Uncategorised

September 2025 Patch Tuesday: The Security Update That’s Actually Worth Your Attention (And Why Waiting Could Cost You Everything)

by

Microsoft’s September 2025 Patch Tuesday represents one of the most significant security updates of the year, addressing 81 vulnerabilities including 9 critical-severity flaws currently under active exploitation. Security researchers have documented coordinated attack campaigns targeting SharePoint environments and network authentication systems, creating immediate operational risks for UK businesses. While Cyber Essentials compliance allows 14 days for deployment, current threat intelligence suggests strategic deployment within the first week significantly reduces business risk exposure. These patches address fundamental authentication and network security flaws that could compromise customer data protection, regulatory compliance, and business continuity across all organisational infrastructure.

BadCam Vulnerability: How Trusted Lenovo Webcams Become Remote Attack Weapons

by

Security researchers have discovered a critical vulnerability dubbed “BadCam” (CVE-2025-4371) that allows cybercriminals to remotely convert trusted Lenovo webcams into persistent BadUSB attack weapons. The flaw affects popular 510 FHD and Performance FHD models used across UK businesses, enabling attackers to reflash firmware and transform webcams into fake keyboards that inject malicious commands. Unlike traditional malware, BadCam attacks survive complete system wipes and reinstalls, creating unprecedented persistence. With thousands of vulnerable devices in UK offices, businesses must immediately audit their Lenovo webcams and update to firmware version 4.8.0 to prevent exploitation of this firmware-level threat.

The Tennis Ball Test™: How to Sniff Out a Useless MSP

by

Is your IT support actually doing its job, or just chasing its tail? The Tennis Ball Test™ is our no-nonsense (and slightly fluffy) way to spot a useless MSP. Inspired by a Golden Retriever with better instincts than most service desks, this post breaks down the serious importance of responsive, standards-based support — and why Cyber Essentials Plus with continuous compliance monitoring should be the absolute baseline.

Apple Pulls Advanced Data Protection from the UK – A Privacy Showdown

by
Apple vs. UK Government: The Encryption Battle Over Data Privacy

Apple’s Encryption vs. the UK’s “Snooper’s Charter” In a dramatic standoff over user privacy, Apple faced a significant challenge. Apple decided to withdraw its Advanced Data Protection (ADP) feature from the UK market. This decision was made rather than bow to government pressure. ADP is Apple’s optional setting. It extends end-to-end encryption to iCloud backups, … Read more

Is Fortinet Really That Bad?

by
Is Fortinet Really That Bad?

Is Fortinet that bad? Well, when hardcoded credentials, missing authentication, and weak encryption are routine, it’s hard to call it good. Sure, they patch flaws, but the same mistakes keep showing up like a bad sequel. Secure defaults? More like wishful thinking. Until users demand better, Fortinet seems content to rake in billions while security takes a back seat.

DORA the Explorer Tackles the Digital Operational Resilience Act (DORA)

by

How Equate Is Ready for the Adventure Meet DORA the Explorer, our animated hero, who’s swapped her jungle escapades for a high-stakes mission in the financial sector. Her new task? Help financial institutions, Managed Service Providers (MSPs), and ICT providers navigate the Digital Operational Resilience Act (DORA).  This isn’t about finding golden bananas anymore—it’s about protecting systems … Read more

Securing EnnVee Financial Consultants Limited: Meeting Modern Cybersecurity Standards

by

Cybersecurity isn’t just a technical need; it’s a cornerstone of trust and operational excellence. For Ennvee Financial Consultants Limited, a trusted financial advisory firm, ensuring data security and regulatory compliance is paramount. Under the leadership of Manny Singh Virdee, Director, Ennvee successfully achieved Cyber Essentials (CE) and Cyber Essentials Plus (CEP) certification. This accomplishment was … Read more

Project Spotlight – Modernising IT in a Listed Georgian Manor House

by

At Equate, we’re no strangers to unique challenges, and our recent work in a Grade II listed Georgian Manor House showcases how modern technology can blend seamlessly with historic charm. The Challenge The property, with its rich history and period features, required a delicate approach to modernising its IT infrastructure. The existing system was outdated, … Read more

Case Studies

by

Explore how Equate Group transforms businesses across diverse industries. From seamless IT infrastructure and advanced cybersecurity to cloud optimisation, managed services, and compliance excellence, our tailored solutions empower organisations to achieve their goals. Whether it’s modernising legacy systems, securing critical data, or enabling business continuity, our expertise ensures measurable success. Dive into our case studies … Read more

Build a Strategic Tech Plan That Powers Growth and Profits

by
Strategic Tech Planning & Budgeting: Fuel Growth and Profits

Every business—big, small, and everything in between—wants to grow. Leaders put in long hours developing strategies that fuel expansion, boost profits, and ultimately keep the competition at bay. But with today’s fast-paced tech landscape, many find themselves playing catch-up, overwhelmed by endless options and rapidly evolving tools. If this sounds familiar, you’re in the right … Read more