Archive for March, 2020

Newer Entries »

Coronavirus – crisis and team management for remote workers

March 16th, 2020

Coronavirus is a potent example of major disruption to business flow and continuity. Employees are unable to get to offices or need to self isolate. Offices may be shut down due to physical plant failure or lack of staff or to reduce risk of spread of infection. Consultants can’t travel to projects, supply chains are disrupted but customers still need service and support. Whatever the reason, organizations have to manage such incidents, collaboration and communication are essential to to ensure business continuity.

Microsoft Teams provides a suite of features. We have a ready template to get you started in a few days. The solution combines capabilities of Power Apps, Power Automate, Teams, and SharePoint.

Use on the web, mobile and in Teams.

The Crisis Communication app provides a user-friendly experience to connect end users with information about a crisis. Staff can quickly get updates on:

– internal company news,
– answers to frequently asked questions,
– access to important information like links – add RSS feeds of up-to-date information from reputable sources such as WHO, CDC, Airlines. or a local authority
– emergency contacts specific to different locations..

Create a crisis management team within Microsoft Teams to respond to issues.

Employees can report their work status (e.g., working from home) and make requests.

Managers can coordinate across their teams and helps central response teams to track status across an organization.

Monitor office absences with Power BI.

Once you have the app deployed, and people notify that they will be out of the office for various reasons (such as being sick or working from home) use a Power BI report to track how many. and where those people are located.

The adoption of Microsoft Teams has grown substantially in recentweeks, according to Microsoft, l because of the coronavirus outbreak that forces employees to work from home.

“Microsoft Teams is the only platform with tailored capabilities to connect everyone in your company, from the C-suite to the firstline, in one digital workspace. Our capabilities are built for your customer support staff, IT help desk, store associates, line workers and more,” Microsoft says.

Microsoft itself has not been immune to disruption and has cancelled Ignite Tour events, and to change its mixed reality plans following the cancellation of MWC, and Build 2020. Microsoft said its third quarter finances around Personal Computing will be harmed by the outbreak disrupting supplies.

https://www.zdnet.com/article/effective-strategies-and-tools-for-remote-work-during-coronavirus/
.
Ask about out other solutions for access controls, remote monitoring, business risk and continuity planning.

During a time of high illnesses and absences, consider our extended professional support and managed services.

Call 00971433645589

Comments Off on Coronavirus – crisis and team management for remote workers »

Posted in Uncategorized

Counterstrike against Necurs, a massive botnet

March 12th, 2020

Microsoft and an international consortium of partners this week launched a counterstrike against Necurs, a massive botnet that Microsoft had been observing and analyzing for nearly eight years.

Botnets are packs of hundreds, thousands or millions of PCs, sometimes called zombies, that have been infected with malware and are under the command and control of malicious actors. Under-patched and out-of-support Windows 7 computer can be infected with a Trojan that enlists that computer in various nefarious schemes. The zombie PC’s owner may notice nothing at all, or sometimes suspect a decline in performance. According to Microsoft, Necurs has had a role in a lot of those nefarious schemes.

Believed to be controlled by criminals in Russia, the botnet is also thought to have been used directly by its owners, as well as rented out as a botnet-as-a-service fy. One of its highest-profile roles was aiding in distribution of the GameOver Zeus banking trojan.

In the years since it first came to the attention of security researchers in 2012, the network has infected as many as 9 million computers globally. It has left its nasty digital fingerprints on pump-and-dump stock scams, fake pharmaceutical spam, Russian dating scams, Internet-based computer attacks, credential theft schemes, data theft attempts, cryptomining and, of course, ransomware. While botnets can be a key component of distributed denial-of-service (DDoS) attacks and Necurs has DDoS capabilities, Microsoft says that particular use for the botnet has not been documented.

BitSight, a cyber risk management platform provider that worked closely with Microsoft on the Necurs problem. alleged “From 2016 to 2019, it was the most prominent method to deliver spam and malware by criminals and was responsible for 90% of the malware spread by email worldwide,”

Microsoft on March 5 got an order from the U.S. District Court for the Eastern District of New York to take over the systems inside the United States that are used by Necurs for malware distribution and computer infections.

Microsoft and its partners crafted a sophisticated response built on the technical specifics of the Necurs botnet. Having studied the algorithm that Necurs uses to generate new domains, Microsoft used its considerable technical resources to jump ahead of the botnet .e to accurately predict over six million unique domains that would be created in the next 25 months,”wrote Tom Burt, Microsoft corporate vice president for customer security and trust, in a blog post.

The main counterstrike was launched Tuesday from what a detailed New York Times account described as an “eerily empty Microsoft campus” due to most workers having been ordered home to prevent the spread of the coronavirus.

” “Microsoft is also taking the additional step of partnering with Internet Service Providers (ISPs) and others around the world to rid their customers’ computers of malware associated with the Necurs botnet.”

As a concrete step, Microsoft is pointing users to the Microsoft Safety Scanner to help wipe their computers of malware, including Necurs.

Microsoft executives were resigned that any drops in spam, malware and cyberattacks would be temporary at best. In the NYT article, executives described the effort — sadly and accurately — as a game of whack-a-mole.

Comments Off on Counterstrike against Necurs, a massive botnet »

Posted in Microsoft, Security and Compliance, Technology

Cybercriminals are distributing malware using fake security certificate update requests

March 6th, 2020

Cybercriminals are distributing malware using fake security certificate update requests displayed on previously compromised websites, attempting to infect potential victims with backdoors and Trojans using a malicious installer.

The attackers bait their targets with a “NET::ERR_CERT_OUT_OF_DATE” error message presented within an iframe displayed over the site’s actual contents and asking them to install a security certificate that to allow their connection to succeed.

Security certificates (also known as digital certificates or identity certificates) are issued by Certification Authorities (CAs) and used to encrypt the communication between a user’s browser and a website’s server.When digital certificates are out of date and not renewed, web browsers display a notification letting the users know of the decrease in the security of their connection to the website.
Malware campaign active for at least two months

Security researchers at Kaspersky found the earliest signs of this campaign dating from January 16, 2020, with various types of websites being compromised and used to deliver malware to victims, from auto part stores to the site of a zoo.

The alarming notification consists of an iframe — with contents loaded from the third-party resource ldfidfa[.]pw — overlaid on top of the original page, The URL bar still displays the legitimate address.”
The code injected by the operators behind this campaign as a jquery.js script overlays the malicious iframe with the exact same size as the compromised webpage.

The iframe content is loaded from the address https[:]//ldfidfa[.]pw//chrome.html. As a result, instead of the original page, the user sees a seemingly genuine banner urgently prompting to install a certificate update.
If the targets fall for the attackers’ tricks and click the “Install (Recommended)” button under the fake warning message, they will download a Certificate_Update_v02.2020.exe binary that will infect them with malware instead of solving the made-up security certificate error.

Kaspersky discovered while monitoring these attacks that the victims will get infected either with the Buerak Trojan downloader that will download and install more malware onto infected computers. The Mokes backdoor was also spread as a malicious payload during early-January and used by the attackers to download additional malware, to steal the victims’ user credentials, capture keystrokes, records ambient audio every 5 minutes, as well as take screenshots and intercept information entered in the web browser.

Comments Off on Cybercriminals are distributing malware using fake security certificate update requests »

Posted in Security and Compliance, Technology

Microsoft’s free cloud-to-cloud migration tool, Mover, available to Microsoft 365 customers worldwide,

March 3rd, 2020

Microsoft’s free cloud-to-cloud migration tool, Mover, is “now available to Microsoft 365 customers worldwide,” Microsoft announced earlier this month. Mover is both a tool (a Web app that runs in a browser) and the name of the company based in Edmonton, Alberta, Canada that Microsoft bought in October. Typically, it’s used to move content and file shares from a cloud service to Microsoft’s OneDrive and SharePoint Online services.

The Mover migration tool can be used by organizations as a “self-service” solution for moving so-called “third-party” (non-Microsoft) cloud-based content to Office 365 services. Mover and Microsoft’s FastTrack partners also offer migration support services for some organizations.

The Mover tool supports other cloud services, as well. Box, Dropbox, Egnyte, Google G Suite and Amazon WorkDocs are supported. It’s described by Microsoft as a free tool for all Microsoft 365 customers. Likely, Mover is not a free tool when moving content to non-Microsoft cloud services, though.

Currently, Mover doesn’t have support for Office 365 government cloud moves, according to Microsoft’s announcement.

Microsoft’s FastTrack partner service, offering onboarding and migration support for moves to Microsoft 365 services, uses both the Mover tool and the SharePoint Migration Tool (SPMT), . FastTrack can be used by all Microsoft 365 subscribers and by Office 365 subscribers with more than 150 seats, according to this Microsoft FAQ document.

. Mover is just for cloud-to-cloud migrations. SPMT is used for moving SharePoint Server content (on the customer’s servers or “premises”) to SharePoint Online. Currently, the SPMT supports moving SharePoint Server 2013 and SharePoint Server 2010 content. Sometime this year, Microsoft expects to also have support in the SPMT for moving SharePoint Server 2016 and SharePoint Server 2019 content.

Microsoft introduced its Migration Manager tool during the November Ignite talk. Migration Manager, accessible via the SharePoint Admin Center portal, is still at the preview stage.

Currently, Migration Manager “does not support the migration of content from SharePoint Server,” according to the document (although that’s part of Microsoft’s stated roadmap plans). In addition, Migration Manager “currently supports only the migration of file shares.”

Migration Manager is designed to solve the difficulties that organizations have when carrying out SharePoint migrations across multiple machines. It’s used to set up clients and create a list of migration tasks. Migration Manager also has reporting capabilities, and it permits IT pros to monitor the progress of a migration.

Microsoft’s three migration tools — Mover, SPMT and Migration Manager — are somewhat siloed. Microsoft’s general aim is to make large migrations easier for organizations, .

Comments Off on Microsoft’s free cloud-to-cloud migration tool, Mover, available to Microsoft 365 customers worldwide, »

Posted in Dynamics 365, Microsoft, Technology

SQL Server 2016 SP2 Cu12 is available

March 1st, 2020

There’s a new feature: the default system health Extended Events session can now store a lot more data and you can edit how much it should hold.

Several hotfixes
• SQL Server can shut down when you hit the max number of sessions
• SQL Server can shut down due to lock conflicts during error message processing
• “SQL Server crashes frequently” when you check a clustered columnstore index for corruption
• AGs may have “interruption”
• Stack dumps when transaction replication has a heavy workload on the publication database
• Stack dumps when you query persisted computed columns
• Stack dumps when you run a batch mode query with multiple joins (that’s columnstore indexes in 2016)
• Scalar functions run slower than they did on SQL Server 2008 R2
• Non-yielding scheduler when the primary AG replica runs low on memory
• AG may think there’s a missing log block when the database isn’t very active
• AG automatic seeding may fail
• AGs with persistent log buffers: “all of the secondaries in the AG become unavailable”
• Change tracking auto cleanup causes access violations and stack dumps
• Access violations when Extended Events tries to capture query text on busy servers
• Error when stored proc in database A pulls data from database B while being audited in database C
• Stack dumps when you alter database-scoped configurations
• Incorrect statistics histograms when they’re updated in parallel – which also means that after you apply this CU, you should probably update your statistics.

Cumulative updates (CU) are now available at the Microsoft Download Center.

Only the most recent CU that was released for SQL Server 2016 SP2 is available at the Download Center. Each new CU contains all the fixes that were included togetrher with the previous CU for the installed version or service pack of SQL Server.
•Microsoft recommends ongoing, proactive installation of CUs as they become available: •SQL Server CUs are certified to the same levels as Service Packs, and should be installed at the same level of confidence.
•Historical data shows that a significant number of support cases involve an issue that has already been addressed in a released CU.
•CUs may contain added value over and above hotfixes. This includes supportability, manageability, and reliability updates.

•Just as for SQL Server service packs, we recommend that you test CUs before you deploy them to production environments.
•We recommend that you upgrade your SQL Server installation to the latest SQL Server 2016 service pack.

Comments Off on SQL Server 2016 SP2 Cu12 is available »

Posted in Corporate Perfomance Management, Microsoft, Microsoft Dynamics Ax, Microsoft Dynamics CRM, SharePoint and EPM, SQL, Sunsystems and Vision, Technology