<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>The Brief on John Shelton | Security, Technology, and Systems</title>
    <link>https://thejohnshelton.com/brief/</link>
    <description>Recent content in The Brief on John Shelton | Security, Technology, and Systems</description>
    <generator>Hugo</generator>
    <language>en-us</language>
    <lastBuildDate>Wed, 15 Jul 2026 00:00:00 +0000</lastBuildDate>
    <atom:link href="https://thejohnshelton.com/brief/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>Business IT News Roundup: July 15, 2026</title>
      <link>https://thejohnshelton.com/brief/2026-07-15-business-it-news-roundup/</link>
      <pubDate>Wed, 15 Jul 2026 00:00:00 +0000</pubDate>
      <guid>https://thejohnshelton.com/brief/2026-07-15-business-it-news-roundup/</guid>
      <description>A record-setting Patch Tuesday with zero-days already under attack, a breach through a third-party IT vendor, an AWS partner shakeup, and why AI adoption still isn&amp;#39;t producing results for most companies.</description>
      <content:encoded><![CDATA[<p>Yesterday was Patch Tuesday, and it was a big one, so today&rsquo;s roundup leans heavy on security. There&rsquo;s also a partner program shakeup worth knowing about and a fresh look at why AI adoption isn&rsquo;t translating into results for most companies. Let&rsquo;s get into it.</p>
<p><strong>Microsoft&rsquo;s biggest Patch Tuesday ever lands, with two zero-days already under attack</strong></p>
<p>Microsoft shipped fixes for a record 570 vulnerabilities this week, more than triple June&rsquo;s previous high, including two flaws already being exploited: an elevation of privilege bug in on-prem SharePoint Server (CVE-2026-56164) and one in Active Directory Federation Services (CVE-2026-56155). A third issue, a BitLocker bypass, was publicly disclosed but not yet confirmed as exploited. John&rsquo;s take: the sheer size of this release is going to tempt some teams to triage loosely and get to it next cycle. Do not do that with the SharePoint and ADFS fixes specifically, since those two are already being used in real attacks.</p>
<p>Source: <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2026-patch-tuesday-fixes-massive-570-flaws-3-zero-days/">Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days</a></p>
<p><strong>SonicWall SMA appliances hit by two zero-days that chain into full admin access</strong></p>
<p>SonicWall is warning that two vulnerabilities in its SMA1000 series (CVE-2026-15409 and CVE-2026-15410) are being actively exploited, and CISA has added both to its Known Exploited Vulnerabilities catalog. Chained together, an unauthenticated attacker can go from a remote request all the way to admin-level command execution on the appliance. John&rsquo;s take: SonicWall gear sits at the edge of a lot of MSP-managed networks, so this is not a &ldquo;read later&rdquo; advisory. If you or your clients run SMA1000 hardware, confirm patch status today rather than at the next maintenance window.</p>
<p>Source: <a href="https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-sma1000-flaws-exploited-in-zero-day-attacks-patch-now/">SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now</a></p>
<p><strong>Lidl&rsquo;s breach came through its IT vendor, not its own systems</strong></p>
<p>Lidl confirmed that a breach at a third-party IT service provider exposed names, phone numbers, emails, birth dates, and customer numbers for online shop customers in Germany, Belgium, and the Netherlands. Passwords, addresses, and payment data were not affected, and Lidl&rsquo;s own platform was never touched directly. John&rsquo;s take: this is the story that should give every MSP a moment of reflection, since we are often that third-party provider for our clients. It is a good prompt to double check your own vendor risk documentation and make sure clients know what you would do, and how fast, if this happened on your watch.</p>
<p>Source: <a href="https://www.bleepingcomputer.com/news/security/lidl-discloses-online-shop-breach-after-service-provider-hack/">Lidl discloses online shop breach after service provider hack</a></p>
<p><strong>AWS puts real money behind agentic AI for its MSP partners</strong></p>
<p>AWS is rolling out what it is calling its largest partner investment ever, including three new MSP-focused incentive programs and a new AI Competency covering agentic AI applications, tools, and consulting services. The push is aimed at partners who can show measurable business outcomes from AI projects, not just deployment activity. John&rsquo;s take: AWS tying incentives to outcomes rather than checkbox certifications is a signal worth watching. If you are an AWS partner, this is a good moment to figure out how you would actually prove impact for a client, because that is where the money is headed.</p>
<p>Source: <a href="https://aws.amazon.com/blogs/apn/updates-to-aws-channel-programs-to-drive-growth-in-2026/">Updates to AWS Channel Partner Programs to Drive Growth in 2026</a></p>
<p><strong>AI adoption is nearly universal. Results mostly are not.</strong></p>
<p>New data shows 78 percent of organizations now use AI in at least one business function, up from 55 percent a year ago. But only 39 percent report any actual bottom-line impact from it, and separate research puts the failure rate for enterprise AI pilots to deliver measurable financial value as high as 95 percent. John&rsquo;s take: this is the gap I talk about on the podcast constantly. Buying the tool is the easy part. The businesses seeing real results are the ones that redesigned a workflow around AI, not the ones that bolted a chatbot onto their old process and called it done.</p>
<p>Source: <a href="https://www.netguru.com/blog/ai-adoption-statistics">AI Adoption Statistics in 2026</a></p>
<hr>
<p><strong>Sponsored by Lucky 13 Solutions</strong></p>
<p>Business in Motion. Tech in Sync. Lucky 13 Solutions is a managed services provider helping small and midsize businesses keep their IT reliable, secure, and well-supported, without needing a full in-house team. Learn more at <a href="https://l13s.com">l13s.com</a>.</p>
<hr>
<p><strong>Get the Business IT News Roundup in your inbox:</strong></p>
<script async data-uid="47cdec4d58" src="https://the-john-shelton.kit.com/47cdec4d58/index.js"></script>

]]></content:encoded>
    </item>
  </channel>
</rss>
