

Q: Which Dell models are impacted by ReVault?

A: Over 100 models, primarily from the Latitude and Precision lines, are affected.

Q: What can users do to protect their laptops from ReVault?

A: Users should apply the security updates issued by Dell and can disable ControlVault services if biometric or smartcard authentication is not necessary.

Q: What makes ReVault particularly alarming?

A: The vulnerability allows attackers to retain access even after an OS reinstall and can evade physical security measures, posing a significant threat to data security.

Q: What actions has Dell taken regarding ReVault?

A: Dell has acknowledged the vulnerabilities and released security updates for affected products to mitigate associated risks.

Optus Launches ‘Expert AI’ to Transform Customer Service Experience

David Leane on July 30, 2025

Optus Unveils Expert AI for Enhanced Customer Support

Optus Introduces Innovative ‘Expert AI’ to Enhance Customer Support

Quick Overview

Optus introduces Expert AI to boost customer service efficiency.
Built on Google Cloud, it serves as a co-pilot for representatives.
Delivers real-time advice and automates backend processes.
Part of Optus’s continuous commitment to AI-driven solutions.

Optus Expert AI: A Trailblazer in Customer Assistance

Optus has launched its latest development, ‘Expert AI’, aimed at assisting its frontline personnel by providing quicker and more effective customer service. This AI-driven assistant, created on the powerful Google Cloud platform, delivers real-time insights to address customer concerns efficiently.

How Optus Expert AI Operates

Real-Time Evaluation

Expert AI evaluates live customer interactions, including calls and chats, to promptly grasp the essence of the customer’s problem, facilitating rapid resolutions.

Contextual Assistance

Drawing from ongoing dialogues, the AI supplies Optus staff with on-screen prompts and recommendations, ensuring compliance with best practices.

Automated Processes

The system can carry out tasks such as accessing account information or processing requests independently, lessening manual duties and customer wait periods.

The Vision Inspiring the Technology

This project is part of Optus’s overarching plan to improve customer engagement by combining human talent with artificial intelligence. As stated by Jesse Arundell, Head of AI Solutions & Strategy at Optus, the firm has invested in AI technologies for more than five years to greatly enhance customer and employee experiences.

The Effect of Current AI Solutions

Optus’s Conversational AI Virtual Agents have already successfully managed over 2.2 million customer inquiries in the last year, achieving an average resolution time of below 120 seconds. This achievement underscores AI’s potential to transform customer service.

Expert AI’s Introduction and Availability

Optus Expert AI is presently accessible as an internal resource for Optus’s frontline personnel. Customers will experience improved service quality without incurring extra costs.

For further details, visit Optus Official Site.

Conclusion

Optus’s launch of Expert AI represents a notable advancement in utilizing artificial intelligence to enhance customer support. By integrating real-time insights and automation, Optus seeks to deliver a faster, more effective, and seamless customer experience. This venture aligns with Optus’s dedication to innovation and customer satisfaction.

Common Questions

Q: What is Optus Expert AI?

A: Optus Expert AI is an AI-driven assistant created to assist Optus’s frontline personnel by offering real-time insights and automating tasks to enhance customer service efficiency.

Q: In what ways does Optus Expert AI enhance customer service?

A: The AI examines live interactions to provide agents with real-time advice, suggests suitable responses, and automates backend functions, decreasing wait times and improving service quality.

Q: Will customers incur additional charges for using Optus Expert AI?

A: No, Optus Expert AI is an internal instrument for Optus staff, and customers reap the benefits of enhanced service without incurring extra costs.

Q: How does this initiative align with Optus’s broader goals?

A: This initiative is aligned with Optus’s strategy to harness AI for enhancing customer experiences, building on earlier investments in AI solutions to better service quality and efficiency.

Is Your Security Approach Ready as AI Enters the Workforce?

David Leane on July 28, 2025

AI in the Workforce: Transforming Security Approaches

Brief Overview

AI is moving from a supportive function to a leading role within the workforce.
Conventional identity governance falls short in AI-oriented environments.
AI entities with enhanced access levels present serious security threats.
Automated, AI-driven identity management is essential for safeguarding security.
Leadership must align identity strategies with AI projects.

AI: The New Leader in the Workforce

AI is entering the workforce. Is your security framework ready?

The adoption of Agentic AI in business practices is transforming today’s workforce. As AI evolves from a supportive role into a key player, companies must navigate a substantial change in security and governance frameworks.

The Emergence of Machines and the Decline of Traditional Thinking

Conventional identity governance, focused on human employees, is becoming irrelevant. AI agents are introduced via IT projects without standard protocols, resulting in a rise of poorly governed, excessively privileged non-human identities.

The Human Price, The Risk of Machines

While AI offers improved efficiency, it also brings forth notable security vulnerabilities. AI agents demand enhanced access, thereby enlarging the attack surface that can be targeted by malicious actors. Many businesses, especially in Australia, lack the mechanisms needed to address these risks.

Updating Machine Identity Lifecycle Management

Businesses require AI-enhanced identity lifecycle management to streamline access provisioning and maintain real-time visibility. This strategy is vital for upholding compliance and enforcing security measures in an AI-centric ecosystem.

Leaders Must Embrace This Transformation

The challenge of overseeing AI and human identities goes beyond the IT department. Senior leaders need to work collaboratively across various departments to refresh identity governance and embed it into all AI-related initiatives.

Conclusion

With AI becoming a vital element of the workforce, organisations in Australia must evolve their identity management approaches to lessen security dangers. This entails automating identity lifecycle management and promoting interdepartmental collaboration to excel in the AI-fueled enterprise landscape.

Questions & Answers

Q: Why is conventional identity governance insufficient for AI?

A: Conventional strategies concentrate on human identities and are ill-equipped to manage the swift, extensive arrival of AI agents, resulting in governance voids and security concerns.

Q: What risks do AI agents with enhanced access present?

A: Proper management is lacking, meaning AI agents with elevated access create a broader attack surface, heightening the possibility of exploitation by cyber threats.

Q: How can organisations enhance identity management for AI?

A: Through the adoption of automated, AI-enhanced identity lifecycle management systems that offer real-time insights and uphold least privilege access principles.

Q: What role do leaders play in authority governance for AI?

A: Leaders from different departments must collaborate to weave identity strategies into AI initiatives, guaranteeing thorough governance and security.

Q: In what way does AI integration affect organisational security strategies?

A: The integration of AI necessitates a shift in security tactics to confront the distinctive challenges of managing non-human identities and assuring stringent access control.

Q: Why is a “kill switch” important for AI agents?

A: A “kill switch” enables organisations to instantly revoke access for AI agents that act unpredictably, reducing potential security perils.

Acer Predator X32 X3 OLED Display: Premium Performance Comes with a Price

David Leane on July 26, 2025

Quick Read

Acer Predator X32 X3 OLED display delivers 4K resolution at 240Hz, ensuring fluid gameplay.
The 31.5″ screen is tailored for both casual and dedicated gamers with adjustable ergonomics.
Equipped with a Quantum Dot OLED panel featuring 99% DCI-P3 color gamut.
Adaptive-Sync technology is compatible with AMD FreeSync Premium Pro and Nvidia G-Sync.
Available in Australia for A$1,999 via Acer or A$1,709 through Ubuy.

Introduction

The Acer Predator X32 X3 OLED display has made its debut, offering elite performance for gamers and creative professionals. With OLED technology, this monitor distinguishes itself with remarkable black levels and a refresh rate of 240Hz at 4K resolution, making it an excellent choice for your gaming configuration.

Design

The Predator X32 X3 showcases a stylish black frame that prioritizes functionality over ornate designs. Its sturdy stand provides ample height adjustment of up to 120mm, tilt angles ranging from -5 to 35 degrees, and a 30-degree swivel. With its slim bezels and flat screen, it fits seamlessly into any setup, whether in a home office or a multi-monitor gaming arrangement.

Performance

The Predator X32 X3 excels in performance, achieving a 240Hz refresh rate at a native 4K resolution. It’s ideal for high-speed games, particularly when paired with a top-tier GPU like the RTX 4080. The OLED panel’s 0.03ms response time and Adaptive-Sync support guarantee tear-free, smooth gameplay.

With HDR switched on, gamers will value the rich contrasts and vibrant highlights, enhancing the immersive gameplay experience in titles such as Cyberpunk 2077 and F125. Its capability to manage diverse workloads also makes it a strong candidate for content creation.

Features

Key features of the monitor include:

Quantum Dot OLED panel: 99% DCI-P3 color coverage with precision factory calibration.
USB-C with 90W Power Delivery: Acts as a KVM switch, facilitating laptop charging while boosting productivity.
Adaptive-Sync technology: Provides support for AMD FreeSync Premium Pro and Nvidia G-Sync, ensuring smooth gameplay.
Integrated speakers: Dual 5W speakers suitable for casual use, while enhanced audio is recommended for an immersive experience.

Issues and Opportunities

While the Predator X32 X3 is impressive, there’s potential for enhancements. The on-screen display (OSD) could benefit from extra dedicated buttons for quick access to brightness and contrast settings. Although the stand is ergonomic, it takes up considerable desk space, and a more compact design or 90-degree rotation feature would be appreciated.

Price and Availability

The Predator X32 X3 is currently available in Australia priced at A$1,999 from Acer and A$1,709 from Ubuy. The package includes HDMI and USB-C cables for immediate use.

Summary

The Acer Predator X32 X3 is a high-end OLED monitor delivering unparalleled performance for its price range. It caters to both gaming aficionados and content creators, offering a well-rounded blend of speed, color fidelity, and connectivity options. While it’s a substantial investment, its features and future-ready technology validate the cost for those in search of the best display technology.

FAQs

Q: What makes the Acer Predator X32 X3 unique in the market?

A: Its blend of 4K resolution, 240Hz refresh rate, and OLED technology provides exceptional performance for gaming and content creation.

Q: Does the monitor feature variable refresh rates?

A: Yes, it utilizes Adaptive-Sync technology, including AMD FreeSync Premium Pro and Nvidia G-Sync.

Q: Is the stand adjustable?

A: The stand allows for extensive height, tilt, and swivel adjustments, though it lacks a built-in pivot for portrait orientation.

Q: What is the price range for the Predator X32 X3 in Australia?

A: It is available for A$1,999 through Acer and A$1,709 from Ubuy.

Q: Are there any included connectivity options?

A: Yes, it features a USB-C port with 90W Power Delivery and serves as a KVM switch.

Microsoft Issues Critical Updates for SharePoint Servers at Risk from “ToolShell”

David Leane on July 23, 2025

Quick Overview

Microsoft has issued critical patches for SharePoint Servers at risk from “ToolShell”.
The issues, CVE-2025-53370 and CVE-2025-53771, involve deserialization and spoofing vulnerabilities.
Patches are available for SharePoint Server Subscription Edition and SharePoint Server 2019.
Currently, there are no patches for SharePoint 2016 Server.
Administrators should implement the latest patches, activate AMSI, and change ASP.NET machine keys.
A scan by ShadowServer Foundation reveals 323 Internet-accessible SharePoint Servers in Australia.
Dutch security firm Eye has alerted about contemporary zero-day chains that do not require authentication.

Microsoft’s Crucial Security Action

In a significant effort to enhance cybersecurity, Microsoft has deployed urgent patches for two at-risk editions of its on-premises SharePoint Server, addressing severe issues that are currently being exploited by malicious actors. These vulnerabilities, referred to collectively as “ToolShell”, have generated substantial concern among IT professionals globally, especially in Australia.

Examining the ToolShell Vulnerability

The vulnerabilities, CVE-2025-53370 and CVE-2025-53771, pertain to serious deserialization and spoofing flaws that are being leveraged in remote code execution attacks. These security weaknesses enable attackers to run arbitrary code on compromised servers, representing significant risks for organizations that depend on SharePoint for collaboration.

Available Patches and Mitigation Tactics

Microsoft has made patches available for SharePoint Server Subscription Edition and SharePoint Server 2019. However, patches for SharePoint 2016 Server are presently unavailable, leaving certain organizations potentially vulnerable. Microsoft recommends that administrators utilize supported SharePoint versions and promptly apply the latest security updates.

Further mitigation steps include enabling the Anti-Malware Scan Interface (AMSI) with a suitable antivirus program and implementing endpoint protection strategies. Additionally, administrators should rotate the ASP.NET machine keys for SharePoint Server, either manually using PowerShell scripts or via Central Administration.

Widespread and Local Consequences

A scan conducted by the ShadowServer Foundation shows that the majority of SharePoint installations are located in the United States and Europe. In Australia, there are 323 Internet-visible SharePoint Servers, with 10 identified in New Zealand. While the scan does not specify the versions at risk, the information highlights the global scale of this security issue.

Professional Analysis and Comparisons

The Dutch security firm Eye has pointed out the parallels between the current vulnerabilities and those exploited in 2021. However, the latest exploits are more sophisticated, creating a modern zero-day chain that enables automatic shell installation, full persistence, and no authentication required. Eye Security warns that malicious payloads could be embedded and accepted as trusted input, completing the remote code execution loop without the need for credentials.

Conclusion

Microsoft’s urgent patches for SharePoint Servers target critical vulnerabilities that could have far-reaching effects if not addressed promptly. With the possibility of severe data breaches and operational disruptions, organizations must act quickly to implement these patches and enhance their cybersecurity stance. As the threat landscape evolves, maintaining vigilance and proactive approaches is crucial for protecting digital assets.

Questions & Answers

Q: What vulnerabilities do the patches address?

A: The patches fix CVE-2025-53370 and CVE-2025-53771, related to deserialization and spoofing vulnerabilities.

Q: Which versions of SharePoint have received patches?

A: Patches are accessible for SharePoint Server Subscription Edition and SharePoint Server 2019. There are no patches yet for SharePoint 2016 Server.

Q: What further actions should administrators take beyond applying patches?

A: Administrators should enable AMSI with an appropriate antivirus solution, implement endpoint protection, and rotate ASP.NET machine keys.

Q: How prevalent is the issue in Australia?

A: A scan has revealed 323 Internet-visible SharePoint Servers in Australia, representing a considerable presence and potential threat.

Q: Are these vulnerabilities akin to previous ones?

A: Yes, they bear similarities to exploits from 2021 but now create a more sophisticated zero-day chain without requiring authentication.

Q: What is Eye Security’s role in this context?

A: Eye Security has performed scans and provided insights regarding the current vulnerabilities, emphasizing the urgency for immediate action.

Ex-Intelligence Officer Sentenced for Bitcoin Robbery from Silk Road 2.0 Manager

David Leane on July 20, 2025

Ex-Intelligence Officer Sentenced in Bitcoin Theft Case

Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator

Quick Overview

Ex-NCA officer imprisoned for stealing cryptocurrency from the operator of Silk Road 2.0.
Paul Chowles misappropriated 50 bitcoin, valued at over £4 million today.
Chowles utilized Bitcoin Fog to disguise the transaction.
The NCA originally suspected Thomas White, the initial operator.
Bitcoin valued at nearly £470,000 confiscated from Chowles.

Context on Silk Road 2.0

The Silk Road 2.0 platform arose as a successor to the first Silk Road, providing a venue for illegal dealings, such as drug trade and other unlawful items, after the FBI dismantled its predecessor in 2013. The British National Crime Agency (NCA) took Thomas White into custody in 2014 during its probe into this dark web marketplace.

The Theft and Investigation

Paul Chowles, a NCA intelligence officer, took advantage of his role to pilfer 50 bitcoin from Thomas White’s “retirement wallet.” Chowles subsequently sought to mask the origin of the funds by employing a cryptocurrency mixing service named Bitcoin Fog. Despite these measures, Chowles was ultimately apprehended and charged with theft, transferring criminal property, and concealing criminal property.

Court Proceedings and Sentencing

Chowles was brought before Liverpool Crown Court and entered a guilty plea for all charges. The stolen bitcoin was initially estimated at just below £60,000 during the theft in 2017, but its current worth is over £4 million. Chowles managed to realize close to £145,000 from his illegal activities prior to his arrest in 2022.

NCA’s Reaction and Misconduct

The NCA terminated Chowles for gross misconduct following his guilty plea. Initially, the agency speculated that Thomas White, who was sentenced in 2019, had accessed the bitcoin wallet. This assumption was negated after further investigation revealed Chowles’ direct involvement through documentation found in his notebooks.

Financial Consequences

The NCA confiscated bitcoin valued at nearly £470,000 from Chowles. Furthermore, the agency retrieved and liquidated the remaining 47 bitcoin from White’s wallet, aiding in a £1.5 million confiscation order placed on White.

Conclusion

This case underscores the weaknesses within law enforcement agencies regarding the management of digital currencies and highlights the necessity for strict internal controls to avert similar misconduct. The effective prosecution and sentencing of Paul Chowles act as a deterrent to the misuse of authority by individuals in positions of trust.

Q&A

Q: What is Silk Road 2.0?

A: Silk Road 2.0 was an illegal dark web platform that enabled the trade of drugs and other prohibited goods, following the closure of the original Silk Road by the FBI in 2013.

Q: How was Paul Chowles apprehended?

A: Paul Chowles was apprehended after an investigation uncovered usernames and passwords associated with Thomas White’s cryptocurrency accounts in Chowles’ possession.

Q: What is Bitcoin Fog?

A: Bitcoin Fog is a cryptocurrency mixing service that obscures the origin of bitcoin transactions, making it challenging to trace the source of the funds.

Q: What was the verdict in this case?

A: Paul Chowles received a sentence of five and a half years in prison after pleading guilty to charges of theft, transferring criminal property, and concealing criminal property.

Q: What became of the stolen bitcoin?

A: The NCA confiscated bitcoin valued at nearly £470,000 from Chowles, while the remaining 47 bitcoin in White’s wallet were sold to help fulfill a confiscation order.