Cybersecurity Headlines Microsoft enforces admin MFA, Cisco patches ISE, Illinois breaches self
Jan 9, 2026
Microsoft is tightening security by enforcing multi-factor authentication for admin sign-ins starting soon. Cisco has addressed a medium-severity vulnerability in its ISE system following public disclosure. Meanwhile, an Illinois state agency accidentally exposed sensitive data of 700,000 residents online for years. Additional discussions cover prompt-injection risks targeting AI systems and phishing tactics using internal email spoofing. Veeam has also issued a critical update to fix a serious remote code execution vulnerability.
AI Snips
Chapters
Transcript
Episode notes
Enforce Admin MFA Before Feb 9
- Enable and enforce multi-factor authentication for Microsoft 365 admin center sign-ins immediately.
- Microsoft will block admin sign-ins without MFA starting February 9, 2026, so act now to avoid disruption.
ISE Licensing Flaw Risks Admin Data
- A medium-severity ISE flaw allows an authenticated admin to access sensitive info via the licensing feature.
- Cisco reported no workarounds and no known in-the-wild exploitation when the proof-of-concept surfaced.
Illinois Agency Exposed 700K Residents
- The Illinois Department of Human Services accidentally posted PII and PHI for over 700,000 residents on the open web.
- The data remained public for up to four years before being removed in September, exposing HIPAA-protected information.