• Request consultation
  • Newsletter
  • Deutsch Deutsch German de
  • English English English en
  • Italiano Italiano Italian it
  • Nederlands Nederlands Dutch nl
Greenbone
  • Products
    • OPENVAS BASIC
      • OPENVAS BASIC: Order
    • OPENVAS SCAN
    • Upcoming Solutions
      • OPENVAS SECURITY INTELLIGENCE
      • OPENVAS AI
    • Solutions for Your Sector
      • Educational Sector
      • Healthcare Sector
      • Public Sector
    • Technology
      • Feed Comparison
      • Product Comparison
        • OPENVAS vs. Nessus
      • Roadmap & Lifecycle
  • Service & Support
    • Technical Support
    • Self-Learning Courses
    • Documents
  • Events
    • Cybersec Europe 2026
    • Webinars
  • Partners
    • MSSP
  • About Greenbone
    • Careers
    • Contact
  • Blog
    • Know-how
      • Attack Vector Timeline
      • Cyberattacks and Defense
      • Cyber Defense Security
      • Cyber Resilience Act
      • Data Security
      • Digital Operational Resilience Act
      • Exposure Management
      • IT and Information Security
      • NIS2 Directive
      • Open Source Vulnerability Management
      • The Vulnerability Timeline
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
  • Products
    • OPENVAS BASIC
      • OPENVAS BASIC: Order
    • OPENVAS SCAN
    • Upcoming Solutions
      • OPENVAS SECURITY INTELLIGENCE
      • OPENVAS AI
    • Solutions for your sector
      • Educational Sector
      • Healthcare Sector
      • Public Sector
    • Technology
      • Feed Comparison
      • Product Comparison
        • OPENVAS vs. Nessus
      • Roadmap and Lifecycle
    • Request IT Security
  • Service & Support
    • Technical Support
    • Self-Learning Courses
    • Documents
  • Events
    • Cybersec Europe 2026
    • Webinars
  • Partners
    • MSSP
  • About Greenbone
    • Careers
    • Contact
    • Newsletter
  • Our Blog
    • Know-how
      • Attack Vector Timeline
      • Cyberattacks and Defense
      • Cyber Defense Security
      • Cyber Resilience Act
      • Data Security
      • Digital Operational Resilience Act
      • Exposure Management
      • IT and Information Security
      • NIS2 Directive
      • Open Source Vulnerability Management
      • The Vulnerability Timeline
  • German
  • English
  • Italian
  • Dutch
Joseph Lee

About Joseph Lee

Joseph has had a varied and passionate background in IT and cyber security since the late 1980s. His early technical experience included working on an IBM PS/2, assembling PCs and programming in C++.

He also pursued academic studies in computer and systems engineering, anthropology and an MBA in technology forecasting.

Joseph has worked in data analytics, software development and, in particular, enterprise IT security. He specialises in vulnerability management, encryption and penetration testing.

LinkedIn

Entries by Joseph Lee

Blog

September 2025 Threat Report: New Exploits, Active Campaigns, and Critical CVEs

In total, just over 4,500 CVEs were published in September, exposing defenders to new risk. For operational resilience, organizations need to scan their IT infrastructure to identify where hidden risk could impact their operations. A free trial of Greenbone’s OPENVAS BASIC allows defenders to scan their enterprise IT infrastructure to stay on top of emerging […]

9. October 2025/by Joseph Lee
Blog

ArcaneDoor Espionage Campaign Exploiting High-Risk Cisco ASA and FTD Firewall Flaws

On September 25, 2025, three new CVEs affecting Cisco networking products exploded onto the global cyber security landscape. Two of these were actively exploited as zero-days prior to their disclosure. Greenbone now includes detection tests for all three new high-risk CVEs in the OPENVAS ENTERPRISE FEED. CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5) affect the […]

1. October 2025/by Joseph Lee
Blog

CVSS 10 in Fortra GoAnywhere MFT – Patch Now!

CVE-2025-10035 (CVSS 10.0) is a new critical severity vulnerability in Fortra GoAnywhere MFT (Managed File Transfer). This maximum-risk CVE could provide attackers with unauthenticated remote command execution (RCE). Greenbone can detect vulnerable systems and all users should patch with urgency.  GoAnywhere MFT is a centralized Managed File Transfer (MFT) platform enabling file exchanges between business […]

26. September 2025/by Joseph Lee
Blog

SessionReaper: Account Takeover and Unauthenticated RCE in Magento and Adobe Commerce

! Update February 2nd, 2026 Reports from multiple security vendors have confirmed that CVE-2025-54236 (aka “SessionReaper”) has transitioned to active, real-world exploitation. A full technical write-up has been published and the Sansec Threat Research team, who originally disclosed CVE-2025-54236, claims that Proof-of-concept (PoC) exploits are circulating. On October 22nd 2025, the Sansec Threat Research Team […]

17. September 2025/by Joseph Lee
Blog

August 2025 Threat Report: Fast-Moving, High-Risk Vulnerabilities

The August 2025 Threat Report underscores how quickly high-risk vulnerabilities can shift from disclosure to active exploitation. Citrix, Fortinet, N-able, and Trend Micro flaws were weaponized within days. Other critical flaws in highly targeted software, such as Microsoft Exchange, emerged. Mainstream enterprise applications, such as Docker Desktop, Git, and Zoom, were also exposed to new […]

15. September 2025/by Joseph Lee
Blog

CVE-2025-57819: Unauthenticated RCE Threatens FreePBX Systems Globally

! Update January 28th, 2026 According to a recent report from FortiGuard, a newly disclosed vulnerability in FreePBX Endpoint Manager, CVE-2025-64328 (CVSS 8.6), is now being leveraged in real-world attacks. Greenbone includes a remote banner check for CVE-2025-64328, since its disclosure in early November, 2025. The flaw is a post-authentication command injection flaw [CWE-78] in […]

4. September 2025/by Joseph Lee
Blog

July 2025 Threat Report: Cisco, CrushFTP, HPE IRS and Others Face Active Exploitation

The July 2025 Threat Report takes a broad approach, covering some of the top cyber threats from the past month. The Microsoft SharePoint flaw titles “ToolShell” dominated the headlines; see our alert on ToolShell for a detailed analysis. Over 4,000 CVEs were published last month; almost 500 of them were rated Critical, with CVSS over […]

20. August 2025/by Joseph Lee
Blog

New WinRAR Flaw CVE-2025-8088 Exploited in Social Engineering Attacks

! Update January 28, 2026 Recent reporting from Google Threat Intelligence Group confirms that CVE-2025-8088 continues to be actively exploited well after patch availability. Attacks have been observed across a broad range of threat actors and campaigns and are no longer isolated to a single cluster or region. Threat actors leveraging CVE-2025-8088 include government-backed actors […]

15. August 2025/by Joseph Lee
Blog

ToolShell: Patch Bypass Prompts Emergency Alerts for Microsoft SharePoint

On Saturday, July 19th, flaws in Microsoft SharePoint Server became the subject of emergency cybersecurity alerts worldwide. Four CVEs are involved and collectively dubbed “ToolShell”; two published in early July already had patches available, but after being bypassed, two new CVEs were issued. The flaws can allow unauthenticated remote code execution (RCE) at the Windows […]

5. August 2025/by Joseph Lee
Blog

June 2025 Threat Report: A Cyber Combat of Attrition

The 2025 IOCTA report from Europol warns that demand for data on the cybercrime underground is surging. How much data has been stolen exactly? Determining exact numbers is impossible. However, the personal information of 190 million individuals including Social Security Numbers (SSN), was stolen from Change Healthcare in a single breach. That’s more than half […]

23. July 2025/by Joseph Lee
Page 3 of 7‹12345›»

Search

Search Search

Archive

  • 2026
  • 2025

Newsletter

Subscribe Now

OPENVAS BASIC

Our entry-level enterprise product

Test 14 Days Free of Charge

Products & Solutions

  • OPENVAS PRODUCTS
  • OPENVAS SECURITY INTELLIGENCE
  • OPENVAS SCAN
  • OPENVAS BASIC
  • OPENVAS FREE
  • OPENVAS AI
ISO9001-EN

Service & Support

  • Technical Support
  • FAQ
  • Documents
  • Warranty
  • Open Source Vulnerability Management
  • Cyber Resilience Act
ISO27001-EN

About us

  • About Greenbone
  • Partners
  • MSSP
  • License information
  • Privacy Statement
  • Terms & Conditions
ISO14001-EN

Contact with us

  • Contact
  • Newsletter
  • Media Contact
  • Careers
  • Security Response
  • Imprint
  • Grounding Page

Community

  • Community Portal
  • Community Forum
© Copyright - Greenbone AG 2020-2026
  • Link to LinkedIn
Scroll to top Scroll to top Scroll to top
Contact
Request IT Security Contact Us Subscribe to Newsletter Follow on LinkedIn