Blog

Microsoft has issued a warning that hackers are actively exploiting vulnerabilities in on-premises SharePoint servers to launch ransomware attacks. According to the Microsoft Threat Intelligence team, the China-linked threat group Storm-2603 is leveraging these flaws to deploy the Warlock ransomware. Eye Security first spotted the SharePoint vulnerability (also known as “ToolShell”) over the weekend. It…

Microsoft has begun rolling out update KB5062660 for Windows 11 version 24H2, which brings a range of new features under the Windows Resilience Initiative. These enhancements aim to reduce downtime and significantly improve system recovery and stability. Microsoft launched the Windows Resiliency Initiative in late 2024. It’s a strategic effort by Microsoft to embed resilience…

PowerShell is a command-line language designed to automate the management of Windows systems, and it excels at pulling system-level details from local or remote machines. With PowerShell, IT teams can quickly gather compliance data from hundreds of PCs, generate reports, and build repeatable workflows that scale. In this article, I’ll show you how to check…

Microsoft has announced the general availability of RDP Multipath for Windows 365 and Azure Virtual Desktop (AVD). This feature intelligently selects the most stable network path in real time, ensuring smoother, uninterrupted user experiences—even in unstable network conditions. RDP Multipath is a feature in Windows 365 and Azure Virtual Desktop that enhances connection reliability by…

Microsoft has disclosed that Chinese state-sponsored threat actors are actively exploiting critical vulnerabilities in on-premises SharePoint servers to launch global cyberattacks. So far, Microsoft researchers have confirmed breaches at more than 54 organizations across multiple countries. According to the Microsoft Threat Intelligence team, Microsoft has observed three China-based state-backed groups (dubbed Linen Typhoon and Violet…

Microsoft has just launched the Microsoft Sentinel Data Lake, now available in public preview for commercial customers. This centralized platform brings together security data from Microsoft and third-party sources, offering cost-effective long-term storage and advanced AI-driven threat detection and analysis. The problem with fragmented security data Security teams often struggle with data scattered across various…

Microsoft has launched a new Intel-powered Surface Laptop 5G for business customers, which will start shipping on August 26. Meanwhile, the previously announced 12-inch Surface Pro and 13-inch Surface Laptop are now available for business customers starting today. Microsoft’s new 5G version of the Surface Laptop for Business is a Copilot+ PC that features a…

Microsoft has issued emergency out-of-band security updates to address a critical vulnerability in SharePoint Server that’s already being actively exploited. The high-severity flaw is being used in targeted attacks against U.S. federal and state agencies as well as thousands of organizations worldwide. The critical security flaws (tracked as CVE-2025-53770 and CVE-2025-53771) affect on-premises SharePoint Server…

As organizations transition to hybrid and cloud-native environments, understanding the distinctions of Entra ID vs Active Directory becomes crucial. This article explores architecture, capability, integration models, and security, providing IT professionals with a clear comparison of the two solutions. Entra ID vs Active Directory – What are these platforms? Microsoft Active Directory, introduced in 1999…

Security researchers have identified a critical flaw in Microsoft Entra ID that could let attackers seize Global Administrator access by exploiting trusted first-party applications. This vulnerability poses a serious risk, especially for organizations using hybrid Active Directory environments. What is the exploitation technique? Last week, Datadog published a comprehensive report demonstrating a critical privilege escalation…

A trade group of European cloud providers has secured key concessions from Microsoft over its software licensing practices. Members of the Cloud Infrastructure Services Providers in Europe (CISPE) can now offer pay-as-you-go plans, match Azure pricing, and privately host customer workloads. According to CISPE, this new agreement will allow members to offer Microsoft software to…

On this episode of First Ring Daily, Brad Sams and Paul Thurrott dive deep into the complexities Microsoft faces with its Copilot assistant against the competition.