DymaxIO Subscription Licensing -all Condusiv products now rolled into one for fast data.

October 21st, 2020 by Stephen Jones No comments »

All of the technologies in V-locity®, Diskeeper®, and SSDkeeper® have been rolled into one new product – DymaxIO™.

New DymaxIO is fast data software. Whether on-premises or in the Cloud, DymaxIO returns more than 40%+ of your hroughput that is being robbed due to I/O inefficiencies of Windows, SQl and virtualisation.

Fix your application slows, freezes, timeouts, slow SQL queries, reduce cloud compute costs, and more, at the source – no new hardware needed.
A software solutlion to a software performance problem.

DymaxIO is sold as an annual subscription which saves you money. Subscriptions are available for client, server, and host systems.

A new DymaxIO site license is also available to conveniently and cost-effectively optimize the performance of all Windows systems.

To improve performance across your systems callus on 009714 3365589

Dynamics 365 and Microsoft Power Platform innovations, updates, and demos from the Microsoft Business Applications Launch Event

October 8th, 2020 by Stephen Jones No comments »

See the latest Dynamics 365 and Microsoft Power Platform innovations, updates, and demos from the Microsoft Business Applications Launch Event. You’ll hear from James Phillips, President of the Business Applications Group, and other #Microsoft leaders as they guide you through what’s new

DYNAMICS 365 FOR MARKETING – October 2020 updates

October 8th, 2020 by Stephen Jones No comments »

Microsoft understands customer engagement is the key to every business development process. This month, they add meat to their 360-degree view of customers with smart improvements to relationship-building processes and capabilities.

In-Place Editing of Email & Forms. No longer will you have to disengage from a customer journey to create or edit email communications or forms. In-place editing keeps the focus where it should be – within the customer journey. You can also create or edit marketing forms related to an event within the event itself. This one is a big improvement and just makes smart sense.

Enhanced Content-Rich Social Media Creation and Managemetn. The entire social media post creation experience has been redesigned for ease of use, better management across multiple channels and enhanced scheduling features.

A Redesigned, More Efficient Customer Journey Canvas. The new design offers a more intuitive approach to building customer journeys. The experience is further enhanced by no longer needing to hop between the canvas and the toolbox when creating the journey. One of my favorite new features is the inclusion of negative journey paths that allows you to create alternate journeys and follow-up events for those customers not meeting a certain condition (like not opening an email or not clicking on a specified link). This alone is a real game-changer.

Running Webinars within Microsoft Teams. With the onslaught of virtual events, the October release enables you to manage webinars and video meetings in Teams, directly from the Dynamics 365 Marketing platform. You can create and host live events – and integrate them directly into Marketing events. Businesses are already looking for better alternatives to Zoom and other video conferencing platforms and Microsoft is definitely stepping up to the plate.

Expanded Entity Options for Easy Data Collection. Before now, forms had to be connected to a lead or contact. But with the new release, forms no longer need to be mapped this way. Instead, marketers can store form submissions to other entities. and workflows can be created to move the data to where it needs to be.

The entirety of Dynamics 365 October Release is enormous, with updates and enhancements made throughout the entire suite of applications including: Marketing, Sales, Customer Service, Field Service, Finance, Supply Chain Management, Human Resources, Commerce, Fraud Protection, and Business Central. There are also notable Microsoft Power Platform features in the new release, including substantial improvements for Power Apps developers.

Dynamics 365 Finance deep dive

October 6th, 2020 by Stephen Jones No comments »

Dynamics 365 Finance Core Features
General ledger
The general ledger module is the core of Dynamics 365 Finance.
• It’s integrated with other subledgers in financial management, so each department can manage its own books (subledgers) without disrupting the general ledger.
• It provides you with a central location to organize and manage all your organization’s financial records. Use this account information to prepare your financial statements.
• Use general ledger to define and manage the legal entity’s financial records.
• The general ledger is the register of debit and credit entries.
• You classify these entries using the accounts that listed in a chart of accounts.
• Adjust to changing financial requirements with a flexible, guided, rules-based chart of accounts, financial dimensions, and global tax engine.
• Track values efficiently and reduce reporting errors with centralized, automated processes for managing your capitalized assets from acquisition through disposal.
• Incorporate a shared chart of accounts across legal entities enables organizations to streamline main reporting and the intercompany and consolidations business processes.
The following figure illustrates the typical General ledger processes of a business:

The chart of accounts, fiscal calendars, and financial dimensions and how they’re the foundation of the general ledger module.
The general ledger defines and manages your financial records. The chart of accounts displays your register of debit and credit entries. It processes closing transactions, revalues currency amounts, and closes the fiscal periods.
Accounts payable
• With Dynamics 365 Finance accounts payable, you can distribute expenses, taxes, and charges across accounts.
• You manage your vendors, purchase orders, discounts, transactions, and invoices to reduce liability and generate greater income.
• You can also automate the review and payment of vendor invoices.
The following figure shows typical accounts payable business processes in an organization.

The general ledger is a record of all invoices and payment transactions. You match purchase orders to the invoices to see if you should pay the vendor invoice. When the invoice is due, your payable clerks generate the payments, which Dynamics 365 Finance records in the general ledger, and affects the cash and bank management.
You assign purchase orders, discount groups, payment, options, vendor holds, and more to your vendors and vendor group records. You can also create and manage transaction records with purchase orders, product receipts, and invoices. When creating and managing invoices, you can check on invoice approval, payment proposals, and invoice matches.
You use accounts payable to set up and manage your vendors and vendor groups. Once complete, you assign purchase orders, discount groups, payment, options, vendor holds, and more to your vendors and vendor group records. You can also create and manage transaction records with purchase orders, product receipts, and invoices. When creating and managing invoices, you can check on invoice approval, payment proposals, and invoice matches.

Accounts receivableCustomers, sale orders, customer invoicing, and receiving customer payments.
The Dynamics 365 Finance accounts receivable module tracks customer invoices and incoming payments. You create and manage customers, invoice sales orders, and incoming payments while completing the daily tasks in accounts receivable.
You can also invoice customers using free text invoices, recurring invoices, and batch invoices. When you receive a customer payment, you map it to the correct invoice. You can receive payments using many payment types, such as bills of exchange, cash, checks, credit cards, and electronic payments. Dynamics 365 Finance centralized payments module allows organizations with multiple legal entities to create and manage payments using a single legal entity that manages all payments.

In Dynamics 365 Finance, create and manage customers and review sales order default values, credit limits, and on hold functions. You can create and manage sales orders, journals, subscriptions, return orders, item requirements, and sales agreements. You invoice customers using free text invoices, recurring invoices, and batch invoices, then receive a customer payment and map it to the correct invoice.

Project management and accounting
A project is a group of activities to provide a service, produce a product, or achieve a result. Projects consume resources and generate financial results in the form of revenues or assets. The Dynamics 365 Finance project management and accounting module allows you to plan, create, manage, control, and complete projects.

Project managers can work across multiple industries to provide a service, produce a product, or achieve a result. You can use the project management and accounting functionality in multiple industries, as shown in the following illustration.

For example, in a call center, a ticket describes the set of actions required to resolve a call. Consulting companies, such as management or technical consulting organizations or advertising agencies, refer to their activities as projects. In marketing, a campaign is the work delivered. In project-based manufacturing, a production order refers to the work to produce the finished goods. Whatever name you use, the projects involve resources, schedules, and costs. The project management and accounting functionality help with the planning, execution, and analysis of these projects.

Project managers:
• Oversee the resources and finances.
• Create project quotations, contracts, and funding sources to set project financial perimeters.
• Review a post hour journal.
• Create project invoice proposals as they move projects through phases.

The project type determines which invoicing procedure you apply. You can invoice the two external project types only—time and material projects and fixed-price projects. You always attach time and material projects and fixed-price projects to a project contract.
Time and material projects: You base the customer invoice amount on transaction lines that you enter in projects. You can invoice transactions per project or per project contract.
Fixed-price projects: You base the customer invoice amount on invoice billing schedules. You invoice through an on-account setup, called a billing schedule. You can invoice fixed-price projects per project or per project contract.

With either type of project, you may buy items. The module interacts with procurement and sourcing to generate a purchase order, which you settle in accounts payable.

During the execution of a project, you create invoices for your customers. The sales and marketing departments continue to manage the quotations and convert them into invoices for ongoing projects, alongside with their typical role of marketing the goods and managing the sales. You manage customer payments and refunds in accounts receivable.

By using a project contract, you can invoice one or more projects at the same time. The project contract also guarantees a consistent invoicing procedure for every subproject in a project structure. Every project you invoice must be associated with a project contract. The settings for a project contract apply to all projects and subprojects that are associated with that project contract.
With project accounting, you gain an overview of project attributes. Create project quotations, contracts, and funding sources to set project financial perimeters. Review a post hour journal and create project invoice proposals as you move projects through phases.

Budgeting
With proper budgeting processes, organizations can benefit from forecasting and financial insights to compare actuals against allocated budget.
The Dynamics 365 Finance budgeting module lets you estimate the total financial requirements properly by determining the operating requirements, the fixed capital requirements, and the working capital requirements of the organization.

The resource planning cycle consists of planning, budgeting, and forecasting activities. Dynamics 365 Finance supports the processes for both long-term strategic planning and quarterly and annual budget planning.

Use the budgeting module to create and assign budget codes, allocate funds, and to plan for the future.
• Reduce operational expense by minimizing operational costs across business geographies with financial process automation, encumbrance, budget planning, and budget control.
• After you set up and approve a budget in Dynamics 365 Finance, you convert the budget plan to a budget register entry. Budget register entries give you the tools to manage the budget and keep amounts traceable through budget codes.
• Budget register entries let you revise original budgets, do transfers, and carry forward budget amounts from the previous year.
• Based on the established budget, enable budget control. The level of control depends on your organizational culture and the organization’s level of maturity.
• Educate employees about organizational targets and follow those targets through policies such as consider an online meeting instead of a travel.

Dynamics 365 Finance includes a budget control framework that lets you select either hard control or soft control. Hard control prevents postings that would go over the budget. Soft control warns you that you’ll exceed the available budget, but you can decide how to continue.

Dynamics 365 Finance budget control supports management of your financial resources through the:
• Chart of accounts
• Workflows
• User groups
• Source documents and journals
• Configurable calculation of available funds
• Budget cycles
• Thresholds.

When controls are in place, you can plan, measure, manage, and forecast your financial resources throughout its fiscal year.
After you approve budgets in Dynamics 365 Finance, you use budget plans to generate budget register entries to record the expenditure budget for your organization. You can also create or import budget register entries from a third-party program.
Then you can set up budget planning processes to meet your policies, procedures, and requirements for budget preparation. You can view and edit budget plan documents using one or more layouts. You associate each layout with a template to view and edit the budget plan documents in Excel.

You can use the budgeting module to create and assign budget codes, allocate funds, and plan for the future. You define who does budgeting, what you budget, and how the process works through a sole source of truth.

Real-time cash flow visibility
Dynamics 365 Finance offers tools, features, and a workspace with built-in intelligent controls to give real-time insight into your cash flow, product supply, and demand. It can analyze customer demographics and the cost of goods so that you negotiate advantageous agreements with your vendors and customers.

Use the cash flow forecasting tools to analyze upcoming cash flow and currency requirements to estimate your future need for cash while checking on budgeting and inventory management. It gives you better oversight and preparation for the future.
To get a forecast of your cash flow, you complete the following tasks:
• Find and list all the liquidity accounts. Liquidity accounts are the accounts for cash or cash equivalents.
• Configure the behavior for forecasts of transactions that affect the liquidity accounts.
After you’ve completed these tasks, calculate and analyze forecasts of the cash flow and upcoming currency requirements.
Integrate cash flow forecasting with the general ledger, accounts payable, accounts receivable, and budgeting and inventory management. The forecasting process uses transaction information in the system, and the calculation process forecasts the expected cash effect of each transaction.
Dynamics 365 Finance considers the following types of transactions when calculating the cash flow:
• Sales orders: Sales orders that aren’t yet invoiced, and that result in physical or financial sales.
• Purchase orders: Purchase orders that aren’t yet invoiced, and that result in physical or financial purchases.
• Accounts receivable: Open customer transactions or invoices that aren’t yet paid.
• Accounts payable: Open vendor transactions or invoices that aren’t yet paid.
• Ledger transactions: Transactions where it’s specified that a future posting will occur.
• Budget register entries: Budget register entries selected for cash flow forecasts.
• Demand forecasts: Inventory forecast model lines selected for cash flow forecasts.
• Supply forecasts: Inventory forecast model lines selected for cash flow forecasts.

Although there’s no direct integration with project management and accounting, there are several ways to include project transactions in the cash flow forecast. The system includes posted project invoices in the forecast as part of open customer transactions. The system includes project-initiated sales orders and purchase orders in the forecast as open orders after they’re entered. You can also transfer project forecasts to a ledger budget model. You include the ledger budget model in the cash flow forecast as part of the budget register entries.
Use real-time cash flow visibility features, such as budgeting and inventory management integrations, to get better visibility into the future.
Set up cash flow forecasts and show vendor and purchase order cash flow forecasts. With tools that give you a full-circle view of your current and future needs, Dynamics 365 Finance is a powerful tool for organizations that want control and insight.

Credit and collections
A common challenge for CFOs is predicting when customers will pay. Slow and inconsistent payments restrict cash flow and inhibit both long-term planning and daily performance. The credit and collections functionality in Dynamics 365 Finance predicts customers will pay when invoices, based on a multi-tiered historical analysis. The predictions help you get your receivables collected on time and reduce the cost and effort of manual collections management.
Y
ou can track and manage the complete lifecycle of credit and collections including:
• Generating customer account statements.
• 360-degree visibility of customer aging data and overdue balances.
• Automating customer communication.
• Finalizing write-offs.

You can better allocate funds and spot credit risks before large orders ship.
• You’re equipped with effective strategies to get paid in full and on time.
• You collect revenue faster because you process your money faster.
You manage accounts receivable collections information in one central view, using the Dynamics 365 Finance Manage customer credit and collection workspace. Use this central view to manage collections. Collections agents can begin the collection process from customer lists that you generate using predefined collection criteria.Visibility to customers that don’t pay invoices on-time is important to managing cash flow and receivables. The credit and collections module addresses the customer credit, collection, and write-off process. Dynamics 365 Finance ties these transactions back to the proper financial transactions to provide you with one central view.

Month, quarter, and year-end reviews
At the end of a fiscal year, you must generate closing transactions and prepare your accounts for the next fiscal year. You use the consolidation functionality to combine the financial results for several subsidiary legal entities into results for a single, consolidated organization. Prompt month end closing, and correct reporting are imperative for overall operational health of your organization.

Dynamics 365 Finance allows global businesses to do more with capabilities such as a shared chart of accounts across multiple legal entities and dashboards show a global view of your organization.

The financial period close workspace lets you track your financial closing processes across organizations, areas, and people. Depending on their view of the financial period close workspace, you’ll see either all tasks and statuses for a closing schedule assigned to different employees, or just the tasks assigned to them.

With Dynamics 365 Finance, you can close the books faster and simplify global financial management with in-depth reporting capabilities, financial intelligence, and embedded real-time analytics. You can activate flexible and agile financial reporting that supports multiple legal entities and currencies in a single instance. That instance natively manages foreign exchange and shortens the end-of-month process.
You use the general ledger to complete closing procedures for a period or a year. Closing processes prepare the system for a new period. There are many tasks including preparing filings, inventory closing, consolidation, and more that you need to complete first.
To prepare the system for a new year, you must run the year-end close process. Each organization has different processes and steps for the end of a period.

As part of periodic tasks, you must complete the following tasks:
• Bank reconciliations.
• Configure financial period close.
• Prepare periodic filings.
• Run foreign currency revaluation processes.
• Perform financial consolidations.
• Process end of year tax reporting.

Global attributes
Dynamics 365 Finance enables you to operate worldwide by supporting multiple currencies, language translations, jurisdictions, compliance regulations, and infinite dimensions.

In today’s global market, you might receive and send payments using different currencies. There are two types of currencies in Dynamics 365 Finance. The accounting currency is the main currency that you use. However, you’ll need to report recorded financial transactions in different currency, called the reporting currency. You can repurpose a reporting currency and use it as a second accounting currency. You call using two accounting currencies dual currency.

With Dynamics 365 Finance, you can convert currencies and post transactions to currencies other than the one in which you completed the order. You can recognize jurisdiction and compliance based on locality, and the user interface displays different languages based on users’ personal settings.

If your organization has multiple legal entities and transacts in multiple currencies, then supporting currencies and their corresponding exchange rates is essential.

To learn more or join our next webinar with Microsoft and Reddington on 21 October 20121 call: 0097143365589

Dynamics 365 Fraud protection

October 6th, 2020 by Stephen Jones No comments »

Today’s digitally transformed enterprise conducts business online in real time – little human intervention is involved. This reduces costs and improves the customer experience. However, it exposes the enterprise to serious threats of fraud from sophisticated cybercriminals who try to take advantage of the online channel’s relative anonymity and accessibility. In e-commerce, transactions can be maliciously created via compromised accounts and stolen payment instruments

A key difference in E-Commerce fraud compared to any other fraudulent activity is that criminals do not even need a physical card for their actions.
For a false transaction to occur between a marketplace and a customer bank account only card information is required.
There are multiple ways to steal customer’s information, that’s why online payment fraud detection deserves to be managed separately.

Chargeback Fraud examples:

A customer buys a massive order and cancels the order right after the shipment, receiving goods without any payment.
A criminal, acting as a customer, gets in touch with the banking institution and claim his identity was stolen, and by this cancel the transaction
A scammer claims he never received the delivery and asks for another delivery.
For the business, it takes time and effort to properly investigate each case, so it will lose money no matter what the outcome. It’s even harder to distinguish real criminal activity from “friendly fraud” –i.e. genuine mistakes by your operation or by the real customer.

Other malicious activities include:
account takeover,
abuse of free trials,
fake product reviews,
warranty fraud,
refund fraud,
reseller fraud,
abuse of program discounts.

Such activities, affect the enterprise’s profitability and reputation and may also have serious consequences for society. Examples include money laundering and posting fake news

Dynamics 365 Fraud Protection is a cloud-based solution.
It is designed to help e-commerce merchants
decrease fraud costs,
increase acceptance rates,
improve the customer shopping experience.
Prevent payment and account-creation fraud with adaptive AI technology.
Get the benefit of connected knowledge from all Dynamics 365 Fraud Protection merchants for better fraud insights.
Improve customer service with the built-in escalation support.

The return on investment (ROI) for cybercrime online fraud is high, and it’s likely that most of an enterprise’s vulnerabilities will be discovered and exploited. Additionally, unlike during the early years of the internet, today’s fraudulent transactions can be orchestrated by well-funded and well-equipped rings of professionals. Fraud protection professionals need the right tools to fight this threat

By using Fraud Protection, you can help protect your business from fraud through several innovative and advanced capabilities. Here are some examples:
AI and insights from the fraud protection network
Device fingerprinting
A rules engine and virtual fraud analyst
A graph explorer and scorecard
A transaction acceptance booster

PURCHASE PROTECTION
1. Decrease wrongful rejections and boost acceptance rates with adaptive AI technology that continuously learns and adapts from patterns and equips store managers with tools to optimize fraud controls.
2. Increase fraud awareness and help reduce losses with a fraud protection network that uses connected knowledge to provide broad awareness of fraud activity across the globe, while keeping the security of your confidential information and shoppers’ privacy top of mind.
3. Boost transaction acceptance rates and improve the shopping experience by sharing transactional trust knowledge with issuing banks to increase authorization rates.
4. Improve customer service with a built-in escalation support tool that displays detailed context of the customer transaction including fraud insights provided by the service.

ACCOUNT PROTECTION

1. Safeguard your system with bot protection that helps protect against bots attempting to gain access to accounts with stolen credentials or to create fake accounts and transactions.
2. Help avoid losses due to fraudulent accounts with account creation protection that helps minimize abuse and automated attacks on customer accounts.
3. Reduce fraud with account sign-in protection that helps safeguard customer accounts, improving customer engagement and conversion by reducing friction.
4. Help protect customers with device fingerprinting to leverage the fraud network linkages and detect automated fraud attacks

LOSS PREVENTION
1. Help protect profits and reduce losses using adaptive AI technology that learns patterns and adapts to help optimize fraud controls.
2. Gain visibility into fraud risk with business intelligence reporting that enables store managers and investigators to take action by providing them with insights on anomalies with merchandise discounts and returns.
3. Increase operational efficiency by reducing manual effort required to determine the business entities and functions that may be at risk.
4. React quickly to dynamic fraud and purchase patterns using an enhanced loss prevention system with analysis that provides actionable insights to help reduce fraudulent returns and discounts.

Call Synergy Software Systems to learn more 00097143365589

What’s new in Dynamics SCM October 2020 Wave release – Ask Synergy Software Systems

October 6th, 2020 by Stephen Jones No comments »

Edge computing is not just a buzzword. Companies often struggle with latency and connectivity when running operations in remote facilities. In fact, network latency is a top connectivity challenge for 30 percent of manufacturers, according to the IDC1. A leading cause of latency is high volume and resource-intensive processes running in parallel, resulting in reduced productivity.

Edge computing, is a means go changing where processing happens. The edge is the end of your organization’s network, the end of your reach. Edge computing put Internet of Things (IoT) devices closer to the locations they serve. The big benefits of edge computing is bandwidth savings and reduced latency, or the time it takes data to travel. Sending all data captured to a remote, central location requires a lot of bandwidth. When you put devices at the edge of your network, they can process the data before transferring only the output to your central server, which will reduce the amount of data and thus the bandwidth needed to send the information across the internet.

Data centers, typically run in cool dry atmospheres with little variability in temperature, edge computing devices are meant to operate in real-world conditions. They are usually more robust against heat and humidity and require less power, because they’re not located in big data centers that consume large amounts of electricity.

Operations without interruptions
The new Cloud and Edge Scale Unit add-ins for Microsoft Dynamics 365 Supply Chain Management, coming to preview in October, brings the power of the intelligent cloud to the edge. It allows organizations to run critical warehousing and manufacturing workloads on the edge in a distributed model using Azure stack devices. This improves resilience and ensures operations without interruptions even when temporarily disconnected from the cloud.

Scaling production and distribution with agility
Customers can make data-driven decisions before making any investment by easily simulating various factors that impact resilience of their critical manufacturing and warehouse processes, such as network latency, traffic volume, time-outs, or intermittent connectivity. They can then deploy the scale units—edge or cloud—to best overcome these challenges.

Microsoft Azure compute technologies make the deployment of edge scale units seamless with a plug-and-play experience and allows customers to easily scale during usage spikes to ensure high throughput.

In the past, edge deployments have been associated with use cases related to asset management due to the biggest concern associated with latency issues. With the new scale units for Dynamics 365 Supply Chain Management, however, the use cases have expanded to other critical manufacturing and warehouse execution scenarios.

Many manufacturers and distributors are heavily regulated and have strict policy requirements. These customers have been conservative with their migration to the cloud, which has impeded their ability to overcome disruptions like the one caused by the current pandemic. With the ability to run distributed workloads on the edge, these companies can feel more confident running the manufacturing and warehousing workloads on their premises while migrating the rest of their operations to the cloud; thereby digitally transforming their organizations and reducing costs to become more resilient.

What is the downside?
Edge computing requires a lot of hardware. For example, a large distributor or manufacturer who wanted to use IoT security cameras would need to have those edge devices at all of their hubs or warehouses. Decentralizing your equipment can present logistical challenges when it comes to management and maintenance

Edge computing has an increased attack vector because these multiple internet-facing devices are not behind well-secured corporate networks with giant firewalls, and therefore are more vulnerable to being hacked. A malicious user might try to steal your data or just commandeer your devices.

In the consumer space, a lack of security updates is a problem for products like smart lightbulbs, doorbells, and home sensors. As vulnerabilities are found, these devices need to be patched, to ensure a cybercriminal does not get unwarranted access onto your home network or take over the operation of your lightbulbs or doorbell.

To learn join us for two Webinars with Microsoft and Reddington on 21 October 2020 covering Dynamics 365 Finance, Dynamics 365 SCM Dynamics 365 Fraud protection, and how the cloud and Dynamics 365 is supporting digital transformation and new business paradigms.
To learn more call us on 009714 3365589

MrbMiner – act now to protect your SQL databases

October 3rd, 2020 by Stephen Jones No comments »

MSSQL databases are under attack by a new devastating attack campaign. This time it is a dangerous malware called MrbMiner which is devised by an experienced hacking group. At this moment there is no information available about the identity of the criminals behind it. The name was given to the virus after one of the domain names which was registered to spread it.The attacks using a botnet approach — numerous computers and hacked hosts are tasked with the goal of automatically identifying accessible database servers on a given network. If such is found an automated script will be invoked which will attempt to leverage various security exploits. The main technique used is the brute force attempts that will use a dictionary or algorithm-based lists of usernames and passwords of the administrative users.A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.

Thousands of MSSQL databases have been infected so far, according to the cybersecurity arm of Chinese tech giant Tencent.In a report published earlier this month, Tencent Security named this new malware gang MrbMiner, after one of the domains used by the group to host their malware. The Chinese company says the botnet has exclusively spread by scanning the internet for MSSQL servers and then performing brute-force attacks by repeatedly trying the admin account with various weak passwords.

Once the attackers gain a foothold on a system, they download an initial assm.exe file, which establishes a (re)boot persistence mechanism and adds a backdoor account for future access. Tencent says this account uses the username “Default” and a password of “@fg125kjnhn987.”

The last step of the infection process was to connect to the command and control server and download an app a Trojan module. that mines the Monero (XMR) cryptocurrency by abusing local server resources and generating XMR coins into accounts controlled by the attackers. It is used to keep a connection to the hacker-controlled server. It is used to take over control of the systems and steal any files and data from the hacked hosts. Usually, database servers are built on top of enterprise-grade and performance-optimized servers. For this reason, the hackers behind the ongoing campaign have implemented another dangerous action – to deploy a cryptocurrency miner. This is a script configured to download multiple performance-intensive complex tasks onto the infected servers. They will run automatically which will have a crippling effect on the usability of the systems. For every reported and completed the job the hackers will receive cryptocurrency assets as a reward.

The attacks will probably change in the near future. They are particularly useful for spreading dangerous malware such as the Qbot Trojan.

LINUX AND ARM VARIANTS ALSO DISCOVERED

The MrbMiner C&C server also contained versions of the group’s malware written to target Linux servers and ARM-based systems.
The Monero wallet used for the MbrMiner version deployed on MSSQL servers stored 7 XMR (~$630). While the two sums are small, crypto-mining gangs are known to use multiple wallets for their operations, and the group has most likely generated much larger profits.
For now, what system administrators need to do is to scan their MSSQL servers for the presence of the Default/@fg125kjnhn987 backdoor account. In case they find systems with this account configured, full network audits are recommended.

A T-SQL query that will collect data for you:

SELECT COUNT(*)
FROM sys.sql_logins AS s
WHERE s.[name] = ‘Default’
AND PWDCOMPARE(‘@fg125kjnhn987.’, s.password_hash) = 1

See this link for guidance on removal:

SSD performance degrades over time- prevent this with DymaxIO

September 29th, 2020 by Stephen Jones No comments »

Can SSD performance degrade over time and is there a way to prevent this? The answer is YES and YES. the same solution that addresses the inefficiencies of iops in Windows , SQL and VMs can also help you to maintain the performance of your solid state disks.

The reason for this degradation is an undesirable SSD phenomenon called the Write Amplification Factor (WAF), . This is a numerical value that indicates the actual amount of data that was written to an SSD in relation to the amount of data that was requested to be written from the Host (i.e. Windows OS System)

WAF = the data written to the SSD / the data written by the host

For example, an application on the Windows Server system writes out 128kb of data to the SSD, but internally on the SSD, 512kb of data is written on the SSD for this to occur. This will degrade SSDs write performance.

In this example, the WAF = 512kb/128kb = 4 ! This is bad, a 128kb write from the host that resulted in 512kb of internal writes on the SSD

Ideally, you want a WAF = 128KB/128KB = 1

Why does this occur. Unlike HDDs, data cannot be directly overwritten on a disk. On SSDs, data can only be written to erased spaces. When you have a brand new initialized SSD, all of the pages are in a free/erased state, and there is no problem for it to find free/erased spaces to write new data. But as the SSD starts to fill up with data, resulting in erased spaces having to be created that causes the WAF to increase. I can go into more detail on this but will save it for another time. Suffice to say, a higher WAF value means SSD performance degradation.

Do SSDs degrade over time?

The answer is YES but this has to do more with the SSDs filling up over time. Some recommendations on the web advise to keep free space on SSDs anywhere from 10% to 30% to avoid this degradation. With less free space on a highly I/O intensive system, a couple of things occur:

-There are less free spaces to write to, extra overhead may have to occur like block erasures to allow the new updates to occur. This increases the WAF – Not a good thing.
- With less free space, file data may get spread out to different locations on the SSD. For example, in the best case, 10 pages of file data that is being updated are all on the same block.
- When the block needs to be erased to be updated, then just that one block needs to be updated. If those 10 pages are on 10 different blocks, then in the worst case, those 10 blocks have to be erased and re-written – More overhead and a higher WAF.

The result is

➣SSDs are overprovisioned. For example, a 1TB SSD actually contains 1.1TB of data space. This extra space (seen only by the SSD internals) helps to allow the WAF to remain low.
➣SSD Garbage collection and Trim. Both of these processes include freeing/erasing spaces in the background so new writes can occur quickly on these newly erased spaces.

How doies DymaxIO™ help with SSDs Degrading?

DymaxIO has technology to keep the WAF low.

The patented IntelliWrite® technology enforces efficient Sequential Writes to occur rather than smaller Random Writes from the Windows Host. Sequential writes are more likely to place data in the same blocks which can decrease the WAF

Optimization engines keep the free space contiguous when needed on the host logical side. This will help enforce larger sequential writes to occur which decrease the WAF.

There are also a few more benefits of enforcing larger sequential writes.
- Sequential I/Os out-perform Random I/Os on storage, both HDDs and SSDs, so this ensures you are getting the optimal performance from your storage.
- Keeping the WAF low and writes lower on the SSD helps to extend the lifetime of the SSD.

IntelliWrite technology in DymaxIO does both of these functions automatically
- Keep sufficient free space on your SSDs
- Enforce Sequential Writes rather than Random Writes.

Fix at the source. 2X SQL application performance, accelerate Windows throughput 40+%, extend hardware life 2 to 3 years, reduce timeouts, crashes, and more. A software solution to software problems Just install, DymaxIOno code changes, no reboot necessary.

Call Synergy Software Systems 0097143365589

Zerologon – critical to patch now – especially for those with Windows Server 2008R2 or earlier versions

September 26th, 2020 by Stephen Jones No comments »

One of the highest-impact Windows vulnerabilities patched this year is now under active exploitation by malicious hackers, Microsoft warned overnight, in a development that puts increasing pressure on laggards to update now. The Zerologon micropatch is ‘primarily targeted at Windows Server 2008 R2 users without Extended Security Updates’

CVE-2020-1472, as the vulnerability is tracked, allows hackers to instantly take control of the Active Directory, a Windows server resource that acts as an all-powerful gatekeeper for all machines connected to a network. Researchers have dubbed the vulnerability Zerologon, because it allows attackers with only minimal access to a vulnerable network to login to the Active Directory by sending a string of zeros in messages that use the Netlogon protocol. The entire attack is very fast and can last up to three seconds, at most. In addition, there are no limits to how an attacker can use the Zerologon attack. For example, the attacker could also pose as the domain controller itself and change its password, allowing the hacker to take over the entire corporate network.

Simply put Zerologon lets anyone with a network toehold obtain the domain-controller password

“A security update was released in August 2020. Customers who apply the update, or have automatic updates enabled, will be protected.” Microsoft statement

Organizations with vulnerable servers should muster whatever resources they need to make sure this patch is installed sooner rather than later.

https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc

A test tool form Secura on Github, which you can download here: https://github.com/SecuraBV/CVE-2020-1472 can tell you whether a domain controller is vulnerable or not.

We advise readers ‘not to be the organisation that made the headlines because it failed to patch.”

It cannot be used to take over Windows Servers from outside the network. An attacker first needs a foothold inside a network. However, when this condition is met, Satnam Narang, staff research engineer at Tenable, described Zerologon as a “game over” situation for any organisation unlucky or foolhardy enough to fall victim to it, and urged prompt attention.

This bug is also a boon for malware and ransomware gangs, which often rely on infecting one computer inside a company’s network and then spreading to multiple others. With Zerologon, this task has been considerably simplified.

0patch, issued a “micropatch” of its own for the bug. “Our micropatch was made for Windows Server 2008 R2, which reached end-of-support this January and stopped receiving Windows updates” 0patch is also porting the micropatch to various still-supported Windows Servers for customers who for various reasons can’t apply the Microsoft patch, he added.

Zerologon carries a critical severity rating from Microsoft as well as a maximum of 10 under the Common Vulnerability Scoring System. Despite the high rating, the escalation-of-privileges vulnerability received scant, if any, attention when Microsoft patched it in August, and Microsoft deemed the chances of actual exploitation “less likely.”

The security world finally took notice last week with the release of several proof-of-concept exploits and a detailed writeup, which demonstrated the severity of the vulnerability and the relative ease in exploiting it.
All hands on deck. On Wednesday evening, Microsoft issued a series of tweets that Zerologon was now being exploited in the wild.
“Microsoft is actively tracking threat actor activity using exploits for the CVE-2020-1472 Netlogon EoP vulnerability, dubbed Zerologon,” Microsoft representatives wrote. “We have observed attacks where public exploits have been incorporated into attacker playbooks.”

The company provided several digital signatures of files used in the attacks, but it didn’t publicly provide additional details. Microsoft has published a threat analytics report that’s designed to help administrators assess the vulnerability of their networks, but it’s available only to Office 365 subscribers..

It’s hard to overstate the severity of an exploit that makes it possible to take control of an Active Directory using several dozen lines of code. Active Directories (and the domain controller servers they run on) are the resources most cherished by ransomware attackers. With control over the central provisioning directory, they can infect entire fleets of machines within minutes. Nation-sponsored hackers performing surgical-precision espionage campaigns also prize such access because it allows them to control specific network resources of interest.

There may also be ways to exploit Zerologon directly from the Internet with no previous access. Internet searches and now more than 33,000 and 3 million networks are exposing domain controllers and Remote Procedure Call login servers to the public Internet. In the event a single network is exposing both resources, the combination may leave a network wide open with no other requirements.

The risk posed by Zerologon isn’t just that of facing a catastrophic hack. There’s also the threat of applying a patch that breaks a network’s most sensitive resource. Late last week, the cybersecurity arm of the Department of Homeland Security mandated agencies to either apply the patch by Monday night or remove domain controllers from the Internet. Less than three days later exploits are in the wild, so it’s clear there was good reason for the directive.

Patching Zerologon was no easy task for Microsoft, as the company had to modify how billions of devices are connecting to corporate networks, effectively disrupting the operations of countless of companies. This patching process is scheduled to take place over two phases. The first one took place last month, when Microsoft released a temporary fix for the Zerologon attack.
This temporary patch made the Netlogon security features (that Zerologon was disabling) mandatory for all Netlogon authentications, effectively breaking Zerologon attacks.
Nonetheless, a more complete patch is scheduled for February 2021, just in case attackers find a way around the August patches. Unfortunately, Microsoft anticipates that this later patch will end up breaking authentication on some devices. Some details about this second patch have been described here https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

Note if you use Samba for domain control then that is also impacted and there is a patch available.

Microsoft Power BI new license option – called Premium Per User, or Premium Gen2. Ask Synergy Software Systems

September 25th, 2020 by Stephen Jones No comments »

A recent, Microsoft Ignite 2020 announcement of a new licensing plan for Microsoft Power BI, called Premium Per User, or Premium Gen2.

We already have license options for:
Per user Pro
One of the most common licensing options is the Power BI pro account, that gives the user enough access to do *almost* anything they want in the world of Power BI development, building solutions, creating workspaces in the service, sharing the content to the users, etc. This licensing is priced $9.99 USD per user per month.

Good enough to cover the analytics needs of a small to medium scale business with usual analytics requirement. Requirements such as getting data from multiple sources, combining it, building superb visualizations and sharing among a reasonable number of end-users.

Premium: capacity-based
Another popular option is to purchase a dedicated capacity (a dedicated node of certain amount of CPU cores and RAM power) to host the Power BI content on it. The dedicated capacity comes not only with a better performance, but also, with extra features. Such as using AI abilities, some extra features in the dataflow development, geo replicas for the data model, paginated reports and many other features. Dedicated capacity comes in two modes; embedded, and Premium. and the minimum entry for Premium is $4,995 USD per node.

Good for enterprise scale businesses with advanced analytics requirement, such as working with big data, building computed entities in the dataflow, leveraging AI functionalities, and requiring high performance for their big data analytics.

Pro is cheap enough to get every business started with analytics, and Premium is powerful enough to cover sophisticated analytics requirements. However, there is a large group of small to medium scale business which have advanced analytics needs. Premium capacity-based licensing for this group is too expensive. For a company with l only 10 to 20 users, there may not be an ROI to pay $4,995 per month for analytics. On the other hand, Pro is too limited. They need some features that are not available in this licensing.

The details of how much the licensing would cost are still to be determined, as the licensing for Premium Per User, or Premium Gen2 will come later this year (2020). It means that a small scale business can pay for the analytics requirement with a per-user licensing , which may be a worthwhile option. That means business can scale with advanced analytics features like an enterprise customer.

PowerBi support for Windows7 and older versions of .net will end soon -ask Synergy Software Systems

September 25th, 2020 by Stephen Jones No comments »

After 10 years, support for Windows 7 ended on January 14, 2020.
In line with this, Microsoft will be stopping support for Power BI Desktop on Windows 7 on Jan 31st 2021.

After that, Power BI Desktop will only be supported on Windows 8 and newer versions.

The January 2021 release of Power BI Desktop Optimized for Report Server will be supported as per the Modern Lifecycle Policy i.e. supported until the next release (currently scheduled for May 2021), after which it will only receive security updates until January 2022, after which support will stop.

Microsoft is also making a change to the version of .NET that is required to run Power BI Desktop.
Starting from the October release you need the .NET 4.6.2 or greaterversion to be installed. This is installed by default with Windows 10 and for older versions of Windows the Power BI Desktop installer will launch the .NET installer for you.

Why software update is important – the latest patches from Microsoft monthly ‘Patch Tuesday’

September 16th, 2020 by Stephen Jones No comments »

There many reasons from performance to new features to compliance and to support new ways of working.
However, with the huge sophisticated increase in cybercrime, unpatched and out fo date software versions are most vulnerable.

As part of this month’s Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software. Of the 129 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, ChakraCore, SQL Server, Exchange Server, Office, ASP.NET, OneDrive, Azure DevOps, Visual Studio, and Microsoft Dynamics — that received new patches, 23 are listed as critical, 105 are important, and one is moderate in severity.

Unlike the past few months, none of the security vulnerabilities the tech giant patched in September are listed as being publicly known or under active attack at the time of release or at least not in knowledge of Microsoft.

A memory corruption vulnerability (CVE-2020-16875) in Microsoft Exchange software is worth highlighting all the critical flaws. The exploitation of this flaw could allow an attacker to run arbitrary code at the SYSTEM level by sending a specially crafted email to a vulnerable Exchange Server.

“A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory,” Microsoft explains. “An attacker could then install programs; view, change, or delete data; or create new accounts.”

Microsoft also patched two critical remote code execution flaws in Windows Codecs Library; both exist in the way that Microsoft Windows Codecs Library handles objects in memory, but while one (CVE-2020-1129) could be exploited to obtain information to compromise the user’s system further, the other (CVE-2020-1319) could be used to take control of the affected system.

Besides these, two remote code execution flaws affect the on-premises implementation of Microsoft Dynamics 365, but both require the attacker to be authenticated.
Microsoft also patched six critical remote code execution vulnerabilities in SharePoint and one in SharePoint Server. While exploiting the vulnerability in SharePoint Server requires authentication, other flaws in SharePoint do not.

Other critical flaws the tech giant patched this month reside in Windows, Windows Media Audio Decoder, Windows Text Service Module, Windows Camera Codec Pack, Visual Studio, Scripting Engine, Microsoft COM for Windows, Microsoft Browser, and Graphics Device Interface.

Vulnerabilities marked as important reside in Windows, Active Directory, Active Directory Federation Services (ADFS), Internet Explorer Browser Helper, Jet Database Engine, ASP.NET Core, Dynamics 365, Excel, Graphics Component, Office, Office SharePoint, SharePoint Server, SharePoint, Word, OneDrive for Windows, Scripting Engine, Visual Studio, Win32k, Windows Defender Application Control, Windows DNS, and more.

Most of these vulnerabilities allow information disclosure, the elevation of privilege, and cross-Site Scripting. Some also lead to remote code execution attacks. In contrast, others allow security feature bypass, spoofing, tampering, and denial of service attacks.

Windows users and system administrators are highly advised to apply the latest security patches as soon as possible to keep cybercriminals and hackers away from taking control of their computers.

For installing security updates, head on to Settings → Update & security → Windows Update → Check for updates or install the updates manually.

S

SnapLogic and rapid integration with SAP, Concur, Ariba, Fieldglass, Cloud Analytics….

September 15th, 2020 by Stephen Jones No comments »

On 16th September, SnapLogic and SAP will present the very latest in Citizen-Integration IPaaS simplifying integration of SAP Ariba, SAP Concur, SAP Fieldglass, multiple data sources and apps with SAP Cloud Analytics and SAP Data Warehouse Cloud.

You will also hear from Siemens AG, how they drove their integration vision successfully.
Learn how, by adding SnapLogic to your SAP data and application fabric, you can better:
• Maximise your SAP investments and reduce IT debt
• Optimise procurement operations and accelerate SCM delivery by 10X
• Create smooth paths to your other best-of-breed applications and solutions
• Align your business with application delivery and initiatives
Speakers:
- Thomas Hecht, Head of Technology at Siemens AG
- Klaus-Peter Sauer, Senior Director Data Warehousing EMEA at SAP
- Roger Coles, Director of Alliances and Channels, EMEA at SnapLogic
- John Landells, Solutions Engineer, EMEA at SnapLogic

Contact Snaplogic partner Synergy Software Systems us for information on how to register.

Microsoft Lists now in Teams – ask Synergy Software Systems

September 8th, 2020 by Stephen Jones No comments »

Microsoft Lists, a new product based on SharePoint Lists, is now generally available through the Microsoft Teams service for both business and government users, Microsoft announced this week. Besides Teams, Lists is also slated for SharePoint Online and the Microsoft 365 Launcher application.
Mobile apps for iOS and Android are expected to be released around the end of the year.
Lists in Teams Availability
Lists in Teams availability depend on the sort of Microsoft 365 updates an organization elects to receive. The feature started rolling out in August to tenants getting “targeted” update releases, according to Lincoln DeMaris, a Microsoft principal program manager on the Microsoft Lists team, in an interview published by Microsoft on Monday.
The application more likely will arrive in Microsoft 365 tenancies in early September, and will get finalized in mid-October, according to Daniel Glenn, a Microsoft Most Valuable Professional, in an Aug. 8 “365 Message Center Show” podcast.
Lists wasn’t there in Teams when I checked the Apps menu. However, when it’s available, Lists will get added by default for all Teams users unless IT pros block it, according to this Microsoft help document. Data used with the Lists app are stored in an organization’s “SharePoint Online team site,” the document explained. Permissions associated with Lists in Teams apparently get controlled via SharePoint List or Library permission controls that IT pros may set.
Lists Capabilities
Microsoft Lists is different from other Microsoft list programs in providing user-friendly templates to help create lists. Within Teams, it’s possible to chat about the lists using a pane on the right side. Lists also can be created from Excel workbook files, if wanted.
Microsoft’s premade Lists templates include:
• Patients
• Loans
• Incidents
• Issue Tracker
• Event Itinerary
• Business Trip Approvals
• Team Contacts
• Asset Tracker
• Project Planning
• Onboarding Checklist
The first three lists (Patients, Loans and Incidents) are described as being new “industry-specific templates.” It’s also possible to create new lists by scratch, or create a new list using the formatting of an existing list.

End users can change the views in how the list information gets presented. Some views, though, such as “calendar views, gallery views and rules” are yet to come, according to DeMaris. While end users typically create lists within an organization, they also can create personal lists. DeMaris suggested Microsoft was working to address possible organizational governance issues associated with this personal lists creation capability.
Lists is powered by the same technology Microsoft uses to power SharePoint Site designs, DeMaris explained. That circumstance means that some of the same sort of customization options available for SharePoint Sites may be coming to Microsoft Lists, as well, he suggested.
Organizations using Lists in SharePoint Online don’t need to migrate them to SharePoint Lists because they are basically the same thing, DeMaris noted.

Machine learning, UiPath and Ai Fabric

September 3rd, 2020 by Stephen Jones No comments »


Contact us on 00971 43365589 to learn more.