Commstec
13/07/2026
If you've ever spent 5 minutes hunting through Teams trying to find a meeting recording, there's a feature you should be using.
It's called the Meet app, and it's already built into Teams. No Copilot license required.
The Meet app gives you a single dashboard for every meeting you've had or are about to have. Click on any meeting and you get the agenda, recording, transcript, chat, and shared files, all in one place.
To find it:
1. Open Teams
2. Click the three dots on the left navigation bar
3. Search for "Meet"
4. Right-click and pin it so it stays in your sidebar
Once pinned, you'll see two views: upcoming meetings and past meetings. Click any past meeting to see everything tied to it.
Finding what was discussed in last month's leadership review used to take 5 minutes of digging through your calendar, recordings, and SharePoint.
With Meet, it takes 30 seconds.
12/07/2026
In April 2026, ransomware hit Adaptavist, an Atlassian platinum partner that builds and supports tools for thousands of business customers.
Adaptavist makes ScriptRunner and similar add-ons that plug into Atlassian products like Jira and Confluence. When attackers got into Adaptavist's systems, every customer connected to those tools was suddenly downstream of a breach they didn't cause.
This is the supply chain attack pattern. Your business doesn't have to be the target. It just has to share a vendor with the target.
Three things worth doing this month:
-Make a one-page list of every SaaS vendor your business depends on. Email, accounting, payroll, CRM, helpdesk, file storage, project management. The list is usually longer than you'd expect.
-For each vendor, find their security and breach notification page online. If you can't find it in five minutes, that's information worth knowing.
-For the top five vendors by data sensitivity, ask three questions in writing: do you have a current SOC 2 Type II report, what's your breach notification SLA, and how do you handle credentials inside your support tooling.
You can't control every vendor's security. Pick the ones that take it seriously.
Adaptavist Group breach: Ransomware crew claims mega-haul : Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole
09/07/2026
In May 2026, the US government's cybersecurity agency added a top-severity Cisco vulnerability to its "fix this now" list.
The flaw lives in Cisco SD-WAN controllers. These are the devices many businesses use to connect remote offices, branch locations, or remote workers to their main network. The vulnerability scored a 10.0 out of 10 on the standard severity scale, which means an attacker who reaches the device over the internet can take it over completely. Once they're in, they have the keys to the network the device sits on.
CISA's "fix it now" list, formally called the Known Exploited Vulnerabilities catalog, is the list of bugs that hackers are already actively using. Federal agencies have a hard deadline to patch anything on it. Your business should be just as fast.
If you use Cisco SD-WAN, your IT team or MSP should already be on this. If you're not sure, ask them today: "Do we have any Cisco SD-WAN devices anywhere in our network?" The answer is yes, no, or "let me check." Only the third one needs follow-up.
The CISA KEV catalog is free, public, and updated weekly. It's the closest thing to a "what to patch first" list for businesses without a full security team.
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits CISA added CVE-2026-20182, a CVSS 10.0 Cisco Catalyst SD-WAN Controller authentication bypass flaw, to its KEV catalog.
03/07/2026
If an email asks you to download a tool to "view a document," stop and verify before clicking.
A growing attack pattern is tricking employees into installing real IT software on their own machines.
The software is called RMM (Remote Monitoring and Management), and it lets IT companies remotely control computers for support purposes.
Tools like ConnectWise ScreenConnect, Datto RMM, SimpleHelp, N-able, and LogMeIn are all legitimate and digitally signed by reputable vendors.
That's exactly why attackers love them. Antivirus software doesn't flag them as malicious because they aren't malicious. They're just being installed by the wrong person.
In February 2026, Microsoft documented a campaign that hit 29,000 users across 10,000 organizations.
The lure was a fake "IRS Transcript Viewer" email. The download was actually a repackaged ScreenConnect installer.
Once an employee ran it, the attacker had full remote control of their machine.
The same trick is being used with fake Zoom invites, fake Teams calls, and fake DocuSign emails.
A few things you can do:
▶️ Ask your IT provider to maintain an allow-list of approved RMM tools. Anything outside that list gets blocked from installing automatically.
▶️ Train your team that "download this viewer to see your document" is almost always a phishing attempt. Real documents don't require a new program.
▶️ Audit your endpoints for RMM software your IT provider didn't install. If you see something unfamiliar, flag it.
If you're not sure what RMM tools are running on your team's computers right now, that's the first thing to check this week.
Click here to claim your Sponsored Listing.
Category
Telephone
Website
Address
Sheffield Business Centre
Sheffield
S91XZ