Archive for October, 2017

« Older Entries

System accounts – security

October 29th, 2017

An Office 365-focused Botnet puts the spotlight on the security of System Accounts which are commonly overlooked

A botnet it dubbed “KnockKnock” aActive since at least May, and especially active from June through August, is relatively small botnet whose attack highly targeted for both: the types of accounts it attacks and the types of organizations. GThis is interesting is because it is trying to get into system accounts, that are commonly used to connect the Exchange Online e-mail system with marketing and sales automation software. In cases where the system accounts are compromised, KnockKnock exports data from the inbox, creates a new inbox rule and starts a phishing attack from the account against the rest of the organization.

The attacks analysed averaged only five e-mail addresses per customer. Additionally, the organizational targeting was extremely specific — aimed at infrastructure and Internet of Things (IoT) departments within the manufacturing, financial services, health care and consumer products industries, as well as U.S. public sector agencies.

Non-human system accounts are less likely to be protected by multi-factor authentication or security policies, such as recurring password reset requirements. Once such accounts are provisioned, they’re easy to overlook and can prove to be the weakest link in Office 365 and in general the security infrastructure.

Comments Off on System accounts – security »

Posted in Microsoft, Security and Compliance, Technology

Bad Rabbit – a virulent wave of data-encrypting malware is sweeping through Eastern Europe

October 28th, 2017

A new, potentially virulent wave of data-encrypting malware is sweeping through Eastern Europe and has left a wake of outages at news agencies, train stations, and airports, according to multiple security companies

A new ransomware outbreak similar to WCry is shutting down computers worldwide, Ransom:Win32/Tibbar.A or Bad Rabbit, as the outbreak is dubbed, is primarily attacking targets in Russia, but it’s also infecting computers in Ukraine, Turkey and Germany, researchers from Moscow-based Kaspersky Lab said. In a blog post, the antivirus provider reported that the malware is using hacked Russian media websites to display fake Adobe Flash installers, which when clicked infect the computer visiting the hacked site. Researchers elsewhere said the malware may use other means to infect targets.

Bad Rabbit appears to specifically target corporate networks by using methods similar to those used in a June data-wiping attack dubbed “NotPetya” that shut down computers around the world.
Bad Rabbit infects Windows computers and relies solely on targets manually clicking on the installer, Kaspersky Lab said. So far, there’s no evidence the attack uses any exploits.

The Ukrainian computer emergency agency CERT-UA posted an advisory on Tuesday morning reporting a series of cyberattacks.

Kevin Beaumont said on Twitter that Bad Rabbit uses a legitimate, digitally signed program called DiskCryptor to lock targets’ hard drives. Kaspersky Labs’ blog post said the executable file dispci.exe appears to be derived from DiskCryptor and is being used by Bad Rabbit as the disk encryption module.

Bad Rabbit relies on hard-coded credentials that are commonly used in enterprise networks for file sharing and takes aim at a particularly vulnerable portion of infected computers’ hard drives known as the master boot record. A malicious file called infpub.dat appears to be able to use the credentials to allow the Bad Rabbit to spread to other Windows computers on the same local network, The malware also uses the Mimikatz network administrative tool to harvest credentials from the affected systems.

Once Bad Rabbit infects a computer, it displays a message in orange letters on a black background. It directs users to a Dark Web site that demands about $283 in Bitcoin to decrypt data stored on the encrypted hard drive. The dark Web site also displays a ticking clock that gives victims 40 hours to pay before the price increases. It’s not yet known what happens when targets pay the ransom in an attempt to restore their data. The NotPetya malware was written in a way that made recovery just about impossible, a trait that has stoked theories that the true objectives of the attackers was to wipe data in an act of sabotage, as opposed to generate revenue from ransomware. It also remains unclear who is behind the attack.

The outbreak is the latest reminder that you should back up all their data on drives that are secured with a password or other measure to protect them from ransomware.

Windows Defender Antivirus detects and removes this threat with protection update 1.255.29.0 and higher.

This threat appears as a fake Adobe Flash Player update.

Microsoft advice:
Microsoft doesn’t recommend you pay the ransom. There is no guarantee that paying the ransom will give you access to your files. If you’ve already paid, then see our https://www.microsoft.com/en-us/mmpc/shared/ransomware.aspx for help on what to do.

Review logs and shutdown or run Windows Defender Offline.

This ransomware attempts to reboot your PC so it can encrypt your files. You might be able to stop your PC from rebooting and instead shut it down or run a Windows Defender Offline scan:
Check event logs for the following IDs: 1102 and 106
• Event 1102 indicates that the audit log has been cleared, so previous activities can’t be seen.
• Event 106 indicates that scheduled tasks “drogon” and “Rhaegel” have been registered (these are ransomware wipers)
• If events 1102 and 106 are present, then issue a shutdown with the parameter -a to prevent a reboot

You can also immediately inititate a Windows Defender Offline scan by using PowerShell or the Windows Defender Security Center app.

Run antivirus or antimalware software

Use the following free Microsoft software to detect and remove this threat:
• Windows Defender Antivirus for Windows 8.1 and Windows 10, or Microsoft Security Essentials for Windows 7 and Windows Vista
• Microsoft Safety Scanner – Run a full scan to look for anyhidden malware.

Advanced troubleshooting – To restore your PC, download and run Windows Defender Offline.

Ask us about how to use cloud protection to guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Windows Defender for Windows 10. Go to All settings > Update & security > Windows Defender and make sure that your Cloud-based Protection settings is turned On.

Indicators of compromise
Presence of the following files in %SystemRoot%:
• infpub.dat
• cscc.dat
• dispci.exe
• You can’t access your files or your PC
• A ransom message in red on a black background

Comments Off on Bad Rabbit – a virulent wave of data-encrypting malware is sweeping through Eastern Europe »

Posted in General Synergy News, Microsoft, Microsoft Dynamics Ax, Microsoft Dynamics CRM, Security and Compliance, Sunsystems and Vision, Technology

EdgeHTML 16 – a major update to the Edge browser.

October 25th, 2017

Microsoft is rolling out the Windows 10 Fall Creators Update to all its customers form October 17, 2017. By the end of the year, everyone who doesn’t actively delay its installation should have the update. There are numerous new and improved features included in this update, one less publicised example, is the Edge browser major update to a new version that Microsoft calls EdgeHTML 16.

This new version of Microsoft’s Edge browser adds several features and i some subtle changes to the interface. to support a mobile-first, cloud-first world.

EdgeHTML 16 highlights

interface. The new version contains elements of the Fluent Design System, which gives it a different level of depth and transparency. The change may not be all that noticeable at first, but there are differences in title bar colors and shading that give the browser a much-needed facelift.

With EdgeHTML 16, Users can now change highlight colors and add notes on the fly using the power of the right-click and context-sensitive menus. If you are into annotation, then the EdgeHTML 16 browser is built with you in mind. You can add highlights in four colors, underline, add comments or copy text. You also have the ability to Ask Cortana to find more information about the content you are reading without leaving the reading experience. To get started, simply select some text and choose one of the annotation options from the menu that pops up!

Or, if you’re reading a PDF, you can select the “Add notes” button next to the address bar to mark the PDF up with Windows Ink.

This feature lets you take notes with a pen or highlighter right on the page – perfect for marking up a draft, signing a document, or for filling out a form.

Microsoft Edge can now read web pages, e-books, and other documents out loud to make reading accessible to more people. To hear an e-book or PDF out loud, click or tap anywhere on the page and select the “Read aloud” button from the top-right corner.

One more useful features of this new version of Edge is the ability to pin favorite websites directly to the taskbar. You no longer have to rely on jump lists to get to your most important websites. Pinning a website to your taskbar will override your default browser setting, to use Edge instead. This isuseful for loading Office 365 in Edge instead of Chrome.

A small useful feature is athe ability to edit the address for individual favorites in the Favorites Hub or on the Favorites bar.

New features like web notifications and location services mean more sites may ask for your permission to access your location, webcam, or to send notifications, among other things. To help make it easier to keep track of what permissions you’ve granted, there is a new “Show site information” pane to see the permissions you’ve granted for every website you visit.

Another useful feature for a mobile-is support for an option called Continue On Your PC. When you are reading a website on your mobile device, you can send it to your Windows 10 desktop running Edge and not miss a beat—which fits in well with Microsoft’s concept of a mobile workforce relying on collaboration to get work done.

You can also now browse in full screen.

For developers there also a lot of technical enhancements for web apps, modern layouts, payments, and more.

There are many other new and improved features to be found in the new EdgeHTML 16 that relfect Microsoft’s business strategy of helping users connect, collaborate, and produce in a mobile and dispersed working environment.

Comments Off on EdgeHTML 16 – a major update to the Edge browser. »

Posted in Microsoft, Technology

Sales in Dynamics 365 (CRM)

October 24th, 2017


Watch this video for an overview of how Microsoft empowers sellers to drive personal engagement with customers.


Watch this video for some highlights of how sellers leverage key capabilities like actionable insights, relationship management, sales productivity, and sales performance.

Comments Off on Sales in Dynamics 365 (CRM) »

Posted in Dynamics 365

Dynamics CRM Customer Hub

October 24th, 2017

The Customer Service Hub shows you all your vital customer service information in one place, and makes it easier for reps and managers to prioritize and act on service cases.

Expertly manage your cases, engage with your customers, and create activities directly from the timeline. With full access to a customer record, as well as related cases, entitlements, and knowledge articles, the case form in the Customer Service Hub app in Dynamics 365 for Customer Service helps you quickly find and act on data as you work toward case resolution.

Use the modern and intuitive dashboards in Customer Service Hub in Dynamics 365 for Customer Service, you can filter the information that is most important and requires immediate focus, and take decisive action.
The Tier 1 dashboard helps you find your cases and the things you need to do fast. Use visual filters and tiles to decide what you want to see and work on. The Tier 2 dashboard gives team leads and managers a single place to monitor more complex or escalated cases.

Comments Off on Dynamics CRM Customer Hub »

Posted in Dynamics 365

October update Dynamics 365 Project Service Automation (v2.1.0.30) Enhancements

October 24th, 2017

New capabilities enabled for this upgrade release
• Added Billing Type field on expense tax invoice line details.
•Added Role (resource category) column between Task Id and Transaction Category columns for Actual associated view.
•Improved performance by avoiding unnecessary WBS aggregation on update task.
• Localized label and better description for invalid action on MS Project label.

Below are the major bug fixes for this upgrade release
•Time entry created in the week of DST transitions to Standard time shows up on the following day. 
• Importing Estimate lines onto Quote line from Project for a 2nd time results in an error “record is unavailable”.
• Contract performance does not show milestone amount in the Billed amount for FP line.
• “Record Is Unavailable” error is shown after navigating to and deleting the cost side detail record from a quote line detail.
•WBS view UX issue with column heading width and Gantt scrollbar.
• European number formatting not respected on the quick create UI for estimated hours when creating project from template.
•In MS Project, after Find Resources and book a resource, the resource sheet is not refreshed.
• Hitting “This action is not allowed for projects linked to MS Project.” error when trying to book a team member on MSP-link project, with non-contiguous booking slots.
• Error pop-up when deactivating Resource Request.
• Generic resource is not using work hour template from project.

NOTE: This upgrade release can only be installed/upgraded for Dynamics 365 9.0+ org

Universal Resource Scheduling Enhancements
Below are the major bug fixes for this upgrade release
• Schedule board error when time zone set to GMT-3 Brasilia.
• Schedule board shows no resources available until switching from Hours view to Day view.
• Map pins are not refreshed when moving to next page of resources while in RM.
• Requirement map pin loses focus when searching for availability.
• Handle escaping requirement name on Schedule Board.
• Maintain Bookings not opening in the correct view.
• Cancel bookings route also showing in the mini map in schedule board.
• Hide inactive resource characteristics from resource fly out.
• Booking duration and percentage is not changing when cancel the booking after the moved bookings to different day. Cannot sort or filter fields added to requirement view on schedule board from other entities.
• Changing territory filter on board does not take immediate effect on the requirement tabs when Apply Territory Filter is enabled.
• On Schedule board, inconsistency in calculating the available capacity between hourly and daily view.
• Duration value is not updated when the requirement detail is deleted.
• Incorrect duration time on view details tooltip template in RM mode.
• On click of “Load Default filter” not clearing all controls in Filter control.
• Resource driving directions print window, print icon is missing next to print label.
• Add Fulfilled/Remaining Duration fields to the Requirement form.

NOTE: Enhancements and bug fixes for Universal Resource Scheduling apply for Field Service and Project Service Automation as well as other schedulable entities.

Comments Off on October update Dynamics 365 Project Service Automation (v2.1.0.30) Enhancements »

Posted in Dynamics 365

October 2017 updates for Dynamics 365 for Field Service.

October 24th, 2017

Field Service (v 7.1.0.33) Enhancements enabled for this upgrade release:
• Added a new view that shows only Field Service based Quotes and Field Service based Orders and link it to sitemap in Field Service.
• Added switch to turn off address suggestions at Field Service settings.
• Handled querying Service Territory offline to improve performance.

Share the schedule board:
You can now share the schedule board with specific people, everyone, or yourself only.
Just me – Only the owner of schedule board settings record sees it. This must be a Dynamics 365 user.
Specific people – Only users with read access to that schedule board settings record see this. This can be based on having higher security rights, or if the record is shared using Dynamics 365 Share functionality.
Everyone – If the user has access to use the schedule board, they will see these boards.

Dim unavailable resources: When searching for availability on the schedule board, resources that are unavailable in the search can either be dimmed, or removed from the schedule board. A user who only wants to see a specific set of resources can choose to dim unavailable resources instead of removing resources that are not a match while a user without this requirement can have unavailable resources completely removed from the board. This setting can be changed in the schedule board tab settings.

Fixes for this upgrade release:
•Schedule assistant is not displaying resources as per Requirement Resource Preference (Restricted/Preferred) on IE11 Browser.

NOTE: This upgrade release can only be installed/upgraded for Dynamics 365 9.0+ org.

Universal Resource Scheduling Enhancements

Fixes for this upgrade release
•Schedule board error when time zone set to GMT-3
•Schedule board shows no resources available until switching from Hours view to Day view.
•Map pins are not refreshed when moving to next page of resources while in RM.
•Requirement map pin loses focus when searching for availability.
•Handle escaping requirement name on Schedule Board.
•Maintain Bookings not opening in the correct view.
•Cancel bookings route also showing in the mini map in schedule board.
•Hide inactive resource characteristics from resource fly out.
•Booking duration and percentage is not changing when cancel the booking after the moved bookings to different day.Cannot sort or filter fields added to requirement view on schedule board from other entities.
•Changing territory filter on board does not take immediate effect on the requirement tabs when Apply Territory Filter is enabled.
•On Schedule board, inconsistency in calculating the available capacity between hourly and daily view.
•Duration value is not updated when the requirement detail is deleted.
•Incorrect duration time on view details tooltip template in RM mode.
•On click of “Load Default filter” not clearing all controls in Filter control.
•Resource driving directions print window, print icon is missing next to print label.
•Add Fulfilled/Remaining Duration fields to the Requirement form.

NOTE: Enhancements and bug fixes for Universal Resource Scheduling apply for Field Service and Project Service Automation as well as other schedulable entities.
Documentation site at https://docs.microsoft.com/dynamics365/, and then choose the What’s new tile.

Comments Off on October 2017 updates for Dynamics 365 for Field Service. »

Posted in Uncategorized

Diwali greetings 19 October 2017 from Synergy Software Systems

October 19th, 2017

Known as Deepavali, a Sanskrit word meaning “rows of lighted lamps”, it is one of the most popular Hindu festivals celebrated across South Asia. But it is also celebrated by Jains and Sikhs.

Diwali, the festival of lights, sees millions attend firework displays, prayers and celebratory events across the world every autumn. The main theme is the triumph of light over darkness and good over evil something to which we can all relate to no matter what our religion.

Diwali falls between October and November, but the exact date changes each year as it is marked by the Hindu lunar calendar. It lasts five days in total, with the festival of lights falling on the third days of celebrations, which is marked on the 15th day of the Hindu month Kartik. This year that falls on 19 October.

The festivities begin with Dhanteras, followed by ‘Narak Chaturdasi’, Deepawali on third day, ‘Diwali Padwa’ on fourth and ends with ‘Bhai Dooj’

May The Beauty Of Deepavali Season
Fill Your Home With Happiness,
And May The Coming Year
Provide You With All
That Bring You Joy!

When You Can Make Someone Else Smile
When You Can Be Someone’s Ally
That’s When You Can Yourself Be Glad
That’s When You’ll Have A Happy Diwali!

Deepawali Ka Ye Paawan Tyohar,
Jeevan Mein Laye Khushiya Aapar,
Laxmi Ji Viraje Aapke Dwar,
Subhkamnayen Hamari Karen Sweekar!!
Wish You And Your Family A Very Happy Diwali

Please note that Synergy offices will close at 5 pm today.

Comments Off on Diwali greetings 19 October 2017 from Synergy Software Systems »

Posted in Dubai and regional news, General Synergy News

VAT registration U.A.E. – act now deadlines are imminent

October 17th, 2017

The UAE Federal Tax Authority (FTA) online portal is open 24/7 to allow for taxpayers to register for VAT purposes. The FTA has also determined the deadlines for the application for VAT registration based on business turnover.
For larger companies VAT registration is required by 31 October 2017, and such businesses should
immediately consider the timeline requirement given their turnover profile and the other registration
requirements.
Businesses that are required to register for VAT will need to set up an online account on the FTA website and complete the VAT registration form.

The FTA has announced that a phased registration approach has been introduced. In particular, those businesses that meet these criteria must comply with the relevant application dates for registration:
● Businesses with an annual turnover exceeding AED 150 million must apply for registration by
31 October 2017
● Businesses with an annual turnover exceeding AED 10 million must apply for registration by 30 November 2017

● Remaining businesses with an annual turnover exceed the mandatory registration threshold
(expected to be AED 375,000) must apply for registration by 4 December 2017
Prior to the fulfilment of the VAT registration form, the FTA provides a “Getting Started Guide” that shares essential information that businesses should be aware of. This includes information on the registration criteria, registration of a VAT group, and necessity to register if only zero-rated supplies are made.

Additional details clarifying the VAT registration mechanism are found in the VAT registration guide, a document posted on FTA online portal under the “Advice” tab. This document captures the
calculation of turnover for VAT purposes, a walk-through of VAT registration through the FTA
registration portal, registration of a VAT group and types of books and records required to be held by a
taxpayer to ensure accurate tax compliance.

We strongly advise for businesses to visit the FTA website to initiate their VAT registration application by
their applicable deadline after having considered the guidance provided by the FTA and other advice
as required (for instance VAT Grouping).
Businesses should allow time to compile the required information for the VAT registration.

Comments Off on VAT registration U.A.E. – act now deadlines are imminent »

Posted in Corporate Perfomance Management, Dubai and regional news, Dynamics 365, Healthcare, Hospitality, Infor Financial solutions, Microsoft Dynamics Ax, Microsoft Dynamics CRM, Project Management, Sunsystems and Vision

Cumulative Update 13 for Microsoft Dynamics AX 2012 R3 is available for Synergy Software Customers

October 17th, 2017

Compatibility:
Windows Server 2016 is supported with AX 2012 R3 CU 13.
Microsoft Visual Studio Team Foundation Server 2017 is now supported with AX 2012 R3 CU 13.
Microsoft SQL Server 2016 SP 1 is supported with AX 2012 R3 CU 13.

Cortana intelligence services management – showcases Recommendations API integration in Dynamics AX 2012 R3.
Use this capability to create a machine learning model and train that model generate recommendations.
Use this as a reference implementation, and then connect more Cognitive Service APIs or to bring other Cortana intelligence based insights into your Dynamics AX solution.
For more detailed information, review the Cortana Intelligent Services management white paper – available from us on request.

There are a number of enhancements/hotfixes related to DIXF.
A new feature enables an alternate way to report a carry-forward budget. The feature maintains the carry-forward status on relieving documents that were based on an originating document carried
forward.
(If you change functionality mid-year, and not after year-end, then retroactively update the budget for any transactions for the current year.
This feature cannot be disabled after it’s enabled, because transactions which )would not be considered carry-forward might have occurred using the alternate configuration)

Reprocessing of documents against Budget control. When issues are found, the budget manager can inquire into the documents that were found and reprocess these. After reprocessing, the data maintenance process
becomes a read-only record of the documents that were found, as well as showing the results of the reprocessing.
To update the Ledger takes a long time to run Advanced ledger allocation basis rules, as the TempDB fills up -this addresses that issue.

Many retail enhancements – here are a few:

In Retail the maximum number of fields you can add to a receipt footer is increased from 50 to 100.

Customer data privacy – extra fields in the Customer table indicate privacy choices, such as do not call,
email, text, and so on, for all interfaces in all channels

A Post-sync channel DB clean up will reduce data volume.

The X Report and Z Report (in POS and HQ)will no longer include the amounts from the sales quotations.

A feature is added to display/check loyalty card point balance on the Customer detail, Store operation and Loyalty payment page.

A performance issue arises on the Retail Sales form when there are a large number of SQL records in the AX database. KB 4024615 hotfix adds a Search button, and changes the process so that the query is run only when the button is clicked.

A new control allows users to sell (and return) items outside the store assortment.
A credit memo is created without reference at AX HQ if the credit memo is created during a time when the network at the store is down. KB 4021760 hotfix clears the credit memo that was created previously before creating a replacement.

These are some SCM enhancements that also impact performance:
‘Select packing slip’ takes a long time to process for an intercompany Sales Order when the sales policy is set to Unit price equal to cost price – whichis common practice.
KB 3212427 hotfix resolves the performance issue by optimizing data access and improving the performance of the business logic.

When you have a large number of bills of materials (BOMs), bill of materials lines, or BOM versions, you may experience that the performance of the BOM circularity check, that is optimized for high complexity, is not
acceptable. The hotfix he hotfix improve performance of the BOM circularity check, that is optimized for high complexity, in scenarios where you have a large number of bills of materials (BOMs), bill of materials lines, or BOM versions.

Comments Off on Cumulative Update 13 for Microsoft Dynamics AX 2012 R3 is available for Synergy Software Customers »

Posted in Microsoft Dynamics Ax