Recent Posts

22/05/2026

Week 21 – Cisco SD-WAN: Peers Only… Or Not

Cisco Catalyst SD-WAN Controller has maximum severity flaw, attacker could log in as internal, high-prilvileged. non-root user.

CVE of the Week
-
by White Hat IT Security
Cyber (In)Securities – Issue 202
20/05/2026

Cyber (In)Securities – Issue 202

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
19/05/2026

From Compliance to Cyber Resilience: Why Dubai’s DigitalFuture Needs Strong Governance, Cloud Security, and RiskManagement By Aman Dev Sumakumar

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

The CyAN Blog
-
by Fel Gayanilo
15/05/2026

Week 20 – Windows Netlogon spill

11 – 17 May 2026 This week’s spotlight is on CVE‑2026‑41089, a critical stack‑based buffer overflow in the Windows Netlogon service that allows remote, unauthenticated code execution on domain controllers. The issue stems from a stack‑based buffer overflow triggered during the processing of specific Netlogon 

CVE of the Week
-
by White Hat IT Security
Cyber (In)Securities – Issue 201
13/05/2026

Cyber (In)Securities – Issue 201

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
09/05/2026

Week 19 – Shield Down: Critical PAN-OS Flaw Exposed

04 – 10 May 2026 Our CVE of the Week is about PAN-OS, which is the specialized operating system that powers all Palo Alto Networks next-generation firewalls (physical, virtual, and cloud). It provides complete visibility and control over network traffic by identifying users, applications, and 

CVE of the Week
-
by White Hat IT Security
Cybersecurity in Mongolia by Munkhzul Zorigt
08/05/2026

Cybersecurity in Mongolia by Munkhzul Zorigt

About the Author Munkhzul Zorigt Information Security Consultant | ISMS | ISO/IEC 27001:2022 Munkhzul Zorigt is a cybersecurity professional from Ulaanbaatar, Mongolia, currently participating in a mentorship programme through the Cybersecurity Advisors Network, where John Salomon serves as her mentor. With six years of experience 

The CyAN Blog
-
by Cyan Staff
Cyber (In)Securities – Issue 200
06/05/2026

Cyber (In)Securities – Issue 200

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
30/04/2026

Week 18 – Behind the Mask: SharePoint Spoofing in the Wild

27 Apr – 03 May 2026 In this week’s CVE of the Week we’ll be looking CVE-2025-32201, a spoofing vulnerability in Microsoft SharePoint Server caused by improper input validation, with a CVSS score of 6.5 It allows a remote, unauthenticated attacker to impersonate trusted users 

CVE of the Week
-
by White Hat IT Security
Repost: Cloud Security in the Age of Assumptions: Where Responsibility Really Lies
29/04/2026

Repost: Cloud Security in the Age of Assumptions: Where Responsibility Really Lies

A couple of thoughts on Cloud Security risks and controls, via safetydetectives.com

The CyAN Blog
-
by John Salomon