No more ransomware project

July 28th, 2021 by Stephen Jones No comments »

The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.

No More Ransom is an online portal launched in July 2016 as a public-private partnership created by law enforcement and industry leaders (Europol’s European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands’ police, McAfee, and Kaspersky).

Today, the No More Ransom project includes 170 partners worldwide, including BleepingComputer, who joined the project in 2018. https://www.nomoreransom.org/

“The decryptors available in the No More Ransom repository have helped more than six million people to recover their files for free,” Europol said.

“This prevented criminals from earning almost a billion euros through ransomware attacks. Currently offering 121 free tools able to decrypt 151 ransomware families, it unites 170 partners from the public and private sector.”

No More Ransom 2021
Image: Europol

How does it work?

No More Ransom aims to help victims recover their encrypted files, raise awareness of the ransomware threat, and provide ransomware victims and the general public with direct links to report attacks.

To get a decryptor, you have to upload two encrypted files and the ransomware note via No More Ransom’s Crypto Sheriff, which will try to match them against a list of available decryption tools.

Should a match be found you will get a link to a suitable ransomware decryptor that comes with detailed instructions on how to unlock files.

When no decryptor is available, you are advised to check again for a match in the future since new unlock tools are added to the database regularly.

Ransomware victims are advised to never pay as this will finance the criminals future attacks but, instead to take measures to both prevent and to lessen the damage of such attacks:

  • Regularly back up data stored on your computer. Keep at least one copy offline.
  • Do not click on links in unexpected or suspicious emails.
  • Browse and download only official versions of software and always from trusted websites.
  • Use robust security products to protect your system from all threats, including ransomware.
  • Ensure that your security software and operating system are up-to-date.
  • Be wary while browsing the internet and do not click on suspicious links, pop-ups or dialogue boxes.
  • Do not use high privilege accounts (accounts with administrator rights) for daily business.
  • If you become a victim, do not pay! Report the crime and check No More Ransom for decryption tools

credit – https://www.bleepingcomputer.com/news/security/no-more-ransom-saves-almost-1-billion-in-ransomware-payments-in-5-years/

e-invoicing in KSA and Dubai – does your system meet the requirements? Ask Synergy Software Systems.

July 16th, 2021 by Stephen Jones No comments »

The Kingdom of Saudi Arabia (KSA). The Kingdom announced e-invoicing for resident companies, which was published on December 4, 2020. e-invoicing will become mandatory for tax payers from December 4, 2021.

The aims of the e-invoicing mandate are to provide more transparency, and enhance consumer protection and anothee benefit of e-invoicing implementation is the readability of the invoice formats

. Companies registered in Saudi Arabia should immediately start updating or changing their systems and processes to support issuance of e-invoices. This may be a little challenging. However, the key to successful implementation is to start early.

Note that Dubai has also announced similar legislation.

If you need to upgrade or change your system or to .add additional functionality to your systems to comply with the invoicing mandate then please contact us 009714336589

On this blessed occasion of Eid, we wish you and your family good health, wealth and prosperity. And don’t forget to take a reflection on you and your business this Summer.

July 14th, 2021 by Stephen Jones No comments »

SQL Server 2017 doesn’t have service packs, only cumulative updates, so this release marks something a little special: the Silver Anniversary.

For the first time, a single version of SQL Server has had twenty-five consecutive cumulative updates.

Get it here https://support.microsoft.com/en-us/topic/kb5003830-cumulative-update-25-for-sql-server-2017-357b80dc-43b5-447c-b544-7503eee189e9

GDPR _ Microsoft’s Windows diagnostic data processor feature is GA

July 13th, 2021 by Stephen Jones No comments »

Microsoft introduced a new capability in some of its products to help organizations ensure their compliance with data privacy regulations, in particular the European Union’s General Data Protection Regulation (GDPR).

The “Windows diagnostic data processor configuration” became generally available this week, Microsoft announced, It’s enabled in certain Microsoft tools, namely “Desktop AnalyticsUpdate ComplianceMicrosoft Managed Desktop, and the Windows Update for Business deployment service,” .

Data Controller Oversight
Windows collects diagnostic information, and organizations have had rather non-transparent ways of limiting what gets collected. They can just select a pre-set data collection level. Microsoft’s current data collection levels include “Diagnostic Data Off” (previously called “Security”), “Required” (previously called “Basic”) and “Optional” (previously called “Full”). Organizations that use the Windows Update service to keep systems patched need to use the Required option. These nuances, and more, are described here https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#enable-windows-diagnostic-data-processor-configuration

Microsoft is positioning the Windows diagnostic data processor configuration capability, as being equivalent to having data controller oversight as required by the GDPR.

From the “Configure Windows Diagnostic Data” document:

The Windows diagnostic data processor configuration enables you to be the controller, as defined by the European Union General Data Protection Regulation (GDPR), for the Windows diagnostic data collected from your Windows devices that meet the configuration requirements.

According to a European Union glossary entry, “the data controller is the party that, alone or jointly with others, determines the purposes and means of the processing of personal data.” The glossary entry adds that “the actual processing may be delegated to another party, called the data processor.”

It seems that Windows diagnostic data processor configuration capability is mostly conceived as a means for organizations to become compliant with the GDPR with regard to their customers. It’s also an assurance about Microsoft’s data collection practices.

Now generally available, the Windows diagnostic data processor configuration further empowers you to manage your organization’s diagnostic data. It provides you familiar tools to support data subject rights, including managing, exporting, or deleting data stored securely in your Azure tenant. It also lets you benefit from our technology without compromise.

The capability also helps organizations to elete data should they get a customer request to do so, which is also a GDPR prerogative. The customer, in GDPR lingo, is known as the “data subject” in such cases.

Handling data subject requests happens though “the admin portal,” according to a note in this “Windows 10 and Privacy Compliance” document.

Prerequisites to Using Diagnostic Data Configuration
There are prerequisites to using the Windows diagnostic data processor configuration capability, which is just supported on devices using “Windows 10 Pro, Education or Enterprise editions, version 1809 with July 2021 update or newer.” In addition, the Windows devices “must be joined to Azure Active Directory.”

The Windows diagnostic data processor configuration capability just applies to data collection by Windows components. It doesn’t apply to the apps running on top of Windows, which have their own data collection practices.

Skype for Business Online retires on July 31, 2021 -time to migrate to TEAMS

July 8th, 2021 by Stephen Jones No comments »

Skype for Business Online retires on July 31, 2021,

We recognize that customers have been working hard to complete their Skype for Business Online-to-Teams transitions by the retirement date. Some customers are going to face significant challenges to finish by July 31, 2021. We also understand the hurdles the past year has presented for organizations worldwide and the increased reliance on communication and collaboration platforms like Skype for Business Online and Teams to ensure business continuity.

Microsoft-assisted upgrades to Teams.. Read  guidance about Microsoft-assisted upgrades for information about what to expect.

After they’ve been scheduled for a Microsoft-assisted upgrade, Skype for Business Online customers will be able to request a three-month extension of the Skype for Business Online service to help address any remaining technical or organizational readiness issues. Customers can submit requests through the Teams admin center and can expect a response within three business days. Read the latest blog post to learn more.

.(he retirement of Skype for Business Online and corresponding assisted upgrades do not affect the Skype consumer service, Skype for Business Server products and Skype for Business Online operated by 21Vianet (China Sovereign Clouds Instance).)

https://docs.microsoft.com/en-us/microsoftteams/upgrade-skype-teams

Power apps new pricing from 1 Oct 2021

July 1st, 2021 by Stephen Jones No comments »

Microsoft announced today pricing and licensing updates to Power Apps.

To make the platform more accessible, whether customers are getting started with a small number of users or deploying at scale across the organization, it is reducing the price of the Power Apps per user and per app plans.  Al, Power Apps per app plan entitlements will also be simplified.

The following Power Apps licensing changes will go into effect on October 1, 2021:

  • The Power Apps per user plan will be priced at $20 per user/month, a decrease from the previous price of $40 per user/month. The plan will be available across Microsoft’s commerce channels – Volume Licensing (VL), Cloud Solution Provider (CSP) and web direct – without license minimums or other purchase requirements. Plan entitlements remain unchanged, including the ability for users to run unlimited apps and portals.
  • The Power Apps per app plan will be priced at $5 per user/app/month, a decrease from the previous price of $10 per user/app/month. Like the per user plan, the per app plan will also be available across the same commerce channels without license minimums or other purchase requirements.

    Simplified entitlements for the per app plan will let users run one app or access one portal, in contrast with the current entitlement of two apps and one portal. This approach more directly aligns with the plan’s intent of providing flexibility for customers seeking to license users one app at a time. Customers with existing per app plan subscriptions purchased prior to Oct 1, 2021 will maintain the current entitlement for the duration of their agreement term.

In the interim prior to October 1, availability of the Power Apps limited time, promotional offers is being extended. Beginning today, July 1 and running through September 30, eligible customers interested in taking advantage of reduced pricing can select from these promotional offers: The Power Apps per user and per app plans are currently available for $12 per user/month (minimum purchase of 5,000 licenses) and $3 per user/app/month (minimum purchase of 200 licenses), respectively. Offer availability and other conditions may apply.

 Power Apps portals login capacity was also recently available at a reduced price for eligible customers purchasing large volumes of sessions. This includes the addition of limited time offers for capacity tier 4 (25,000+ logins/month) and tier 5 (100,000+ logins/month), which joined the existing offers available for capacity ranging from 100+ to 5,000+ logins/month. With these limited time offers, Power Apps portals login capacity is available for a price as low as $12 per unit/month for tier 5 capacity. Minimum unit quantities and other conditions may apply.

Identity theft

June 28th, 2021 by Stephen Jones No comments »

In recent years, there has been a huge rise in the number of cases of identity theft. Around 49 million people have reported falling victim to crimes under this category. Identify fraud caused a total loss of approximately $56 billion in 2020 alone. This spike in identity theft has caused more and more people to think seriously about how they can better protect their identity.

You might find it helpful to read this extensive guide On What To Do If Your Identity Gets Stolen  https://spycamerasreviewed.com/tips-and-advice/guide-to-identity-theft/

Synergy Microsoft Gold partnership

June 23rd, 2021 by Stephen Jones No comments »

Our Microsoft Partner Network Gold competency membership has been confirmed again for the 15th time.

Natural remote hybrid meetings in Teams

June 22nd, 2021 by Stephen Jones No comments »

With office environments becoming increasingly “hybrid” post-pandemic, Microsoft is readying multiple improvements to its software to facilitate remote meetings.

Specifically, the company announced coming perks for users of the Microsoft Teams collaboration service, as well as Microsoft Viva, Microsoft’s relatively new “employee experience platform.”

Software improvements also are coming for Microsoft Whiteboard, a screen app used for collaboratively sketching ideas during meetings. Emerging Microsoft 365 “fluid components,” used to facilitate collaborations on the fly in applications, also are coming.

More Natural Remote Meetings
Microsoft’s meetings enhancements support the current work-from-home trend, dubbed “hybrid work,” Jared Spataro, corporate vice president for Microsoft 365, in the announcement suggested that Microsoft’s solutions bring organizations “a new operating model for people, places and process.”

The future improvements announced on Thursday aim to make remote meetings seem more natural. Microsoft concluded from its research findings that offering “a good view of the in-room participants” to remote viewers and “normalizing the sizes of people’s remote video feeds” would make remote meetings seem less fatiguing to viewers.

Fluid Components Expansion
Microsoft had introduced a preview of fluid components for Microsoft Teams in its May 2021 Build event. Fluid components enable messaging from software components, such as action items, lists or tables, when using the Teams service. Microsoft’s Thursday announcement explained that fluid components also are now coming to “OneNote, Outlook and Whiteboard to make it easier to collaborate synchronously and asynchronously across Teams and Office apps.” The exact timing when these fluid components will be integrated, though, not yet announced.

Fluid components are new Microsoft 365 solutions built on the Microsoft Fluid Framework, a Web-based “componentized document model for shared, interactive experiences” that was first introduced at the 2019 Microsoft Build event. These fluid components will are expected come to the Microsoft Teams and Whiteboard applications sometime this summer,

Front Row View in Teams Rooms
A major improvement for enhancing remote meeting experiences is its new “front row” feature for Teams Rooms.

With the front row feature, remote meeting participants appear in a row at the bottom of a screen, which is supposed to be at the same eye level as would be experienced if they had actually been seated in a meeting room. The top of the screen can then be used to display presentation materials. There’s also screen room on the sides to display other materials, such as a meeting agenda and a chat window.

The new front row feature “will be supported across both single and dual display configurations,” Microsoft explained in a Teams Rooms announcement. It’s expected to arrive “over the course of this year.”

New Whiteboard App
The Microsoft Whiteboard application, which lets people draw diagrams collaboratively using digital inking, is now described as being “completely new.” It has a new “Fluent toolbar” and improved inking capabilities when using a mouse. Drawn shapes get automatically straightened with a “shape recognition” capability.

The new Whiteboard app has various collaboration improvements. “Collaboration cursors” appear to identify people working together on a whiteboard. Microsoft added a laser pointer tool. It also added a “follow along” feature and new templates.

Ransomware – are you ready for the inevitable attack?

June 12th, 2021 by Stephen Jones No comments »

The question about whether your organization will be hit with a ransomware attack is not “if” but “when.” Ransomware attacks are still on the rise, and can hit anything from critical infrastructure to smaller enterprises that try to stay under the radar of cybercriminals. An epidemic of security breaches involving ransomware and other types of malware is hitting large companies. In some cases, including the May ransomware attack on Colonial Pipeline, hackers first gained access using compromised accounts. Many such credentials are available for sale online. The ransomware attackers prompted major disruptions to gasoline and jet fuel supplies in the Southeastern US.

Ransomware attacks in North America have soared by 158% and globally by 62% since 2019, according to the 2021 SonicWall Cyber Threat Report

Earlier this month, JBS, the largest US supplier of meat, temporarily shut down its US plants following a ransomware attack on its network.

Game-maker Electronic Arts and the Presque Isle Police Department in Maine are responding to an event they had both been dreading: the theft of gigabytes of private data by hackers who breached their Internet-connected networks.

In EA’s case, the theft included 780GB of source code and tools for FIFA 21,

In another recent incident around 200GB of private data belonging to the Presque Isle Police Department was dumped online by a ransomware group known as Avaddon. The police department was hacked on April 18 and given 10 days to pay a ransom. The department was able to rebuild its network using data backups, and it declined to pay. Earlier this week, Avaddon posted the data on its website hosted on the dark web. The haul included 15,000 emails, according to leak site Distributed Denial of Secrets, which is making the data available to journalists and researchers. The Avaddon site also showed a sampling of police reports and witness statements that date back to at least 2011. The files document incidents of domestic violence, shoplifting, and physical assault and in many cases provide phone numbers, addresses, and other personal information belonging to victims and defendants.

Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified.

In all, researchers from NordLocker said on Wednesday, the database contained 26 million login credentials, 1.1 million unique email addresses, more than 2 billion browser cookies, and 6.6 million files. In some cases, victims stored passwords in text files created with the Notepad application.

The stash also included over 1 million images and more than 650,000 Word and .pdf files. Additionally, the malware made a screenshot after it infected the computer and took a picture using the device’s webcam. Stolen data also came from apps for messaging, email, gaming, and file-sharing. The data was extracted between 2018 and 2020 from more than 3 million PCs.

Dark web ads for these viruses promise that they can build a virus to attack virtually any app the buyer needs. Once infected, a PC will regularly send pilfered data to a command and control server operated by the attacker. The files can be useful in piecing together the habits and interests of the victims, and if the cookies are used for authentication, they give access to the person’s online accounts.

If you want to determine whether your data was swept up by the malware check the Have I Been Pwned breach notification service, which has uploaded a list compromised accounts.

So what can you do to protect yourself. There is some good advice here https://www.eweek.com/enterprise-apps/how-can-you-prevent-ransomware/

In Theordore Levitt’s book, Thinking About Management, he says managers should ask simple questions. Why do we do it this way? What are the alternatives? What are the potential business costs? Who does it better? It is time for CEOs to start asking these kinds of simple questions about their firm’s security posture.

Contingency plans are part of sound preparedness. One of them should be that, in the case of a ransomware attack: How can the company ensure near-instantaneous recovery if the ransomware attack is ignored? Secondly, how can the company ensure that the data is not corrupted? Knowing and strategizing to have contingency plans in place to address these challenges will give a company’s leadership greater confidence to move forward.

IT executives need to have a seat at the crisis management table and be empowered to speak the truth, even if the other executives are reluctant to hear it. In the midst of a cyber attack, the communication within a company can easily be disrupted, fragmented, and isolated. Weaknesses in internal communication, and a disconnect between business executives and IT executives, is exposed. When business executives have limited information and do not have a full, clear picture of what the company can and can’t do, knee-jerk decisions are made, that lead to financial loss, reputation damage, and business disruption, when with preparation it can be avoided. 

Ransomware criminals have unlimited dollars and every tool and technology needed to succeed. 

Are you ready?