Report an incident

Get 24/7 incident response assistance from our global team

x
Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

AUNZ Intelligence Insights, November 2025
← Research Hub

AUNZ Intelligence Insights, November 2025

Authoritative cyber threat intelligence for leaders defending the Australia and New Zealand (AUNZ) region.

Download the AUNZ Intelligence Insights Report – November 2025 to gain a clear, intelligence-led view of the most active cyber threats, attack trends and threat actors targeting organizations across Australia and New Zealand.

Produced by Group-IB’s global threat intelligence experts, this report delivers actionable insights to help security, risk and executive leaders anticipate threats and strengthen cyber resilience.

Gain access to in-depth analysis covering cybercrime activity, ransomware campaigns, data breaches, fraud trends and emerging attack techniques impacting APAC organizations.

Why This Report Matters

Understand how cyber threats are evolving across AUNZUnderstand how cyber threats are evolving across AUNZ

Identify which industries and geographies are most targetedIdentify which industries and geographies are most targeted

Anticipate new attack techniques and criminal business modelsAnticipate new attack techniques and criminal business models

Translate intelligence into practical defensive actionsTranslate intelligence into practical defensive actions

The AUNZ region continues to experience rapid digital growth, making it a prime target for cybercriminals, organised threat groups, and nation-state–aligned actors. This report helps you:

Key Findings & AUNZ Cybersecurity Trends in November 2025

Inside the November 2025 edition, you’ll learn:

Dire Wolf Strikes Twice: Health and Legal Data ExposedDire Wolf Strikes Twice: Health and Legal Data Exposed

Ransomware group Dire Wolf published stolen corporate data from two Australia organizations on its dedicated leak site (DLS): Data linked to Health-Insights on 27 November 2025, followed by files from the Legal Practice Board on 29 November 2025.

Bloody Wolf: A Blunt Crowbar Threat to JusticeBloody Wolf: A Blunt Crowbar Threat to Justice

Dive into Group-IB’s technical analysis which examines the techniques, tools and ongoing activity of the threat group known as Bloody Wolf. This group impersonates government agencies to gain the trust of victims before beginning phishing campaigns.

MuddyWater Evolves: New Rust Backdoor DiscoveredMuddyWater Evolves: New Rust Backdoor Discovered

Group-IB has identified a new threat campaign attributed with high confidence to MuddyWater. Featuring a previously unseen backdoor written in Rust, this discovery marks the first known use of this language by the group.

FortiWeb Manager Exposed: Unauthenticated Admin Takeover FlawFortiWeb Manager Exposed: Unauthenticated Admin Takeover Flaw

A critical vulnerability has been discovered in Fortinet’s FortiWeb Manager that allows unauthenticated attackers to fully compromise the management interface and WebSocket CLI. A proof of concept observed on 6 October 2025 showed that a specially crafted POST request could be used to create a privileged administrator account, with testing confirming impact on versions 8.0.1 and earlier. The exploit has been actively abused since early October, and as of 13 November 2025 no vendor advisory had been issued. The vulnerability has now been assigned CVE-2025-6446.

Each insight is supported by real investigations, telemetry, and intelligence collected by Group-IB’s research teams.

Who Should Read This Report?

This report is essential reading for:

Chief Information Security Officers (CISOs), Chief Information Officers (CIOs) and Heads of Security.Chief Information Security Officers (CISOs), Chief Information Officers (CIOs) and Heads of Security.

Fraud, Risk and Compliance Leaders.Fraud, Risk and Compliance Leaders.

Government and Law Enforcement Professionals.Government and Law Enforcement Professionals.

Security Operation Center (SOC), Incident Response (IR) and Threat Intelligence (TI) TeamsSecurity Operation Center (SOC), Incident Response (IR) and Threat Intelligence (TI) Teams

Board-level and Executive Decision-MakersBoard-level and Executive Decision-Makers

If you are responsible for protecting digital assets, customers, or national infrastructure in APAC, this report is for you.

Relevant reports

We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:

Intelligence Insights Report, November 2025
New
Trend Report
Intelligence Insights Report, November 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, October 2025
New
Trend Report
Intelligence Insights Report, October 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more