Welcome to Episode 429 of the Microsoft Cloud IT Pro Podcast. In this episode, Scott and Ben dig into the concept of LLM wikis, specifically building personal knowledge management vaults using Obsidian, markdown, and AI tooling like Claude Code, GitHub Copilot CLI, and Copilot Cowork. The core idea comes from Read More
Welcome to Episode 428 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott unlock the secrets to modernizing your IT management by ditching pesky on-prem GPOs and embracing the future with Intune. They discuss how savvy IT pros are migrating thousands of GPOs into clean, manageable Read More
Welcome to Episode 427 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott open with a quick look at YAKO (getyako.com), a browser extension built by community member Merrill that replaces the new tab page with a customizable dashboard of Microsoft 365 and cloud links. From Read More
Welcome to Episode 426 of the Microsoft Cloud IT Pro Podcast.Ben and Scott are back together this week to talk through Microsoft 365 Copilot Cowork, including how it compares to Claude Cowork and where each one makes sense. The two products share a name but work pretty differently. Claude Cowork Read More
Welcome to Episode 425 of the Microsoft Cloud IT Pro Podcast. In this audio and video episode recorded live at Microsoft headquarters during the MVP Summit, Ben welcomes a return guest, Joy Apple, to the Microsoft Cloud IT Pro Podcast and discuss her 20-year career in the Microsoft collaboration space, Read More
Welcome to Episode 424 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben and Scott dig into the newly announced Microsoft 365 E7 SKU which bundles M365 E5, Microsoft 365 Copilot, the Microsoft Entra Suite, and Microsoft Agent 365. Your support makes this show possible! Please consider becoming Read More
Welcome to Episode 423 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben is live from Workplace Ninjas, joined by Eric Woodruff, Chief Identity Architect at Semperis and Microsoft MVP in Security focused on identity, and Chris Brumm, Cyber Security Architect at glueckkanja and Microsoft MVP in Security Read More
Encrypted Client Hello: Ready for Prime Time? https://isc.sans.edu/diary/Encrypted%20Client%20Hello%3A%20Ready%20for%20Prime%20Time%3F/32778 The ExifTool vulnerability: how an image can infect macOS systems https://www.kaspersky.com/blog/exiftool-macos-picture-vulnerability-mitigation-cve-2026-3102/55362/ Remote code execution in Nextcloud Flow via vulnerable Windmill version https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g7vj-98x3-qvjf
YARA-X 1.14.0 Release https://isc.sans.edu/diary/YARA-X%201.14.0%20Release/32774 INTERPLAY BETWEEN IRANIAN TARGETING OF IP CAMERAS AND PHYSICAL WARFARE IN THE MIDDLE EAST https://research.checkpoint.com/2026/interplay-between-iranian-targeting-of-ip-cameras-and-physical-warfare-in-the-middle-east/ Announcing the Node.js LTS Upgrade and Modernization Program https://openjsf.org/blog/nodejs-lts-upgrade-program nginx UI Vulnerability https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-g9w5-qffc-6762
Differentiating Between a Targeted Intrusion and an Automated Opportunistic Scanning [Guest Diary] https://isc.sans.edu/diary/Differentiating%20Between%20a%20Targeted%20Intrusion%20and%20an%20Automated%20Opportunistic%20Scanning%20%5BGuest%20Diary%5D/32768 CVE-2026-29000: Critical Authentication Bypass in pac4j-jwt - Using Only a Public Key (CVSS 10) https://www.codeant.ai/security-research/pac4j-jwt-authentication-bypass-public-key FreeScout Help Desk Vulnerability https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-mw88-x7j3-74vc Microsoft Authenticator Not Supported on Graphene OS https://www.heise.de/en/news/GrapheneOS-Microsoft-Authenticator-does-not-support-secure-Android-OS-11200495.html
Quick Howto: ZIP Files Inside RTF https://isc.sans.edu/diary/Quick+Howto+ZIP+Files+Inside+RTF/32696/#comments Keeping the Internet fast and secure: introducing Merkle Tree Certificates https://blog.cloudflare.com/bootstrap-mtc/ Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel https://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking/
Fake Fedex Email Delivers Donuts! https://isc.sans.edu/diary/Fake%20Fedex%20Email%20Delivers%20Donuts!/32754 Abusing .ARPA: The TLD that isn t supposed to host anything https://www.infoblox.com/blog/threat-intelligence/abusing-arpa-the-tld-that-isnt-supposed-to-host-anything/ MC1179154 - Microsoft Authenticator app: Upcoming changes to jailbreak and root detection https://mc.merill.net/message/MC1179154 SECURITY BULLETIN: Apex One and Apex One (Mac) - February 2026 https://success.trendmicro.com/en-US/solution/KA-0022458 Special Webcast: AirSnitch How Worried Should You Read More
Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary] https://isc.sans.edu/diary/Finding%20Signal%20in%20the%20Noise%3A%20Lessons%20Learned%20Running%20a%20Honeypot%20with%20AI%20Assistance%20%5BGuest%20Diary%5D/32744 Google API Keys Weren't Secrets. But then Gemini Changed the Rules. https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks https://www.ndss-symposium.org/ndss-paper/airsnitch-demystifying-and-breaking-client-isolation-in-wi-fi-networks/
Welcome to Episode 422 of the Microsoft Cloud IT Pro Podcast. In this episode, Scott and Ben discuss their growing use of in their daily workflows, particularly Claude Code, GitHub Copilot CLI, and Gemini CLI. They explore how these command-line interfaces offer powerful ways to interact with local files and Read More
