Blog

Cybersecurity researchers have identified a new social engineering attack that builds on the previously known ClickFix technique. According to Check Point, attackers are already conducting dry runs of the new FileFix method to test malware delivery tactics in the wild. The FileFix attack manipulates users into running malicious commands by exploiting familiar Windows behavior. When…

The dsregcmd command is an important tool for troubleshooting device authentication and registration issues in Microsoft Entra ID. It helps admins figure out if a device is correctly joined to Microsoft Entra ID, hybrid-joined, or domain-joined Active Directory. Running dsregcmd By analyzing the output of dsregcmd /status, IT administrators can diagnose and resolve authentication, compliance, and…

Microsoft has announced the public preview of Deep Research in Azure AI Foundry, a powerful API and SDK-based service that integrates OpenAI’s advanced agentic research capabilities directly into the Azure ecosystem. This new offering allows developers to build intelligent research agents that can autonomously plan, analyze, and synthesize information at scale. Earlier this year, OpenAI…

Microsoft has announced plans to reduce the Delicensing Resiliency threshold from 10,000 to 5,000 non-trial Exchange Online licenses. This update gives mid-sized enterprises stronger safeguards against accidental mailbox disruptions. The Delicensing Resiliency feature in Exchange Online is designed to protect organizations from accidental or unintended removal of mailbox licenses, which can disrupt email access and…

Microsoft has announced an Extended Security Update program for Exchange 2016 and 2019, as well as Skype for Business 2015 and 2019. This program will let organizations that aren’t yet ready to upgrade to the Subscription Editions continue to receive security updates for these older products after they reach end of support on October 14,…

Microsoft is ending feature updates for Microsoft 365 apps on Windows 10 PCs starting next year. While security updates will still be provided through October 2028, accessing new features will require an upgrade to Windows 11. In an updated support document (via The Verge), Microsoft stated that users with a Microsoft 365 Personal and Family…

This guide covers syntax, practical examples, common use cases, and troubleshooting tips to assist with your daily duties with AD management tasks. What does Get-ADPrincipalGroupMembership do? The Get-ADPrincipalGroupMembership cmdlet gets the Active Directory (AD) groups that have a specified user, group, computer, or service account as a member. You will need to make sure a…

Microsoft has announced the general availability of Security Copilot capabilities in Microsoft Intune and Microsoft Entra. This release helps organizations leverage intelligent automation to streamline operations, strengthen security, and make faster, smarter decisions. “Organizations using Security Copilot have seen a 54% reduction in time to resolve device policy conflicts, and a 22.8% drop in alerts…

Microsoft has rolled out an out-of-band update (KB5064489) for Windows 11 version 24H2 to fix a critical issue that prevented some Azure Virtual Machines (VMs) from booting when Virtualization-Based Security (VBS) was enabled. In addition to resolving this startup glitch, the update also includes security enhancements and improvements from the July 8 update (KB5062553). Microsoft…

Organizations are struggling with poor visibility into their software supply chains, even as 40% of CEOs rank it as their top cybersecurity concern. A new report from LevelBlue exposes how this lack of transparency, combined with escalating AI-driven threats and uneven global preparedness, is putting critical systems at serious risk. LevelBlue surveyed 1,500 respondents across…

Cybersecurity researchers have discovered a critical vulnerability in Citrix’s network management devices that allows attackers to bypass multi-factor authentication and hijack user sessions. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw (dubbed CitrixBleed 2) to its Known Exploited Vulnerabilities catalog. How are attackers exploiting CitrixBleed 2 vulnerability? The security vulnerability (CVE-2025-5777)…

In this episode of First Ring Daily, Brad Sams and Paul Thurrott discuss Perplexity AI launching Comet, its new AI-powered web browser, and OpenAI planning to do the same very soon to challenge the dominance of Google Search and Google Chrome.