Blog

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive ordering federal civilian agencies to remediate a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM). The move comes after confirmed evidence that the flaw is already being actively exploited in real-world attacks. Ivanti Endpoint Manager Mobile (EPMM) is a mobile device management (MDM)…

Outdated operating systems remain common across workplaces, with many organizations still relying on devices that lack critical updates. This lapse in basic security maintenance increases the risk of cyberattacks and leaves sensitive data needlessly exposed. Jamf’s Security 360 Report analyzes data from over a million Mac and mobile devices to show how modern Apple-focused environments…

Microsoft has rolled out a new set of security, governance, and analytics enhancements for Microsoft 365 Copilot, aimed at giving organizations tighter oversight of AI-driven workflows. The updates give administrators more precise tools to monitor usage, enforce policies, and maintain control over how AI is deployed across the enterprise. Microsoft has introduced Purview Data Loss…

Organizations around the world are being quietly breached through a new Microsoft device‑code phishing operation that blends automation and AI to slip past traditional defenses. It allows attackers to hijack a legitimate login process to gain persistent access to corporate email accounts and steal sensitive financial information. This new malicious phishing kit, called EvilTokens, was…

Microsoft has launched a Windows 365 connector in public preview for Microsoft Power Platform and Azure Logic Apps. The goal is to help IT and operations teams automate tasks related to Windows 365 Cloud PCs using low‑code and no‑code tools. Windows 365 is a cloud PC service that lets organizations stream a full Windows desktop…

For a brief moment, it looked like generic AI assistants might become the universal interface for work. Ask anything. Generate everything. Bolt intelligence onto every problem and figure out governance later. That moment is over. Enterprises haven’t rejected AI. They rejected ungovernable AI: systems that make decisions without accountability, touch sensitive data without clear boundaries,…

A vast majority of organizations do not fully trust their cybersecurity vendors. New research from Sophos shows mounting concerns over transparency, accountability, and risk in an evolving threat landscape. The Sophos Cybersecurity Trust Reality 2026 report is based on a global, independent survey of 5,000 IT and security decision‑makers across 17 countries. It examines how…

According to Microsoft’s latest Digital Defense Report, 97% of identity attacks are password spray attacks. This statistic shows that most attackers aren’t using sophisticated cracking techniques. Instead, they rely on a straightforward but effective approach: testing a handful of common or previously exposed passwords across many accounts. In 2026, the biggest password risks are not…

In this episode of First Ring Daily, Brad Sams and Paul Thurrott discuss Artemis II astronauts facing Outlook for Windows issues in space, Microsoft’s new in-house AI models, and more.

As organizations move from on-premises Active Directory to cloud management, many admins need to Import Group Policy Objects to Microsoft Intune, and GPOs often become the last big roadblock. Traditional Group Policy only applies to domain-joined Windows devices, while Microsoft Intune can manage Windows, macOS, iOS/iPadOS, and Android, making it the natural destination for modern…

Microsoft’s retirement of the Microsoft Deployment Toolkit (MDT) has left many IT administrators racing to replace a tool that still underpins critical OS deployment workflows. While cloud‑based management promises simplicity, the transition is revealing gaps that cloud solutions alone can’t yet fill. Microsoft Deployment Toolkit (MDT) was a free Microsoft utility widely used by IT…

Microsoft has introduced custom graphs support in Microsoft Sentinel, which is available in public preview starting April 1, 2026. This new capability is designed to help security teams better understand and investigate complex attacks by visualizing relationships across security data in a more connected way. Modern cyberattacks span multiple entities (users, devices, identities, applications, and…