Rabia Noureen

Microsoft is phasing out an old authentication method for mobile email, which signals another major step toward stricter, modern security in Exchange Online. Organizations relying on certificate-based access via ActiveSync must now prepare for a transition to Entra ID–based authentication ahead of the 2026 deadline. Direct Exchange ActiveSync certificate-based authentication is being phased out because…

Microsoft has announced the public preview of cert-manager support for Azure Arc-enabled Kubernetes. This new feature simplifies security by streamlining certificate issuance, renewal, and trust management across distributed Kubernetes clusters, which reduces manual effort and improves reliability. According to Microsoft, managing TLS certificates in Kubernetes (especially across hybrid, multicloud, and edge environments) has become increasingly…

A major driver of cybersecurity breaches continues to be insufficient employee training and awareness, a problem that has persisted across the industry for years. New findings from Fortinet highlight that despite advancing technologies, organizations still struggle to address this ongoing human-factor vulnerability. According to Fortinet’s 2026 Global Cybersecurity Skills Gap Report, more than half of…

Microsoft’s Azure Local can now support deployments of thousands of servers within a single sovereign environment. This allows organizations to run very large, complex workloads locally without redesigning their infrastructure. According to Microsoft, governments and regulated industries are increasingly prioritizing strict control over where their data is stored, how operations are managed, and how compliance…

An attacker who has administrative-level access can retrieve Microsoft Edge users’ saved passwords from memory, even when those credentials are not actively being used. This is possible because the browser temporarily keeps them in an unencrypted form in its process memory as part of how it is designed. According to a new report from Securonix,…

RDP vulnerabilities have become a critical but often overlooked risk for organizations worldwide, which leaves many systems unknowingly exposed. Cyber attackers are increasingly exploiting these gaps by using unsecured servers as easy entry points into enterprise networks. According to a new report from Forescout Vedere Labs, millions of RDP and VNC servers are publicly accessible…

Microsoft has introduced a public preview of user-initiated provisioning for Windows 365 Reserve. The feature enables selected users to spin up their own Reserve Cloud PC on demand, reducing reliance on IT administrators and minimizing downtime. Windows 365 Reserve is a cloud‑based service that provides employees with a temporary, fully configured virtual Windows PC when…

Microsoft is rolling out a series of enhancements to Microsoft Intune, targeting deeper visibility and tighter control across modern endpoints. This month’s updates span improved Windows app inventory, a more secure Linux SSO experience, and expanded enrollment and management capabilities for Apple devices. Microsoft has added new enhanced app inventory capabilities in the “All Apps”…

Microsoft has announced the general availability of Agent 365, which first entered preview in November 2025. Alongside the release, the company introduced new capabilities designed to help organizations discover, monitor, and manage both sanctioned agents and shadow AI across their environments. Microsoft Agent 365 is designed to give organizations a centralized way to monitor, manage,…

Microsoft is set to make unified role-based access control (RBAC) the default permission model for all new Microsoft Defender for Office 365 environments. The company is also rolling out more granular email access controls to give security teams tighter, more precise control over sensitive data. Starting on May 30, Unified RBAC will be enabled by…

Microsoft and the CISA have issued an urgent alert to federal agencies over a newly discovered Windows zero-day vulnerability. The flaw could enable attackers to silently extract sensitive data from affected systems. According to a new report from cybersecurity firm Akamai, CVE‑2026‑32202 is a Windows vulnerability that emerged due to an incomplete fix for an…

Microsoft is strengthening security in Exchange Online by retiring support for outdated email encryption methods. Beginning in July 2026, organizations still using legacy TLS versions for POP3 and IMAP4 connections may experience service disruptions unless they transition to modern encryption standards. The change is part of Microsoft’s broader effort to eliminate aging security protocols that…