November 12, 2025

Lean Security Expert

CISA Alert: LANDFALL Spyware Hits Australian ...

A zero-click vulnerability, CVE-2025-21042, in millions of Samsung devices is being actively exploited to install "LANDFALL," a commercial-grade spyware. This threat, now on CISA's KEV catalog , transforms an executive's personal device into a silent corporate surveillance tool, completely bypassing your MDM and EDR. For Australian organisations with BYOD policies, this is a critical, reportable data breach scenario under the NDB scheme.

CISA Alert: LANDFALL Spyware Hits Australian BYOD Devices

October 25, 2025

Lean Security Expert

Beyond the Patch: Why the Actively Exploited ...

Actively exploited WSUS flaw CVE-2025-59287 (CVSS 9.8) threatens Australian businesses. Patching isn't enough. See why red teaming is essential to validate your security.

Beyond the Patch: Why the Actively Exploited WSUS Vulnerability (CVE-2025-59287) Demands a Red Team Response in Australia

October 12, 2025

Lean Security Expert

Oracle EBS Zero-Day CVE-2025-61882: Australian ...

Critical Oracle EBS zero-day CVE-2025-61882 actively exploited. Australian firms face data theft. Move beyond patching to proactive red teaming & security.

Oracle EBS Zero-Day CVE-2025-61882: Australian Threat

September 27, 2025

Lean Security Expert

ACSC HIGH ALERT: Your CI/CD Pipeline is the New ...

The ACSC has issued a high alert on attacks against Australia's software supply chain. Adversaries are no longer just targeting your live systems; they are infiltrating the "factory" where your software is built. We simulate these advanced, multi-stage attacks to validate your defences against this critical threat.

ACSC HIGH ALERT: Your CI/CD Pipeline is the New Frontline. Are You Prepared for a Supply Chain Attack?

September 15, 2025

Lean Security Expert

ACSC ALERT: Is Your SonicWall VPN an Open Door ...

The ACSC confirms the Akira ransomware group is actively exploiting SonicWall VPNs to breach Australian businesses. Patching is not enough—attackers are bypassing the fix. With Australia's new mandatory reporting laws, this technical vulnerability can quickly become a regulatory and legal disaster.

ACSC ALERT: Is Your SonicWall VPN an Open Door for Akira Ransomware in Australia?

Lean Security Expert

September 27, 2025

ACSC HIGH ALERT: Your CI/CD Pipeline is the New Frontline. Are You Prepared for a Supply Chain Attack?

Lean Security Expert

September 27, 2025

ACSC HIGH ALERT: Your CI/CD Pipeline is the New Frontline. Are You Prepared for a Supply Chain Attack?

The ACSC has issued a high alert on attacks against Australia's software supply chain. Adversaries are no longer just targeting your live systems; they are infiltrating the "factory" where your software is built. We simulate these advanced, multi-stage attacks to validate your defences against this critical threat.

Lean Security Expert

September 22, 2025

Beyond the Basics: Advanced Security Testing Techniques for 2025 Threats - Infograph

Lean Security Expert

September 22, 2025

Beyond the Basics: Advanced Security Testing Techniques for 2025 Threats - Infograph

This Lean Security infographic outlines advanced testing strategies for evolving 2025 cybersecurity threats, including AI-driven vulnerability scans, realistic red team simulations, adaptive testing, cloud-specific evaluations, and the combined strengths of automated and manual security testing for comprehensive protection.

Lean Security Expert

September 19, 2025

Managed Web Vulnerability Scanning vs. Manual Testing: Which One is Right for You?

Lean Security Expert

September 19, 2025

Managed Web Vulnerability Scanning vs. Manual Testing: Which One is Right for You?

Vulnerability scanning services provide speed and consistency, while penetration testing companies deliver depth and real-world attack simulations. Which method does your business need most right now?

Lean Security Expert

September 15, 2025

Building a Resilient Web Security Platform: What Enterprises Should Look For

Lean Security Expert

September 15, 2025

Building a Resilient Web Security Platform: What Enterprises Should Look For

Building a resilient web security platform starts with understanding risks. From risk assessment solutions to proactive testing, enterprises must strengthen defenses before attackers strike. Is your organization ready?

Lean Security Expert

September 15, 2025

ACSC ALERT: Is Your SonicWall VPN an Open Door for Akira Ransomware in Australia?

Lean Security Expert

September 15, 2025

ACSC ALERT: Is Your SonicWall VPN an Open Door for Akira Ransomware in Australia?

The ACSC confirms the Akira ransomware group is actively exploiting SonicWall VPNs to breach Australian businesses. Patching is not enough—attackers are bypassing the fix. With Australia's new mandatory reporting laws, this technical vulnerability can quickly become a regulatory and legal disaster.

Lean Security Expert

September 14, 2025

AI-Powered Red Teaming: Is Your Australian Business Ready for the New Threat Landscape?

Lean Security Expert

September 14, 2025

AI-Powered Red Teaming: Is Your Australian Business Ready for the New Threat Landscape?

Attackers are now weaponising AI to create faster and more evasive attacks, making traditional security playbooks obsolete. To defend against AI, you must use AI. We leverage adversarial AI and advanced red teaming to prepare your business for the next generation of sophisticated threats.

Lean Security Expert

September 12, 2025

Source Code Security Assessment in the Cloud: Benefits, Risks, and Best Practices

Lean Security Expert

September 12, 2025

Source Code Security Assessment in the Cloud: Benefits, Risks, and Best Practices

Protect your development pipeline with proactive scanning, expert reviews, seamless CI/CD integration, maximize security, and reduce risk with Source Code Security Assessment in the Cloud.

Lean Security Expert

September 8, 2025

The Future of Mobile App Security Testing in an API-Driven World

Lean Security Expert

September 8, 2025

The Future of Mobile App Security Testing in an API-Driven World

Secure your interconnected mobile and API ecosystems with proactive mobile application security testing, vulnerability scanning, and managed services to protect data and ensure regulatory compliance.

Lean Security Expert

September 5, 2025

How Managed Security Services Can Reduce Operational Costs Without Sacrificing Protection

Lean Security Expert

September 5, 2025

How Managed Security Services Can Reduce Operational Costs Without Sacrificing Protection

Cut security costs without cutting corners. Learn how managed security services deliver scalable, cost-effective protection that boosts ROI for businesses of all sizes.

Lean Security Expert

September 2, 2025

Beyond the Basics: Advanced Security Testing Techniques for 2025 Threats

Lean Security Expert

September 2, 2025

Beyond the Basics: Advanced Security Testing Techniques for 2025 Threats

Learn about the latest security testing techniques for 2025 threats, including AI-driven assessments, adaptive testing, and red teaming, to strengthen enterprise cyber defenses.