The 2026 Cloud Security Report from Fortinet finds cloud security teams are less concerned about whether cloud platforms can be secured and more focused on whether their defenses can keep pace with the speed of change.
A recent Exchange Online disruption tied to Microsoft network changes underscores how deeply businesses still rely on email -- and how few practical options organizations have to protect critical workflows when cloud services fail.
- By Joey D'Antoni
- 01/28/2026
Ransomware attacks continued to climb in 2025 as attackers increasingly timed operations around year-end staffing gaps and shifted away from traditional file encryption.
Microsoft released an out-of-band update Friday to resolve credential authentication failures affecting Azure Virtual Desktop and Windows 365 connections that emerged after the company's January 2026 security update.
Microsoft released a pair of security and compliance updates this week designed to help IT administrators strengthen protections across Microsoft 365 Apps for enterprise and simplify app governance in Teams.
Microsoft said it has disrupted RedVDS, a global cybercrime subscription service used by financially motivated attackers to carry out business email compromise, mass phishing and account takeover campaigns.
Microsoft rang in 2026 with its biggest January Patch Tuesday rollout in four years, shipping fixes for 113 vulnerabilities across Windows, Office and other products
Microsoft has begun out new AI-powered incident prioritization capabilities in Microsoft Defender alongside an expanded suite of proactive incident response services, giving security teams more tools to prevent, detect and recover from cybersecurity threats.
Microsoft closed out 2025 with its final Patch Tuesday release. This month's update fixes 56 vulnerabilities across Windows, Office and several other products, and includes three zero-day flaw fixes.
Microsoft is bringing advanced endpoint management capabilities from its Intune Suite directly into Microsoft 365 E3 and E5 subscriptions.
Microsoft is tightening security around its Entra ID sign-in process by blocking external script injection, a move that could force some orgs to rethink their browser extension strategies.
At Ignite 2025, Microsoft doubled down on its Copilot strategy, announcing new agents and capabilities that bring deeper intelligence and automation to everyday workflows in Microsoft 365.
In what may be the first publicly known case of a state-sponsored cyber-espionage campaign using a large language model, Anthropic reported that attackers linked to China leveraged its Claude Code AI to carry out intrusions against about 30 global organizations.
Microsoft's latest Patch Tuesday brings fixes for 63 security flaws spread across Windows, Office and several other Microsoft products, including one zero-day vulnerability.
Microsoft is warning IT administrators about an increase in attacks aimed at Azure Blob Storage, saying threat actors are taking advantage of exposed credentials, weak access controls and misconfigurations to gain access to sensitive cloud data.
A lightweight free utility gives Windows users an easy way to review and control system-level privacy settings without digging into the registry.
At Live! 360 Orlando, Microsoft MVP John O’Neill Sr. will explore how combining Security Copilot with Defender XDR is helping SOCs accelerate response times, improve accuracy and reduce analyst fatigue.
Microsoft 365 administrators can fine-tune Defender's anti-phishing policies to determine how detected spoofed or impersonated messages are handled, from quarantine and deletion to user safety tips that flag suspicious senders.
Microsoft's latest Insider Preview, Build 26220.6772, introduces a significant policy change: removal of known workarounds to skip Microsoft Account setup during Windows 11 installation (OOBE).
Microsoft 365 administrators can use built-in Defender for Office 365 tools to enable impersonation and domain protection, reducing phishing risks by identifying spoofed senders and untrusted domains.