Cracks in the System
Cybersecurity threats don’t always kick the door down—sometimes, they slip in through the cracks. This month, we’re spotlighting three subtle but serious security risks that could be undermining your defences right now.
The Dangers of Misconfigured MFA
MFA is essential, but if poorly set up—like push-only prompts—it can be bypassed. Misconfigurations leave you exposed to attacks like MFA fatigue.
Why It’s a Risk:
Misconfigured settings may allow fallback to SMS, which is more vulnerable.
Legacy systems might bypass MFA altogether.
What You Can Do:
Use number matching or device-bound authentication.
Block legacy authentication protocols.
Regularly test and audit MFA enforcement across users and devices.
Why It’s a Risk:
A rushed update might interrupt business-critical applications.
Firmware or driver updates can trigger system crashes or hardware issues.
Settings can reset, disabling important security controls.
What You Can Do:
Stagger updates across devices and monitor impact.
Test major patches in a sandbox before full rollout.
Use update policies to retain control over deployment timing.
Why It’s a Risk:
Sharing passwords or sensitive data without approval.
Using unsanctioned tools or cloud apps.
Clicking phishing links or ignoring security policies.
What You Can Do:
Monitor user behaviour for anomalies.
Provide clear policies and regular training.
Limit access to sensitive systems on a need-to-know basis.
Data Audit: The Essential 15-Point Checklist
We’ve partnered with Cortida to bring you a 15-point Data Audit Checklist — a practical guide to help AECO and Manufacturing businesses understand who owns their data, where it’s stored, and how secure and compliant their setup really is. Download it to spot gaps and strengthen your data strategy.
A National Push for Cyber Resilience
Last month, UK government ministers issued a joint letter to the CEOs and Chairs of major organisations, urging action against rising cyber threats. The letter emphasised that cyber security must be a board-level priority and outlined three immediate actions for businesses:
-
Use the Cyber Governance Code of Practice to guide decision-making and incident response planning.
-
Register for the NCSC’s Early Warning service to detect threats before they escalate.
-
Mandate Cyber Essentials across your supply chain as a minimum standard.
This reinforces Cyber Essentials not only as a technical benchmark, but as a key requirement for doing business responsibly in today’s digital economy. Read more about it here!
Recent Vulnerabilities to Be Aware Of:
- Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 - Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362
- Over 75,000 WatchGuard security devices vulnerable to critical RCE - Over 75,000 WatchGuard security devices vulnerable to critical RCE
- Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability - Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
- ASUS warns of critical auth bypass flaw in DSL series routers - ASUS warns of critical auth bypass flaw in DSL series routers
- Critical Fortinet FortiWeb WAF Bug Exploited in the Wild - Critical Fortinet FortiWeb WAF Bug Exploited in Wild
- ClickFix Attacks Against macOS Users Evolving - ClickFix Attacks Against macOS Users Evolving - SecurityWeek
- Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection - Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
Cyber Threats in 2025: What We Learned & What Comes Next
As 2025 comes to a close, we’re looking back at some of the most impactful cyber threats of the year and more importantly, what they reveal about the challenges ahead. From ransomware tactics to AI-driven phishing and risky app integrations, this round-up highlights where businesses have been most vulnerable and how you can strengthen your defences in 2026.
What is Product Lifecycle Management (PLM)?
Learn what Product Lifecycle Management (PLM) is and how it helps teams manage product data, processes, and collaboration across the lifecycle. Discover the key benefits and PLM tools driving innovation.
Sovelia Vault: The Smarter Way to Manage Design Data
If you are an Autodesk Vault user in the mechanical engineering and manufacturing industry, you are likely familiar with the challenges of managing design data. While Vault provides a solid foundation for storing and organising design data, it falls short in some critical areas. You might have noticed this if you ever wanted to automate workflows or configure company-specific rules and processes in Vault. Let’s dive into these challenges and possible solutions.
+44345 370 1500 · info@symetri.co.uk