New Year, New Threats – Are You Ready?

The Hidden Risk in SaaS Misconfigurations

Cloud platforms like Microsoft 365, Google Workspace, and Dropbox are powerful — but their security often depends on how you configure them. Misconfigured sharing links, wide-open folders, and excessive admin privileges are just some of the hidden dangers.

Windows Server 2016 Extended Support Ends January 12, 2027

Windows Server 2016 is approaching a major milestone. From 12 January 2027, Microsoft will no longer provide security updates, patches, or technical support. While that date may feel distant, organisations that start planning now are far better positioned to modernise securely and avoid last-minute risk.

This is an opportunity to strengthen your infrastructure, improve resilience, and move towards a more secure, future-ready server environment.

The Cost of Doing Nothing:

If migration isn’t possible before January 2027, Microsoft offers Extended Security Updates (ESU). However, ESU is expensive and increases in cost each year, making it a short-term safety net rather than a sustainable strategy.

Vulnerabilities & Further End-of-Life Notifications

Staying aware of newly disclosed vulnerabilities and upcoming end-of-life milestones is essential for reducing exposure and planning remediation.

End-of-Life Announcements

• SonicWall Gen 6 Firewalls Limited Retirement Mode – All SonicWall Generation 6 firewalls reached Limited Retirement Mode in April 2024, and many models (including TZ series and others) will reach end of support in April 2026. Organisations with these devices should review lifecycle dates and plan upgrades. SonicWall Gen 6 Limited Retirement Mode Announcement

Active Vulnerabilities & Security Advisories

• Palo Alto Networks DoS Bug in Firewalls – A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS could let unauthenticated attackers disable firewall protections; patches are available for affected versions. Palo Alto Networks warns of DoS bug letting hackers disable firewalls

• Fortinet FortiSIEM Critical Vulnerability Now Exploited – A critical Fortinet FortiSIEM flaw (CVE-2025-64155) with public exploit code is actively being exploited in attacks, allowing unauthenticated remote code execution and potential system compromise. Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks

• Microsoft Copilot “Reprompt” Data Exfiltration Attack – A novel Copilot attack technique called Reprompt was found that could enable single-click silent data exfiltration from Microsoft Copilot sessions; Microsoft has since issued patches. New ‘Reprompt’ Attack Silently Siphons Microsoft Copilot Data

• Credential-Stealing Chrome Extensions – Threat research highlights malicious browser extensions impersonating enterprise or GenAI tools that can steal credentials or exfiltrate data (e.g., posing as HR or ERP extensions).

• Other Notable Security Alerts 
  • Bluetooth Fast Pair flaws expose devices to hijacking risk.
  • Zero-day Windows info-disclosure bug addressed in recent patch releases.
  • Veeam fixes critical remote code execution (RCE) vuln in Backup & Replication.
  • Microsoft plans to enforce MFA for Microsoft 365 admin centre sign-ins.

Strengthen Your Security with our Cybersecurity Services

Protecting today’s IT environments requires constant visibility, proactive monitoring, and a security strategy that evolves with emerging threats. Symetri’s Cybersecurity Services, including Managed Security Services, are designed to help you stay protected, reduce risk, and maintain compliance, without adding pressure to internal teams.