Blog

Learn how to harness the power of PowerShell to manage a specific SharePoint Online site with Connect-PnPOnline. This guide walks you through installing the Connect-PnPOnline PowerShell module, connecting to SharePoint Online using the Connect-PnPOnline command, and exploring the capabilities of the SharePoint Online PowerShell module for seamless site administration and automation. What is PnP PowerShell?…

Microsoft and Cloudflare have teamed up to disrupt RaccoonO365, a notorious phishing-as-a-service (PhaaS) operation. The phishing platform enabled cybercriminals to steal thousands of Microsoft 365 credentials across nearly 100 countries. Microsoft explained that the RaccoonO365 hacking group (also known as Storm-2246) has been active since July 2024. Earlier this month, Microsoft’s Digital Crimes Unit (DCU)…

Microsoft has rolled out the public preview of Windows 365 Cloud Apps, a service that lets organizations stream individual applications directly from the cloud. Instead of assigning each employee a full Cloud PC, IT admins can now provide secure, app-only access, which is ideal for flexible, task-based roles. Microsoft says organizations can now use a…

Microsoft has announced several new capabilities for its Windows 365 Boot service. This release brings support for direct access to the Connection Center, improved troubleshooting tools, cross-region disaster recovery, and more. What is Windows 365 Boot? Windows 365 Boot is a feature that allows users to log directly into their Cloud PC from a physical…

Researchers have identified a new ransomware strain, HybridPetya, which merges the encryption tactics of Petya with the destructive wiping capabilities of NotPetya. The malware leverages a patched vulnerability to bypass UEFI Secure Boot on unrevoked Windows systems. This ransomware-bootkit combo malware was first discovered by ESET researchers in February 2025. They named this malware HybridPetya…

Active Directory (AD) has been around a long time, but it remains the primary target for attackers. Research shows that nine out of ten breaches involve AD or Entra ID. Many environments today are hybrid, which further complicates keeping organizations secure. While free tools give you a quick snapshot of risk, enterprise grade security requires deeper…

Microsoft has reminded customers that Windows 10 will officially reach its end of support next month. On the same date, Windows 10 2015 LTSB and Windows 10 IoT Enterprise LTSB 2015 will also lose extended support. Microsoft will stop providing security updates, bug fixes, or technical support for Windows 10 after October 14, 2025. The…

Cybersecurity researchers have disclosed VoidProxy, a sophisticated phishing-as-a-service platform that enables attackers to intercept login credentials and session tokens in real time. VoidProxy poses a growing threat to enterprise customers across Microsoft 365, Google Workspace, and federated identity providers. Okta’s Threat Intelligence team discovered and analyzed the VoidProxy phishing-as-a-service platform. They describe it as scalable,…

Privileged access workstations are used, as the name suggests, with privileged accounts, like users in the Domain Admins group, to manage sensitive resources in your environment such as Active Directory (AD) domain controllers (DCs). If an attacker is able to get access to a privileged account, they can move laterally throughout your network, escalate privileges,…

Microsoft has rolled out the Access Review Agent in public preview for Microsoft Entra ID customers. Integrated into Microsoft Teams, this new tool provides reviewers with AI-driven guidance, recommendations, and insights, allowing them to make faster and more informed decisions. Access reviews often become a tedious and error-prone process due to the volume of decisions,…

Microsoft has avoided a potentially costly antitrust probe by the European Commission over its bundling of Teams with Microsoft 365 and Office 365 subscriptions. To address regulators’ concerns, the company will now offer stripped-down versions of its Office suite without Teams at a reduced price. In July 2020, Slack filed an official antitrust complaint against…

On this episode of First Ring Daily, Brad Sams and Paul Thurrott discuss OpenAI reaching a non-binding deal with Microsoft to transition its for-profit arm into a Public Benefit Corporation.