automation Archives

Tech Optimizer

June 26, 2026

EDB Postgres AI Launch: Shifting To Autonomous, Sovereign Data For The AI Era

EnterpriseDB (EDB) introduced the EDB Postgres AI (EDB PG AI) platform on June 23, 2026, designed for AI applications to operate directly on live data rather than outdated copies from cloud data lakes. The platform allows organizations to host AI models, live data, and enterprise regulations within their infrastructure, reducing vendor lock-in and protecting regulated data. The EDB PG AI platform features a self-optimizing system that transforms PostgreSQL into an autonomous database, monitoring over 200 metrics for automated tuning and scaling. EDB claims performance troubleshooting can be up to 10 times faster, with issues resolved in minutes instead of the traditional 60 to 90 minutes. It also includes a converged query interface that integrates various data types into a unified engine, enabling AI agents to access authorized live data. An agent governance framework will be introduced in late 2026 to address risks associated with AI operations. EDB collaborates with IBM Power for a robust AI-ready infrastructure and integrates Red Hat Ansible Automation Platform for enhanced management capabilities.

Winsage

June 25, 2026

Introduction to COM usage by Windows threats

Component Object Model (COM) is a technology in Windows that enables object activation, inter-process communication, and automation across different programming languages. Malware exploits COM interfaces for activities such as lateral movement, execution, downloading, exfiltration, persistence, evasion, system discovery, and automation of Windows and Office functionalities. Reverse engineering COM-heavy binaries involves navigating GUIDs and indirect vtable calls to understand malware mechanics. Research at the AVAR 2025 conference and CARO 2026 workshop discusses methodologies for analyzing COM binaries and case studies of malware families that utilize COM. COM is an application binary interface (ABI) model that allows software components to be reused and enables interaction between different programming languages through interfaces defined at the binary level. Distributed COM (DCOM) allows clients to activate COM objects on remote systems. COM classes are identified by unique class identifiers (CLSIDs), and interfaces by interface identifiers (IIDs). The Windows registry stores COM registration data, with classes and interfaces located under specific keys. Malware often acts as a COM client, utilizing the COM runtime to instantiate classes and request interfaces. ProgIDs provide human-readable registry entries for COM classes. The CoCreateInstance function helps create class objects by resolving CLSID registrations. All COM interfaces derive from IUnknown, which manages object lifetimes and interface querying. COM has its own security model, and identifying classes and interfaces used by malware is crucial for threat researchers. Tools like ComView and OleView.NET assist in inspecting COM registrations. The analysis workflow includes identifying activation API calls, extracting CLSID and IID values, consulting registry definitions, and mapping vtable calls. Qakbot, a banking trojan, exemplifies the use of COM in malware, with its architecture enabling malicious activities like credential theft. Dynamic analysis tools can log COM-related calls in real-time to trace execution flow. Notable malware families that utilize COM include Gh0stRAT, which uses Task Scheduler COM interfaces, and the Attor platform, which employs BITS for file transfers. WarmCookie demonstrates the use of COM for persistence through Task Scheduler. Understanding COM's role in malware is essential for cybersecurity professionals.

Winsage

June 22, 2026

MSYS2 And The No-Fuss Way To Get More GNU Into Your Windows

The Windows desktop experience has a streamlined interface, but its command line interface (CLI) offerings, particularly the cmd.exe shell, have been criticized for lacking the features found in UNIX/BSD/Linux environments. Microsoft’s transition to PowerShell has disappointed users who prefer a more traditional CLI experience. Despite Windows NT operating systems being POSIX compliant, they have historically lacked a suitable shell. MSYS2 provides a solution by offering a Linux-like experience with a Bash shell and the pacman package manager, allowing users to run shell scripts and access various tools. However, binaries compiled in MSYS2 may depend on shared libraries not included in the Windows system path. Upon installation, users can choose from different terminal options, with the UCRT terminal recommended for its usability. MSYS2 facilitates a streamlined development workflow, enabling the use of familiar tools across multiple platforms, but it does not achieve perfect integration within Windows and has some limitations, such as issues with stdout output in Bash.

Winsage

June 19, 2026

MacBook Neo vs Windows Laptops for Cybersecurity Tasks

The laptop has evolved into a crucial tool for cybersecurity, serving as a workstation for malware analysis and daily operations. A debate exists between the merits of MacBook Neo and Windows-based models, with Windows offering flexibility and compatibility, while macOS is favored for stability and build quality. Popular penetration testing tools are available on both platforms, but Windows laptops have an advantage due to better integration with x86 environments and specialized drivers. Virtualization is essential in cybersecurity, and Windows laptops with higher RAM provide a better experience for running multiple virtual machines compared to the non-upgradable RAM of the MacBook Neo. Intensive tasks can strain systems, necessitating efficient resource management, especially on the MacBook Neo. Most malware is designed for Windows, making it crucial for analysts to be familiar with Windows-specific tools and features. The MacBook Neo is beneficial for tasks like working with event logs and writing automation scripts, while its battery life and mobility are advantageous for professionals on the go. Security considerations play a significant role in the choice of operating system, with Windows being a common target for attackers, whereas macOS has stricter access controls. Windows laptops offer more price flexibility and upgradeability, while the MacBook Neo focuses on simplicity and build quality but lacks upgrade options. Ultimately, Windows is optimal for tasks involving malware analysis and virtual labs, while the MacBook Neo suits those focused on development and network analysis.

AppWizard

June 19, 2026

3 simple Android Auto Automations that helped me stop wasting time in my driveway

The user transitioned from CarPlay to Android Auto in their Ioniq 5 EV and has been exploring sideloading video and web browsing applications to enhance their long drive experience. They have faced issues with Google's Automations since the launch of Gemini, with many not functioning properly and difficulties in creating custom Automations. Despite these challenges, they found value in using Automations for tasks like closing their garage door upon entering the vehicle and modifying stock Automations to manage smart lights efficiently. They also highlighted the effectiveness of Google's stock Good Morning routine, which provides weather updates, jokes, calendar recaps, and news summaries upon command.

Winsage

June 17, 2026

Windows update leaves third-party Office document launches in limbo

Microsoft's June Windows update has caused issues for users of third-party applications that use Object Linking and Embedding (OLE) automation to interact with Office applications, leading to failed document launches without error messages. Affected applications include CCH Engagement, Workpaper Manager, Dentrix, Softdent, and Zotero. Microsoft has suggested a workaround of opening documents directly, but has stated that the responsibility for these issues lies with third-party developers, asserting no warranty on their performance. Users unable to resolve issues by opening files directly must wait for a fix in a future update, and organizations can contact Microsoft support for assistance. This is the first issue Microsoft has publicly acknowledged in the recent patch, amid ongoing complaints about other functionalities like OneDrive and BitLocker.

Winsage

June 14, 2026

Windows 11 KB5094126 crashes some PCs (HP?) with BSODs, breaks OneDrive in File Explorer, enterprise apps

Windows 11 KB5094126, released on June 9, 2026, is a significant update that introduces new features, including the Low Latency Profile, and addresses up to 200 security vulnerabilities. However, it has caused boot failures for some HP devices, particularly the HP EliteBook 840 G10, leading to BSODs or BitLocker Recovery prompts. The update may conflict with specific BIOS configurations or EFI/System partition settings, especially on devices with older EFI partitions. Users experiencing boot failures may need to disable Secure Boot as a temporary workaround. Additionally, the update has disrupted OneDrive integration in File Explorer, preventing access from the left pane and tray icon, although users can still access cloud folders directly. Similar issues have been reported with Dropbox and iCloud Drive. The update has also affected Microsoft Word integration in various business applications, leading to failures in document handling. Furthermore, changes to desktop.ini files have impacted custom folder icons, requiring users to unblock these files to restore functionality.

Tech Optimizer

June 14, 2026

Automate Amazon Aurora PostgreSQL major or minor version upgrade using AWS Systems Manager and Amazon EC2

Managing upgrades for the Aurora PostgreSQL-Compatible Edition can be labor-intensive and error-prone when done manually. Automating Amazon Aurora PostgreSQL upgrades can reduce manual effort by up to 80% and minimize downtime risks through consistent procedures. The automation solution uses AWS Systems Manager, Amazon EC2, and AWS Secrets Manager, structured around two modules: PREUPGRADE for readiness checks and UPGRADE for the actual upgrade process. The solution identifies upgrade candidates using database tags, creates safety backups with Copy-on-Write clones, manages the upgrade process with minimal human intervention, and offers real-time monitoring and email notifications. The workflow includes logging into the Systems Manager console, downloading the upgrade script, identifying Aurora PostgreSQL clusters based on tags, retrieving credentials from AWS Secrets Manager, executing pre-upgrade checks or upgrades, uploading log files to Amazon S3, and sending email notifications via Amazon SNS. Prerequisites include familiarity with the Aurora upgrade process, appropriate IAM permissions, creating a maintenance user, setting up AWS Secrets Manager, tagging Aurora clusters, creating an S3 bucket, and configuring an SNS topic for notifications. Implementation steps involve reviewing setup instructions, uploading the upgrade script to S3, creating an AWS Systems Manager automation document, executing the automation document, and monitoring the upgrade process through logs generated during pre-upgrade and upgrade phases. The logs provide detailed information on tasks performed, including replication slot status and configuration backups. After testing, it is recommended to clean up resources to avoid future charges.

Winsage

June 12, 2026

Still on Windows 10? This $13 upgrade to Windows 11 Pro offers better security, AI features, and more

Upgrade to Microsoft Windows 11 Pro for .97 (MSRP 9) until June 14. Windows 11 Pro features a redesigned interface, improved multitasking capabilities, enterprise-grade security functionalities like BitLocker encryption and Windows Hello, and includes Windows Copilot AI for task automation and assistance.

Winsage

June 10, 2026

Microsoft to Allow Users to Disable Web Search in Windows 11

Microsoft is introducing new controls for Windows 11 that will allow users to disable web search and remove Microsoft Store suggestions from their search results. The update, demonstrated on June 2, 2026, will include two toggles in the Windows 11 Settings app under Privacy and Security → Search Permissions. The first toggle will turn off Bing-powered web results in the taskbar search and Start menu, while the second will control the appearance of Microsoft Store app suggestions. This change replaces the previous method of disabling web search, which required complex registry edits. The new settings aim to enhance user experience by prioritizing local search results and addressing privacy concerns, as user queries will no longer be transmitted to Microsoft’s servers. The toggles are expected to roll out through the Windows Insider program before becoming available to all users.