BVA technology services

BVA technology services We're your trusted source for IT services, solutions, and support. Stay up, running, and protected!

06/02/2026

FBI Alert: New Attack Bypasses Microsoft 365 MFA

A new phishing platform called Kali365 is allowing attackers to hijack Microsoft 365 accounts without stealing credentials—and without triggering MFA. [ic3.gov]

Check out our full bva tech blog at the following link:
https://www.bvainc.com/2026/06/02/new-fbi-alert-kali365-phishing-kit-bypasses-microsoft-365-mfa/

Instead, it tricks users into approving access via legitimate Microsoft login flows, capturing OAuth tokens for persistent access.

What this means:
• MFA alone is no longer enough
• Attackers are targeting identity—not passwords
• Persistent access can go undetected

What you should do now:
• Block or restrict device code authentication
• Review Conditional Access policies
• Monitor OAuth/token activity

If you’re not actively managing identity security in M365, you’re exposed.
BVA can help assess and secure your environment before it’s too late.

05/14/2026

Think MFA Is Enough? Think Again.

Most businesses rely on multi-factor authentication (MFA) to protect access—but today’s attacks are designed to bypass it.

Phishing kits, MFA fatigue attacks, and credential replay techniques can still compromise accounts—even when MFA is enabled.

The solution? Phishing-resistant MFA.....

Instead of relying on codes or approvals that can be intercepted, this modern approach uses:
-Device-bound credentials
-Cryptographic authentication
-Domain validation (so fake login pages simply fail)

That means: No passwords to steal
-No codes to intercept
-No approvals to trick users into

Technologies like FIDO2 security keys, passkeys, and Windows Hello are leading the shift toward passwordless, Zero Trust security.

If your organization is still using: SMS codes
-Push notifications
-Legacy MFA

It’s time to modernize. The future of security isn’t more layers it’s stronger identity!

05/06/2026

Azure Security isn’t optional, it’s foundational.

As more businesses move to Microsoft Azure, security must be built into every layer—not bolted on later. Take a look at bva tech’s full blog on this:
https://www.bvainc.com/2026/05/06/azure-security-best-practices-for-modern-cloud-environments/

Here’s how to protect your environment:

• Understand your role in the shared responsibility model
• Secure identities with MFA + Conditional Access
• Lock down networks with firewalls & private endpoints
• Protect data with encryption + Key Vault
• Leverage Defender for Cloud & Sentinel
• Monitor everything, 24/7 visibility is key
• Apply defense-in-depth across your entire stack

Most breaches aren’t hacks they’re misconfigurations and credential compromises. If your Azure environment hasn’t been reviewed recently, now is the time.

04/10/2026

When AI Breaks Containment

Anthropic recently revealed that its most powerful AI model escaped a sandbox environment and emailed a researcher to confirm it. This should terrify everyone that is ready this. That’s not sci fi it happened during real testing. If you would like to read the full Technical BVA Blog on this subject, please check it out:
https://www.bvainc.com/2026/04/10/when-ai-breaks-containment-why-anthropic-refused-to-release-its-most-powerful-model/

The model, Claude Mythos Preview, can autonomously identify and exploit zero day vulnerabilities so effectively that Anthropic made the rare decision not to release it publicly. Instead, access is restricted to a small group of organizations working exclusively on defensive cybersecurity efforts.

This moment is a wake up call for businesses and IT leaders:
-Sandboxes and guardrails are no longer foolproof
-AI dramatically compresses cyber risk timelines
-Governance, containment, and Zero Trust matter more than ever

The future of AI isn’t just about capability it’s about control, responsibility, and defense first deployment. If AI can move this fast, your security strategy has to move faster. You have to commend Anthropic management for acting correctly with this mishap.




04/03/2026

New Google Gemma 4 Models

With Gemma 4, Google is making a clear statement: advanced reasoning and autonomous AI do not have to be locked behind proprietary platforms. By combining strong open-model performance, agentic capabilities, multimodal support, and a truly permissive license, Gemma 4 positions itself as one of the most compelling open AI options available today. Please check out our full Technical Blog on Gemma 4:

https://www.bvainc.com/2026/04/03/google-gemma-4-models-open-agentic-ai-built-for-advanced-reasoning-and-local-deployment/

For teams looking to build secure, scalable, and intelligent systems—without vendor lock-in—Gemma 4 represents a meaningful leap forward.



04/02/2026

Are you Prepared? IT Compliance Is No Longer Optional

Across the U.S., businesses are facing tighter cybersecurity regulations, stronger enforcement, and higher expectations from insurers, partners, and customers. Frameworks like NIST, CMMC, HIPAA, and PCI DSS are quickly becoming the baseline—not the exception.

Check out our full bva Technical Blog: https://www.bvainc.com/2026/04/01/businesses-are-prioritizing-it-compliance-a-look-at-todays-regulatory-landscape-learn-why/

IT compliance isn’t just about passing audits. It’s about reducing risk, protecting data, and building long term resilience.

If compliance feels overwhelming, you’re not alone—but it’s also an opportunity to strengthen your security posture and gain a competitive edge.

03/20/2026

Amazon Is Reportedly Working on an Alexa Powered Smartphone

Amazon may be jumping back into the phone game—this time with AI at the center. According to multiple reports, Amazon is developing a new smartphone (internally codenamed “Transformer”) designed to deeply integrate Alexa+, shopping, streaming, and everyday tasks.

What makes it different?

• Alexa-first experience with generative AI capabilities
• Seamless Amazon shopping, Prime Video, and Prime Music access
• Potential to reduce reliance on traditional app stores
• AI driven personalization throughout the day
• Possible minimalist or “secondary phone” design to reduce screen time

Release date? There’s no confirmed launch date or pricing yet, and Amazon hasn’t officially announced the device. Reports note the project is still in development and could evolve—or be shelved.

If this launches, it could be Amazon’s boldest hardware move since the Fire Phone—only this time, AI is the star of the show.

03/17/2026

Do you really know what your users are doing?

Most businesses protect the perimeter—but lack visibility inside their environment.
What are users doing on endpoints?
What data are they accessing inside applications?
And could you retrace those actions six days later if something went wrong?

In today’s world of intellectual property theft and fraud, visibility isn’t optional.
Without centralized logging and correlation, it’s nearly impossible to determine: • How an incident occurred
• What data was involved
• Who was impacted
• And how to prevent it from happening again

Check out our Full Blog on this: https://www.bvainc.com/2026/03/17/do-you-really-know-what-your-users-are-doing-siem/

That’s where a properly implemented SIEM changes everything—turning raw activity into clarity, context, and control.

If you can’t see it, you can’t secure it.

03/10/2026

Organizations are quietly running multiple AI / LLM tools with little to no oversight — all while employees choose their own platforms and unknowingly place company data and IP onto shared infrastructure. Check out our full blog on this:

https://www.bvainc.com/2026/03/10/ai-sprawl-the-hidden-risk-lurking-inside-your-organization/

This creates serious risks:
-Intellectual property exposure
-Compliance and security blind spots
-Inconsistent outputs and decision making
-Zero visibility into how AI is actually being used

The solution isn’t banning AI, it’s governing it.
At BVA, we help organizations standardize on a single, secure AI platform, restrict unmanaged tools, and track AI usage to both protect data and maximize productivity.

AI should be an accelerator, not a liability.
Govern it. Secure it. Leverage it.

03/04/2026

Data is everywhere—but visibility, protection, and governance often aren’t.

Microsoft Purview brings security, compliance, legal, and IT together on a single platform to understand, protect, and govern data across Microsoft 365 and the enterprise data estate. This is something all organizations need to be aware of and adopt.

From information protection and DLP to insider risk, eDiscovery, and enterprise data governance, Purview helps organizations reduce risk, prevent data loss, and prove compliance at scale. Here is the full technical blog of why to use Microsoft Purview:

https://www.bvainc.com/2026/03/04/microsoft-purview-a-unified-platform-for-data-security-compliance-and-governance/



Address

15974 N 77th Street, Suite 102
Scottsdale, AZ
85260

Opening Hours

Monday 8am - 5pm
Tuesday 8am - 5pm
Wednesday 8am - 5pm
Thursday 8am - 5pm
Friday 8am - 5pm

Telephone

+16232517000

Website

Alerts

Be the first to know and let us send you an email when BVA technology services posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to BVA technology services:

Shortcuts

Share