All Posts

January is often seen as a reset. New plans, fresh priorities, and a sense of starting clean.From a cybersecurity perspective, however, the start of the year is one of the most fragile periods for organisations. Across industries and company sizes, we see the same pattern repeat every year: human-driven security incidents increase in January . Phishing success rates rise, social engineering becomes more effective, and small mistakes turn into real security issues. This is not

A practical, high-impact guide to starting the year with a clean security baseline January is one of the most important months for cybersecurity, yet it is often underestimated. After Q4 pressure, year-end freezes, and holiday slowdowns, most organisations begin the new year carrying risks they did not consciously choose. Unfinished tasks, temporary decisions, and overlooked changes quietly become part of the new baseline. Many Q1 incidents do not start with new attacks. They

CVE-2025-32819 is a critical vulnerability affecting SonicWall SMA100 devices, allowing remote authenticated attackers with SSLVPN user privileges to bypass path traversal checks and delete arbitrary files. This could lead to a complete reset of the device to factory default settings. To mitigate this vulnerability, follow the steps outlined below: 1. Update Firmware Ensure that your SonicWall SMA100 device is running the latest firmware version that addresses this vulnerabi

CVE-2022-22219 is a vulnerability in Juniper Networks' Junos OS and Junos OS Evolved, resulting from improper handling of unexpected data types during the processing of EVPN routes. This vulnerability can be exploited by an attacker who has direct control of a BGP client connected to a route reflector. To mitigate this vulnerability, follow the steps outlined below: 1. Update Junos OS Ensure that your Junos OS and Junos OS Evolved devices are updated to the latest version wh

CVE-2024-20255 is a vulnerability that affects the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server. It allows unauthenticated, remote attackers to perform cross-site request forgery (CSRF) attacks on affected systems. To mitigate this vulnerability, follow the steps outlined below: 1. Update Software Ensure that your Cisco Expressway Series and Cisco TelePresence Video Communication Server are running the latest software version. Cisco r

CVE-2025-20188 is a vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs). This vulnerability could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. To mitigate this vulnerability, follow the steps outlined below: 1. Update Cisco IOS XE Software Ensure that your Cisco Wireless LAN Controller is running the latest version of the Cisco IOS XE Software. Cis

CVE-2025-30381 is a critical vulnerability in Microsoft Excel that allows an unauthorized attacker to execute code locally through an out-of-bounds read. To protect systems from this vulnerability, follow the steps outlined below: 1. Update Microsoft Excel Ensure that Microsoft Excel is updated to the latest version. Microsoft regularly releases security updates that address vulnerabilities. To check for updates: Open Excel and go to File > Account . Click on Update Options

CVE-2025-29976 is a vulnerability in Microsoft SharePoint Server that allows an authorized attacker to elevate their privileges locally due to improper privilege management. To mitigate this vulnerability, follow the steps outlined below. 1. Apply Security Updates The first and most effective step to mitigate this vulnerability is to apply the latest security updates provided by Microsoft. Regularly check for updates and ensure that your SharePoint Server is running the most

CVE-2025-29975 is a vulnerability in Microsoft PC Manager that allows an authorized attacker to elevate privileges locally due to improper link resolution before file access. To mitigate this vulnerability, follow the steps outlined below: 1. Update Microsoft PC Manager Ensure that you are using the latest version of Microsoft PC Manager. Microsoft regularly releases updates that include security patches for known vulnerabilities. Check for updates through the application se

CVE-2025-29977 is a vulnerability in Microsoft Excel that allows an unauthorized attacker to execute code locally due to a use-after-free error. To protect your systems from this vulnerability, follow the steps outlined below. 1. Apply Security Updates Ensure that you are running the latest version of Microsoft Excel and that all security updates have been applied. Microsoft regularly releases patches to address vulnerabilities. You can check for updates by: Opening Excel an