Blog

Cybercriminals have been exploiting a critical flaw in Windows LNK (.lnk shortcut) files to deliver malware in targeted attacks worldwide. After months of active abuse, Microsoft has finally issued a fix for the zero-day in its November 2025 Patch Tuesday update. CVE-2025-9491 is a Windows Shell Link (.LNK) vulnerability that allows attackers to hide malicious…

Microsoft will block Exchange Web Services (EWS) access for Exchange Online mailboxes with unsupported licenses in March 2026. This move aims to boost security, enforce proper licensing, and push organizations toward modern APIs like Microsoft Graph. Exchange Web Services (EWS) is a protocol that allows applications to interact with Exchange servers to access mailbox data…

Amazon Web Services (AWS) and Google Cloud have announced a new multicloud network service that makes it easier for organizations to move data between their platforms. This new solution is designed to reduce complex setup processes from weeks to minutes. Previously, connecting multiple cloud environments used to be a highly complex and time-consuming process for…

Learn how to change DNS on Windows, using either the GUI or command-line with PowerShell. The most common scenario on enterprise computers is for DNS addresses to be handled by either DHCP servers or another IP address management solution. If you have not needed to change this configuration on one or more computers in a…

Microsoft has introduced built-in integrations with key security partners in Microsoft Entra. These new capabilities enable multilayered protection without requiring separate contracts or complex setup. “Until now, integrating top-tier identity security solutions meant dealing with complex setups, custom code, and drawn-out contracts delaying protection and increasing risk. What makes this launch stand out isn’t just…

Amazon Web Services (AWS) announced yesterday several new agentic AI capabilities for its Transform IT modernization service. These new custom features are designed to help IT teams accelerate enterprise-wide code and application modernization. AWS Transform is a cloud-based modernization service that uses AI-driven agents to automate the migration of legacy applications, frameworks, and infrastructure to…

Kyndryl has announced the launch of its new Agentic AI Digital Trust service. This new offering helps organizations securely scale autonomous AI agents across complex hybrid and multi-cloud environments. This Agentic AI Digital Trust service is designed to fill the gap between the fast rise of AI adoption and the slower development of security, governance,…

Microsoft is strengthening identity security for Entra ID customers by enforcing stricter controls on browser-based sign-ins. This upcoming update aims to block unauthorized script injection attacks and protect authentication processes from malicious code. External script injection is a type of security vulnerability where malicious or unauthorized scripts are inserted into a web page from outside…

Before diving in, consider how this feature reshapes Azure Local deployments in real-world datacenters. Understanding Azure Local SAN support Azure Local SAN support (Storage Area Network) represents a significant shift in how customers can architect Azure Local environments. Today I want to dive deeper into the SAN support for Azure Local, as announced by Microsoft…

A security issue in the Azure API Management (APIM) Developer Portal allows attackers to create user accounts on any tenant. Microsoft has classified the behavior as “by design” despite its high-risk implications. Azure API Management (APIM) is a cloud-based service that enables organizations to publish, secure, monitor, and manage APIs at scale. It acts as…

Data-driven insights have become indispensable for business leaders, and many tools play a pivotal role in driving Microsoft 365 business growth by delivering enterprise-level analytics that transcend standard reporting templates. For IT professionals managing growing organizations, Microsoft 365 encompasses far more than a standard set of programs like Outlook, Excel and Word. It encompasses a…

Cybersecurity researchers have discovered a critical flaw in Oracle’s Identity Manager that allows unauthenticated remote code execution. The CISA has ordered U.S. federal agencies to patch this actively exploited vulnerability within three weeks. The security vulnerability, which is tracked as CVE-2025-61757, is a remote code execution flaw in the Identity Manager tool for Oracle Fusion…