July 2025 – Velvot

Urgent Cybersecurity Alert: Tool Shell Exploit Targets On-Premises SharePoint Servers

Posted on July 30, 2025August 22, 2025 by GTM Velvot

Sophos MDR Security Alert – Velvot Nigeria Limited

Sophos MDR Security Alert

Announcement Date: July 18, 2025

On July 18, 2025, Sophos’ Managed Detection and Response (MDR) team detected a significant wave of malicious activities targeting on-premises Microsoft SharePoint environments. These activities involved the deployment of harmful PowerShell commands across numerous systems, indicating a coordinated exploit effort leveraging a newly identified toolset referred to as ‘Tool Shell.’

Initial Findings

Initial investigations traced the earliest known activity back to July 17, 2025. Tool Shell comprises a chained exploitation of two critical SharePoint vulnerabilities— CVE-2025-49704 and CVE-2025-49706—first demonstrated during the Pwn2Own cybersecurity event in Berlin in May 2025. Microsoft addressed both vulnerabilities in their July Patch Tuesday updates.

Zero-Day Exploits

What makes this situation particularly urgent is the emergence of two new vulnerabilities, CVE-2025-53770 and CVE-2025-53771, which are currently being exploited in the wild as part of an active zero-day attack campaign.

This means threat actors are not only taking advantage of previously known flaws but are also exploiting fresh weaknesses for which protections may not yet be fully deployed across affected infrastructures.

Impact & Recommendations

Sophos MDR has reached out to all identified victims of these attacks. Given the active nature of the exploit and the confirmed use of a zero-day, organizations using on-premises SharePoint servers are strongly advised to apply Microsoft’s latest security patches without delay.

Notably, SharePoint Online services hosted on Microsoft 365 are not affected by this campaign.

Action Required

Velvot Nigeria Limited urges all clients and IT administrators to assess their SharePoint infrastructure immediately and implement all necessary updates and monitoring practices to reduce exposure.

Staying ahead of evolving threats requires a proactive approach—don’t wait for a breach to act.

Contact Information

For professional cybersecurity assessment and infrastructure support, contact us: GTM@velvot.com

Velvot Nigeria Limited
Lagos State, Nigeria
Website: www.velvot.com

Fortinet Advances Quantum-Safe Communications to Combat Emerging Cyber Threats

Posted on July 29, 2025August 22, 2025 by GTM Velvot

Quantum-Safe Cybersecurity with Fortinet

As the digital era continues to evolve at breakneck speed, quantum computing is fast emerging as the next frontier of innovation. By harnessing the bizarre yet powerful principles of quantum mechanics, quantum computers promise to solve complex problems in seconds—problems that would take even today’s most advanced supercomputers thousands of years to crack. This paradigm shift holds extraordinary potential across industries such as pharmaceuticals, financial modelling, materials science, and artificial intelligence.

However, with every great innovation comes equally significant challenges—especially in the realm of cybersecurity. Quantum computing, while still in its early stages, poses a very real and pressing threat to the foundation of modern digital security. Today’s cryptographic standards, such as RSA and ECC (Elliptic Curve Cryptography), which safeguard everything from online banking to classified government files, are built on mathematical problems that are difficult for classical computers to solve. But with the advent of quantum computing, these algorithms could be rendered obsolete overnight.

One alarming tactic already being deployed by cybercriminals is known as “harvest now, decrypt later”. Bad actors are collecting and storing encrypted information now, in anticipation of future breakthroughs in quantum processing. Once quantum computers reach sufficient power, this data could be decrypted—exposing sensitive financial records, intellectual property, personal identities, and even national secrets. This looming threat has made it clear that organizations can no longer rely solely on traditional cybersecurity frameworks.

Enter quantum-safe communication technologies. Also known as post-quantum cryptography (PQC), these solutions are being developed specifically to withstand the unprecedented computing power of quantum systems. Designed to be secure even against future quantum attacks, they offer a path toward sustainable cybersecurity in an unpredictable future.

At the forefront of this transformation is Fortinet, a globally recognized leader in network security and threat intelligence. Fortinet is taking proactive measures by embedding quantum-resistant cryptographic algorithms into its core operating system, FortiOS. This move signals a shift from reactive to pre-emptive cybersecurity—ensuring that businesses can protect themselves not only from today’s threats but also from those on the horizon.

Through its integrated security platform, Fortinet offers end-to-end protection that encompasses firewalls, secure SD-WAN, zero-trust access, endpoint security, and more—all now fortified with quantum-safe encryption capabilities. These enhancements position Fortinet as a visionary ally for organizations striving to remain compliant, competitive, and secure in a world of ever-escalating cyber risks.

Whether you are running a small business, managing a financial institution, operating a health system, or securing national infrastructure, the need for quantum-safe preparedness is no longer a matter of “if” but “when”. By investing in quantum-resilient infrastructure now, businesses can ensure that their data remains protected decades into the future, no matter how the technology landscape evolves.

Partner with Velvot Nigeria Limited for Future-Ready Cybersecurity

At Velvot Nigeria Limited, we understand that staying ahead in cybersecurity requires foresight, expertise, and reliable technology partners. That’s why we align with global leaders like Fortinet to bring cutting-edge, enterprise-grade security solutions to Nigerian and African businesses.

From security assessments and infrastructure audits to full-scale Fortinet deployments, our team offers end-to-end cybersecurity services tailored to your specific risk landscape. We are your trusted partner in building digital resilience that scales with your growth and anticipates future threats.

📍 Office Address: 24 Bode Thomas, Surulere, Lagos State, Nigeria

📞 Call Us: 0911 131 5822

📧 Mail: gtm@velvot.com

🌐 Website: www.velvot.com

Secure your tomorrow, today—with Velvot.

Elementor #3879

Posted on July 21, 2025August 22, 2025 by GTM Velvot

How to Choose the Right Processes to Automate First

With so many possible use cases, one of the biggest questions we hear from business leaders is:

“Where do I even start with automation?”

The answer isn’t “everywhere” it’s strategically.

Not all processes are ready for automation, and automating the wrong ones can backfire. Let’s walk through a simple, effective framework to help you prioritize automation efforts and see quick wins.

Start with the ‘Low-Hanging Fruit’

Before you attempt to automate complex decision-making or interdepartmental workflows, look for tasks that are:

Repetitive
Rule-based
Time-consuming
Low risk if something goes wrong

These are prime candidates because they deliver fast ROI and require minimal disruption to current operations.

5 Criteria for Selecting the Right Processes to Automate First

1. Frequency

How often is the task performed? A daily or weekly task provides more value over time than one performed once a year.

Example: Sending welcome emails to new customers.

2. Volume

Does this task affect a lot of people or involve large amounts of data?

Example: Generating monthly invoices for 500 clients.

3. Standardization

Is the process predictable and rules-driven, or does it require human judgment?

Automate: Updating CRM records
Don’t (yet): Writing custom proposals.

4. Impact on Business Goals

Will automating this process improve efficiency, reduce costs, or enhance customer experience?

Example: Automating complaint handling workflows in customer service.

5. Current Pain Point

Is this task already a bottleneck or causing errors?

Example: Manual inventory updates leading to overselling or stockouts.

Use This 4-Quadrant Priority Grid

	High Impact	Low Impact
High Effort	Automate Later	Avoid
Low Effort	Automate First	Optional

High Impact

Low Impact

High Effort

Automate Later

Avoid

Low Effort

Automate First

Optional

Velvot Quick-Start Automation List

To get you thinking, here are 5 processes we often recommend automating first for Nigerian businesses:

Staff leave request approvals
Customer feedback collection
Inventory reorder alerts
New employee onboarding
Monthly sales reporting

Each of these can be implemented within 2–3 weeks and pays for itself fast.

Let Velvot Help You Prioritize with Precision

At Velvot Nigeria Ltd, we don’t just install automation tools we partner with your team to map out your workflows, identify priorities, and implement what matters most first.

Get a free “Automation Readiness Assessment” by emailing gtm@velvot.com

The best way to start automating is to start smart. Let’s do it together.

Everyday Tasks Your Business Should Automate Right Now

Posted on July 18, 2025August 22, 2025 by GTM Velvot

Everyday Tasks Your Business Should Automate Right Now

Business automation is no longer a luxury for large corporations — it’s a survival tool for businesses of every size.
Whether you run a start-up or an established company, countless hours are lost each day to tasks that could easily run on autopilot.

Here’s a list of 10 everyday tasks that businesses like yours should automate immediately and the tools that make it possible.

1. Customer Enquiries & Chat Responses

Instead of responding manually to each customer message, use a chatbot or automated email sequence to:

Answer FAQs instantly
Route serious issues to the right agent
Collect customer details for follow-up

Example: Velvot helped a logistics client reduce response time from 7 hours to under 30 minutes using automated chat routing.

2. Invoice Creation & Payment Reminders

Stop manually preparing invoices and chasing payments. Automation tools can:

Generate invoices based on project milestones
Send reminders before due dates
Auto-reconcile payments with your accounting system

Impact: Cash flow improves and your finance team spends more time on analysis, not paperwork.

3. Employee Onboarding

Hiring a new team member? Automate:

Sending welcome emails
Sharing training documents
Creating user accounts for tools like Microsoft 365 or Slack

Velvot Insight: Our HR automation package reduces onboarding time by up to 60%, improving new employee engagement from Day 1.

4. Task & Project Notifications

Whether it’s reminding a sales team to follow up or nudging your IT department about a software update, workflow automation ensures:

No task is forgotten
No one is over-reminded
Everything is trackable in real time

5. Social Media Posting

Use automation platforms to:

Schedule posts weeks in advance
Auto-share blogs across platforms
Monitor engagement metrics

Spend less time clicking “post” and more time analysing results.

6. Customer Feedback Collection

After a service is delivered, use automation to:

Send a feedback form
Record satisfaction scores
Trigger escalation if the review is negative

Result: You never miss an opportunity to improve or retain a customer.

7. Email Campaigns

With platforms like Zoho, Mailchimp, or Dynamics 365, you can automate:

Welcome series for new leads
Abandoned cart reminders
Event invitations and follow-ups

Bonus: You can personalize emails based on user behavior without lifting a finger.

8. File Backups & Data Syncing

Protect your work without having to think about it. Schedule:

Automatic backups to the cloud
File syncing across team devices
Version history creation for easy rollback.

9. Lead Routing

Tired of manually assigning leads to your sales team? Set up rules based on:

Region
Product interest
Industry

Automated routing ensures hot leads reach the right salesperson instantly.

10. Report Generation

Generate daily, weekly, or monthly reports without manual effort.
Whether it’s sales performance, attendance, or service requests,
tools like Power BI or Excel automations can do the heavy lifting.

Start Automating with Velvot Nigeria Ltd

At Velvot, we design automation systems tailored to your team’s real-world workflows so you can work less and achieve more.

Want to find out what’s automatable in your business?

Email gtm@velvot.com and request a free “Automation Discovery Call.”

Small automations. Big impact. Let’s begin.

Signs It’s Time to Modernize Your Legacy Software — and What to Do Next

Posted on July 14, 2025 by GTM Velvot

Signs It’s Time to Modernize Your Legacy Software — and What to Do Next

A mid-sized microfinance bank in Lagos delayed upgrading its core system for over five years. Initially, they saved ₦8 million in upgrade costs but in 2023, a ransomware attack exploited a vulnerability in their outdated software. It took 3 weeks to recover data and operations, costing the bank over ₦70 million in lost revenue, recovery fees, and fines.

The real cost? Customer confidence dropped. They lost 12% of their client base within 6 months.

Legacy systems don’t fail all at once. They fade slowly, quietly eroding your business performance until something critical breaks. The challenge is knowing when to act.

Here’s how to recognize the warning signs and take action before outdated software hurts your bottom line.

How Do You Know Your System Is Outdated?

Sometimes, the signs are subtle but their effects are damaging. If you check more than 2–3 items on this list, your business is likely being slowed down by legacy tech:

1. Frequent System Crashes or Errors

Outdated platforms can’t keep up with modern processing demands, leading to instability, glitches, and frustrating downtime.

2. Poor Integration Capabilities

If your accounting system can’t speak to your CRM, or your inventory doesn’t sync with your online store, you’re wasting hours manually moving data.

3. Lack of Mobile Access or Cloud Compatibility

Modern workforces and clients demand mobility. If your system isn’t accessible from anywhere, you’re stuck in a local-only world.

4. Increasing IT Support and Maintenance Costs

Are you constantly calling in specialists just to keep things running? Legacy tech becomes more expensive to maintain over time.

5. Losing Competitive Advantage

Competitors are offering faster service, better insights, or personalized customer experiences. You know your tech can’t keep up.

What Happens If You Delay Modernization?

You may miss growth opportunities
Security vulnerabilities go unpatched
Employee morale suffers
Customer experience declines

Over time, the cost of inaction far exceeds the cost of transition.

What to Do Next: A Simple Game Plan

Conduct a Technology Audit
- Identify which systems are outdated, unsupported, or inefficient.
Map Your Business Processes
- Understand how your teams work today so your new systems can enhance “not disrupt” workflow.
Prioritize Based on Risk and Impact
- Start with the systems that affect customer experience or revenue directly.
Choose the Right Modern Platforms
- Opt for secure, cloud-based, scalable platforms with strong support ecosystems.
Find a Trusted Partner
- Migration is smoother and faster with a professional team guiding the process.

Modernize with Velvot Nigeria Ltd

At Velvot, we help Nigerian businesses make informed, phased, and stress-free upgrades. From audit to implementation, our team ensures minimal downtime and maximum results.

We will help you identify your weak spots? Email gtm@velvot.com for a free systems check and strategy session.

The best time to modernize was yesterday. The next best time is now.

IMAGES: ACROPOLUIM

Posted on July 7, 2025 by GTM Velvot

Email Bomb Attacks: How to Stay Protected with Microsoft Defender

As businesses grow increasingly dependent on email, cyber attackers have become more creative and aggressive. One emerging tactic is the email bomb attack, where your inbox is flooded with thousands of messages in a short time, effectively locking you out of important communications and masking other targeted attacks like password resets or fraud.

What Is an Email Bomb?

An email bomb is a type of denial-of-service (DoS) attack on your inbox. Attackers send thousands of messages from legitimate but compromised sources to overwhelm your mailbox. While seemingly random, the real objective is often to distract, disrupt, or conceal more harmful activity such as unauthorized logins, wire fraud, or identity theft.

Microsoft Defender for Office 365 to the Rescue!

Microsoft has introduced powerful mitigation tools within Defender for Office 365 to detect and respond to such attacks. Some of the intelligent features include:

Automated inbox clean-up of bomb messages
Mailflow monitoring to detect abnormal spikes
User protection by pausing delivery when attacks are detected
Threat Explorer & real-time hunting tools to identify compromised accounts or patterns

Why This Matters for Nigerian Businesses

At Velvot, we’ve seen first hand how even reputable companies are caught off guard by these attacks. Whether you’re in finance, oil & gas, education, or security, email remains a mission-critical channel and a major vulnerability.

If your team uses Microsoft 365, Defender for Office 365 offers the kind of proactive protection modern businesses need.

How Velvot Can Help

Velvot Nigeria Ltd is a certified Microsoft partner. We help organizations:

* Deploy Microsoft Defender for Office 365
* Set up automated policies to prevent and respond to email threats
* Train employees on identifying and reporting suspicious email behaviours
* Monitor your systems in real-time with advanced threat protection dashboards

Ready to Secure Your Inboxes?

Let’s run a free security assessment to see if your mail environment is exposed and how we can strengthen it with Defender for Office 365.

Based on insights from Microsoft Tech

From Bottlenecks to Breakthroughs: How Process Automation Supercharges Business Efficiency

Posted on July 7, 2025 by GTM Velvot

From Bottlenecks to Breakthroughs: How Process Automation Supercharges Business Efficiency

Every business has them, Good those slow repetitive tasks that consume hours of valuable time. Manual invoice approvals, back-and-forth HR onboarding paperwork, customer service requests processed across disconnected systems. It’s not just inconvenient it’s costly. But there’s good news: process automation can turn these bottlenecks into breakthroughs.

The Real Cost of Manual Processes

Repetitive tasks may seem trivial on their own, but they compound quickly. In finance departments, for example, manual invoice handling is prone to human error, lost paperwork, and delayed approvals. In HR, onboarding new employees can stretch over days due to redundant data entry. Customer service teams spend time on routine inquiries that could be handled by automated workflows.

This not only wastes time it drains morale and distracts your workforce from high impact activities.

Automation in Action: Key Areas of Transformation

Finance

Automate accounts payable, expense reporting, and reconciliations. With automated workflows, approvals are faster, errors are reduced, and data becomes more transparent.

Human Resources

Streamline hiring, onboarding, and benefits administration with self-service portals and automated document management. HR becomes more efficient and new hires feel welcomed right away.

Customer Service

Empower your support teams with chatbots and ticket routing systems that handle routine inquiries, freeing agents to focus on complex customer needs and relationship-building.

Why Now Is the Time to Automate

Faster Turnaround: Automated processes work 24/7 with no coffee breaks
Improved Accuracy: Fewer human errors = higher data integrity
Scalability: Handle more volume without scaling up headcount
Happier Teams: Employees can focus on creative, strategic tasks that matter

Ready to Break Through the Bottlenecks?

At Velvot, we specialize in building intelligent automation solutions tailored to your unique workflows—whether it’s in finance, HR, or customer service. Our platforms are scalable, secure, and designed to grow with your business.

Unlock the efficiency your team deserves. Reach out to Velvot today and let’s automate your success.

At Velvot, we specialize in crafting intelligent automation solutions that are tailored to your business. Whether you’re looking to streamline finance, HR, customer service, or operations, our tools help you move from manual madness to measurable momentum.

Ready to reclaim your time and turbocharge your processes? Connect with Velvot today and let’s build smarter together.

Visit www.velvot.com or send a mail to gtm@velvot.com to book a meeting.

Gmail Hack Attacks Increasingly Sophisticated – Here’s What Businesses Need to Know

Posted on July 3, 2025July 3, 2025 by GTM Velvot

The Threat

In the past few months, Google has warned that state-sponsored hackers, including the Russian-linked UNC6293 and Cozy Bear (APT29), have launched advanced phishing campaigns targeting Gmail users (atomicmail.io, as.com). These attackers are now bypassing traditional defences—even two-factor authentication—by mimicking official Google alerts such as:

Fake legal subpoenas or “security threats”
Emails signed with valid DKIM tokens and sent from no-reply@google.com
Links that redirect to credential-harvesting sites hosted on sites.google.com (atomicmail.io)

These highly convincing tactics make even technical and security-conscious users vulnerable.

Why This Matters for Businesses

Credential theft can lead to full account takeover, exposing sensitive business data.
Supply chain risk: compromised Gmail accounts can be leveraged to hack clients and partners.
Compliance breaches: stolen data can result in GDPR, NDPR, or other regulatory violations.

Recommended Defences

Adopt passkeys and passwordless login
- Google is pushing Passkey adoption to replace vulnerable traditional passwords (atomicmail.io, m.economictimes.com).
Enforce 2-step verification (2SV) and app password hygiene
- Remove unused app passwords. Educate staff to disable them when unused.
Perform regular security drills
- Simulated phishing campaigns and header analysis training.
- Teach employees to check URLs meticulously and avoid hovering over suspicious links.
Audit account activity continuously
- Regularly review Gmail “last account activity” logs and remove unauthorized devices.
Use advanced protection for high-value accounts
- Enroll executives and IT admins in Google’s Advanced Protection Program.

Tools & Tech You Can Integrate

SIEM alerts: Automate suspicious login events from Google Workspace.
Endpoint protection: Install tools that flag redirects from trusted domains like sites.google.com.
Training modules: Integrate phishing awareness into your LMS or knowledge portal.

Real-World Case Highlight

Senior fellow Keir Giles of Chatham House fell victim after attackers impersonated U.S. government officials over weeks—demonstrating how even seasoned professionals can be compromised, the CEO of Instagram Adam Mosseri almost feel to the same scheme recently. (thetimes.co.uk, atomicmail.io, nypost.com).

✨ How Velvot Can Help

We help enterprise clients implement:

Passwordless and MFA solutions (Passkeys, hardware tokens)
Regular phishing simulations and employee drills
Security audits and endpoint monitoring
Custom training modules, tailored to industry-specific risks and regulatory compliance

This isn’t just another phishing wave—it’s a wake-up call. Businesses must assume trusted channels can be compromised, and implement stronger authentication, continuous defence, and proactive training to secure their people, data, and reputation.

Book a free consultation or email us at gtm@velvot.com to get started.

Don’t wait for a breach — protect your business today.