Lean Security Expert
The ToolShell Crisis: Why Your SharePoint ...

The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.

The ToolShell Crisis: Why Your SharePoint Server Is a Ticking Time Bomb
Lean Security Expert
Why Long-Lived Cloud Credentials Are Your ...

Across AWS, Google Cloud, and Microsoft Azure environments in Australia and globally, 59% of IAM users maintain access keys that have never expired—credentials that have been active for more than one year. These long-lived credentials represent a silent but catastrophic vulnerability in your cloud infrastructure. This blog explores why long-lived credentials have become the primary attack vector for identity-based breaches, how red teams exploit them during penetration tests, and what you must do today to eliminate this ticking time bomb.

Why Long-Lived Cloud Credentials Are Your Biggest Identity Risk in 2025
Lean Security Expert
Fortinet "Ghost Logins": How Authentication ...

Critical authentication bypass vulnerabilities in Fortinet FortiGate and related products (CVE-2025-59718 and CVE-2025-59719) are now under active attack, allowing "ghost" SSO logins that completely sidestep normal controls and logs. For Australian organisations, this is more than a VPN or firewall problem – it is a board-level exposure that directly tests whether your external penetration testing, internal penetration testing, and red team assessment services are capable of simulating SSO abuse, identity takeovers, and lateral movement across hybrid networks.

Fortinet "Ghost Logins": How Authentication Bypass Attacks Expose Gaps in Your Penetration Testing Strategy
Lean Security Expert
React2Shell: A CISO’s Guide to CVE-2025-55182

A new security flaw called React2Shell (CVE-2025-55182) puts Australian businesses at extreme risk. It has a severity score of CVSS 10.0, which is the highest possible rating. This flaw lets hackers take full control of your servers without needing a password. It affects the popular tools React and Next.js.

React2Shell: A CISO’s Guide to CVE-2025-55182
Lean Security Expert
SessionReaper & BFCM: Why Penetration ...

A critical vulnerability in Adobe Commerce and Magento (CVE-2025-54236), dubbed "SessionReaper," is being ruthlessly exploited by threat actors using AI-driven tools to automate attacks at machine speed. With the Australian holiday trading season in full swing, this unauthenticated remote code execution (RCE) flaw poses an immediate existential threat to retail and B2B organizations. This alert outlines the mechanics of the attack, the role of AI in its weaponization, and the urgent defensive actions required to prevent a catastrophic data breach.

SessionReaper & BFCM: Why Penetration Testing Services Are Critical (CVE-2025-54236)

The Most Problematic Mobile Security Threats (Part 1)

The thing about mobile apps is that they are not only popular with knowledge workers, but hackers too. This makes the issue of securing the apps complex even for the professionals. Here are some of the most problematic mobile security threats usually faced by security pros.

1.     Lack of a Proper Mobile Device Policy

A policy should be created regarding mobile security that establishes rules for authentication. This should include credential storage. For emails and the device itself, PII restrictions should be up held. Restrictions should also be applied on passwords, PINs, and usage. 

In essence, a mobile device policy should be made part of the onboarding process. It is also suggested that new employees at a company, before receiving their device or access to company resources, should read and sign off on the policy informing them of the established mobile security policy. 

2.     Connection Hacking

One of the most common examples of connection hacking is the ‘man-in-the-middle’ attack. Employees often use company devices to access company servers in open spaces. They might think they are safe behind the corporate firewall, but in reality, attackers set up a rogue access point and they start receiving all personal information the second they log in. This has the potential to leak a lot of sensitive data. 

3.     Authentication Attacks

Although not necessarily for stealing data on a mobile device, authentication consolidation will more than likely result in data specific exploits.

Industry experts predict that mobile devices will be progressively targeted for broader credential stealing. Either that, or for authentication attacks to be used at later on in the future.

For example, think of mobile devices as a direct conduit to cloud. The cloud just keeps on getting bigger as it is provided more and more data. Almost all organizations use numerous devices (laptop, tablet, mobile, etc.) to access that data. This means that by cracking just the device, the malicious entities could have access to the ever expanding cloud filled with sensitive information.

4.     Rootkits

Because of their very nature, rootkits are almost impossible to trace. Due to this, the attacker gets absolute control of the device. What is even more worrying is that it is very much possible for personal and sensitive information to be extracted through rootkits. This is especially worrying as more and more people have started to depend on mobile devices for their day to day activity. With a rootkit, malicious attackers can cause unprecedented damage.

5.     Mobile Payment Security Sources

The new payment platform of Facebook uses third party resources for security. If Facebook has a Trusted Service Manager platform installed in place and agreements with the manufacturers of the handsets, for the management of secure elements, then their payment solution would introduce Facebook into classical payment. Though, this is quite difficult and Facebook may not evolve in that way.

All these points just emphasize the need for mobile app security testing. Having your app tested by the professionals will ensure that it is safe from most mobile app security threats. To avail this service and others like web application penetration testing, get in touch with us.

 

What You Need to Know About Web Application Security

What You Need to Know About Web Application Security

Web applications being used at enterprises that hold valuable and sensitive data and information related to the business’ consumers are normally at a higher risk from hackers and malicious viruses. So as to guard this sensitive data, businesses must integrate cost effective web application security measures. In a nutshell, companies should consider acquire services of a reliable managed web applications security provider that provides extensive security.

Controlling Security Risks in Cloud

Controlling Security Risks in Cloud

The world is observing a definite trend Shift as businesses have started moving over to cloud with their data as well as their services. The cloud-computing sector is observing an explosive growth as numerous cloud computing service providers are springing up. As it happened with most technologies in the past, opinions got divided on merit. While most of the analysts deem cloud computing a revolutionary change, a few of them are worried about the control of security risks in cloud.

Why Online Businesses Should Go For Managed and Secure Cloud Hosting Services?

Why Online Businesses Should Go For Managed and Secure Cloud Hosting Services?

Considered to be the hottest debate today in the information technology community, cloud computing is subjected to some criticism as well as a lot of fame. Those in support of the technology, suggest that the scalability, flexibility, and economics of the cloud; make cloud based website management, a practical and logical choice, while its opponents point out the concerns related to privacy and security, which are reasons strong enough, to not move businesses to the cloud.

The Evolution of E-Commerce amidst Rising Security Concerns

The Evolution of E-Commerce amidst Rising Security Concerns

The many competitive advantages of ecommerce cannot be taken lightly. Offering online business and consumers alike a far improved productivity, significant reduction in costs, access and entry into a global business market, ability to provide a much improved customer service and streamlining business processes; are all reasons for brick and mortar businesses to open up their virtual shop.

Protecting Your Network Perimeter: Life on the Edge

Protecting Your Network Perimeter: Life on the Edge

Your perimeter security is the first and foremost layer of defense in your network, which is why it’s of the utmost importance to step back and review its design very carefully. The obvious step that you will need to take when it comes to ensuring a sound architecture, is determining what needs to be protected and then designing your network perimeter security in such a way that it can easily adapt according to your needs as they grow or change.

How to Protect and Secure Your Important Data Using SaaS Applications

How to Protect and Secure Your Important Data Using SaaS Applications

The size of your company doesn’t matter when it comes to protecting your business’s website network. Hackers will be still attracted to your company’s vital data and information whether it’s a big company, small or just starting out in the field. This is the reason why, having a rock solid security defense of the network is of the utmost importance.

How to Protect Your Business from DDoS Attacks

How to Protect Your Business from DDoS Attacks

DDoS protection basically refers to a succession of actions that endeavor to protect the network against potential DDoS attacks. Many people ask why it is important to have the network protected against DDoS attacks. This is a common question because most people are not aware of the risks and possible damages associated with DDoS attacks. DDoS protection plans can only be appreciated by people who are conscious of the destruction caused by such attacks.

Contact us for a quote