Usernames and passwords of billions of users have been exposed online after the digital risk protection company DarkBeam left an online database unprotected.
Unfortunately over 3.8 billion user records were accessible to anyone during the period in which the database was exposed. The leaked email addresses and passwords contained on the database actually came from previous data breaches. Ionically DarkBeam had collected this information to alert its customers in regards to future data breaches, though it’s highly likely that this leak will affect non-customers as well.
Any such leak contains usernames and passwords from both reported and unreported data breaches, and there is a chance that your login credentials could be compromised, even though you had never heard of DarkBeam. it’s likely that hackers downloaded it to use in future attacks. For instance, they could use exposed email addresses in targeted phishing attacks. It’s more likely that cybercriminals with this data will try and use the usernames and passwords at a number of different sites to see if any of the victims reused the same passwords. Password reuse is a big problem and when you use the same password and username for multiple accounts, hackers use stolen credentials to login to your other accounts. Create strong, complex , unique for all of your accounts.
If that is not bad enough there is also a new open-source Windows malware Exela Stealer uses Discord to send stolen data back to hackers. Besides stealing login credentials, personal data and financial information, the malware can also steal session details from popular apps and online services including social media and gaming platforms. Once downloaded on a computer, Exela’s builder will run when there is a compatible version of Python (version 3.10.0 or 3.11.0) is installed on the machine and the builder can create a.exe file.
When the malware’s builder batch file inside the Exela setup folder is executed, a Discord webhook URL is required, and when a victim doesn’t provide this URL, an error message is displayed until they do. The Exela Stealer uses this Discord webhook URL to act as a remote server for the hackers who deployed the malware. to send all of a victim’s stolen data back to the hackers.
After installation on a victim’s PC, Exela Stealer persists by copying itself into a new directory in the local app data folder. It adds a startup entry in Windows Registry so that the malware continues to run even after the infected PC is rebooted.
Exela Stealer then targets any Chromium-based web browsers like Chrome, Edge, Brave, Opera or Vivaldi that are installed on a victim’s computer. Besides credentials, the malware can also steal credit card information, cookies and other browser data while logging keypresses and taking screenshots of the system. Exela Stealer can steal l info from social media platforms including Instagram, X, TikTok and Reddit along with data from both Steam and Roblox.Stolen data is sent back to the hackers behind Exela Stealer who can use it to commit fraud or identity theft.
You risk a bad malware infection should you try to download games or software illegally.. The Exela Stealer is distributed through phishing pages and websites offering free software downloads. However, given the malware’s capabilities, cybercriminals could devise new distribution method so be ever more vigilant about phishing emails, strong passwords, multi factor authentication, ant virus updates etc. Whenever there is a big data leak like this one, check whether your own credentials are compromised. T Cybernews has its own personal data leak checker, or use Troy Hunt’s popular HaveIBeenPwned ,or Mozilla’s Firefox Monitor.
Comments Off on Major Data breach – new Windows malware. »
FileHold Document Management Software has all of the essential features organizations need to make their documents secure, organized and compliant right “out of the box”.
FileHold delivers essential, document, records and workflow management.
FileHold scales to support thousands of users and millions of documents.
Ease of use
The FileHold filing structure mirrors the physical office filing environment. Document cabinets contain drawers that contain folder groups and or folders that contain documents. This familiar document filing approach ensures that users can easily browse for documents in a logical and efficient fashion.
Web browser access
FileHold software can be accessed from anywhere in the world via a web browser. Multiple browsers are supported and all functionality is available including system administration and library administration.
Mobile FileHold
Manage your documents while out of the office with the easiest mobile document management software you will ever use.
Search
Search documents from a simple Google-like search or an advanced search using metadata. Save the searches to create reports whenever you need.
Document viewers
A FileHold Level 1 viewer comes with every registered user license and allows users to see an image of a document without the need to have the native software installed on their computer the viewers work with both the web client and the desktop application.
Microsoft Office integration
Tight integration with Microsoft Office is provided that gives direct access from the document software to: Word, Excel, Outlook, PowerPoint and Visio.
Records management software
Manage both short and long term working and archived documents.
Advanced Record retention and disposition policies for both electronic and paper based records are standard in the software. Document, data and usage history is fully captured to stay in compliance.
Electronic forms (e-Forms)
Metadata information can be extracted from electronic forms created using the standard Microsoft Word tools found in Office or PDF forms. Once created the form data can be automatically extracted into FileHold metadata when the form is added to the system.
Courier
FileHold Courier allows you to transmit documents for viewing or approving to people inside or outside the document management system. Courier is a “proof of delivery” system where unlike email it is a secure method of sending documents. With email there is no way to know if the documents ever arrived or whether the attachment could be opened by the recipient. With Courier, recipients are notified by email containing a secure link which is then fully tracked and logged in FileHold.
Calendar
Differentiate your daily tasks and become more proficient at accomplishing your document management goals using the FileHold calendar.
Document version control
Document version control software provides: check in / checkout ability to prevent documents from being overwritten or deleted when documents are updated by more than one party. All versions of a document are maintained by the software.
Document scanning and imaging
FileHold ships with scanning and imaging software that support all scanners types to allow organizations to “go paperless”. Basic and advanced third party scanning software is supported for both simple and complex document scanning operations. Partner software to process scanned documents, to look for text using zonal OCR, and pre-populating metadata fields before import into FileHold. This is particularly powerful with standardized forms like invoices as part of the AP process. We offer a complimentary license of this software with installs, which can be installed on multiple workstations, although only one copy can be running at a time.
Optical Character Recognition (OCR) and indexing
Using the scanning software that ships with the paperless office software users can convert the text on typed paper documents into editable and searchable information using Optical Character Recognition (OCR). The information that is zonally OCR’ed can be imported into the metadata fields of FileHold.
Synergy Software Systems can further assist you to further automate your document based processes with our RPA tools
Check documents out / Check documents in
Users are able to check in and check out documents from the software from within Microsoft Office applications, or from the Desktop Application or from anywhere in the world using the web interface.
Document “tagging” or metadata capture
Capturing metadata or “tagging” (key data about the document) is the key to successful search and document organization. The software has easy to use controlled document tagging to ensure documents are classified.
Virtual folders
The Virtual Folders feature in the software allows limitless aggregation of documents throughout the library into personal “views“. A Project Manager might have a virtual folder containing project documentation, project legal contract documents, invoices, design documentation and emails even though each document is stored in different locations of the library.
Language packs
FileHold offers two language packs as standard features: French and Spanish. The user interface can be translated into any language by customers or partners. Some languages that have been translated by customers include Polish, Arabic and Chinese.
Work offline
If you are travelling or out of the office and are not connected to the FileHold document management server, then you can still work on your important documents offline. The software will recognize the document changes and can be synchronized with the Library once you are back online.
Document linking
Document to document linking builds parent or child relationships between documents and allows users to link and organize documents in logical groups. Linking provides the ability to create document shortcuts to documents frequently needed.
Matter-centric filing (Auto-tagging)
Metadata is automatically applied to a document when added to a specific destination folder. Matter Centric filing is a feature / term commonly used in the legal industry.
User roles and security
FileHold ships with a choice out of 11 different user security roles ranging from “read only” to “System Administration” to provide an appropriate level of user access permissions for workers at all levels. Users see only documents that administrators want them to see.
FIPS compliance
The US Federal Government requires compliance in order to meet security and interoperability standards. Filehold Licenses and passwords are encrypted using a FIPS-140 compliant algorithm to meet full compliance.
Watched folders
FileHold software can be configured so that certain folders on the local computer or network are “watched” by FileHold and then automatically moved into the library. The documents imported into FileHold by the watched folder functionality can be automatically tagged and destination folder pre-configured.
User audit logging and tracking
FileHold tracks and records every user activity to ensure a complete audit trail of document activity in the software. This document auditing capability ensures compliance and protects intellectual property.
Email
Email documents via attachments or links.
Document subscriptions
FileHold software allows users to subscribe to and to be notified of edits to documents or changes to folders they have subscribed to. When an existing document is updated or a document is added to a folder, the user receives email notification that the change has occurred, who has changed it, and receives a secure link to directly access the document.
Document naming standards
The software can be configured to automatically create document names to enforce adherence to document or record naming conventions.
Third-party integration
A well documented Web Services API allows direct integration with third party applications and flexible integration with existing back office systems. These web services are available to third parties to provide easy integration with other enterprise solutions and productivity applications.
URL support
Provides the ability to send a secured link to a document, rather than emailing the document and cluttering up the mail inbox. This link can then be clicked on to launch the Web Client or Desktop Client to work on the document in a few seconds.
Document control numbering
This feature provides for the automatic application of document control numbers to documents.
Reporting and document compliance
FileHold comes with many built in reports to give administrators information about the usage of documents and users.
Comments Off on Filehold – what do customers think? »
Microsoft recently reminded its customers of the Windows 10 21H2 end-of-service (EOS) on June 13, 2023. It will affect editions released in November 2021 such as: Windows 10 Home, version 21H2; Windows 10 Pro, version 21H2; Windows 10 Pro Education, version 21H2; and Windows 10 Pro for Workstations, version 21H2.
These editions will no longer receive security updates after June 13, 2023.” reminds. Customers who contact Microsoft Support after this date will be directed to update their device to the latest version of Windows 10 or upgrade to Windows 11 to remain supported..
Microsoft noted that the June 2023 security update of Windows 10 21H2 will be the last one it will receive. This EOS signals the stop of updates for version 21H2, especially the security and monthly quality updates. This will expose users to possible issues without necessary future security patches and bug fixes.
Encourages users to get Windows 10 22H2 (Windows 10 2022 Update) or upgrade to Windows 11 available since November 2022 for users running Windows 10 20H2 or later via Windows Update. Microsoft said it would also push the update to consumer and non-managed business devices running Windows 10 20H2.
“To help keep you protected and productive, Windows Update will automatically initiate a feature update for Windows 10 consumer devices and non-managed business devices that are at, or within several months of reaching end of servicing. This keeps your device supported and receiving monthly updates that are critical to security and ecosystem health.”
Comments Off on Windows 10 21H2 end-of-service (EOS) »
This week Microsoft demonstrated how its natural language AI capabilities in Microsoft 365 Copilot will extend across the company’s products and services.
Microsoft also owns a 49 percent share of OpenAI, a generative AI firm that announced the next iteration of its natural language AI chatbot.
Microsoft has already integrated ChatGPT into its: Azure cloud, the Bing search engine and the Edge browser, Microsoft 365 Copilot further promises to embed natural language querying capabilities into Office productivity tools in the Microsoft 365 apps like: Word, PowerPoint, Excel and Teams.
In a livestreamed presentation, CEO Satya Nadella positioned Copilot as a turning point in computer-user interactions. For years, AI has been working “behind the scenes” in search engines, auto-correct and recommendation lists. “You can say we’ve been using AI on autopilot,” Nadella said. The new generation of AI — specifically, natural language and generative AI — will let users run it “on co-pilot.” “We believe this next generation of AI will unlock a new wave of productivity growth,” he said.
Microsoft 365 Copilot similar to ChatGPT uses large language models (LLMs) with the Microsoft Graph API. It’s powered by the Copilot System, “a sophisticated processing and orchestration engine.”
“Copilot is more than OpenAI’s ChatGPT embedded into Microsoft 365. It’s a sophisticated processing and orchestration engine working behind the scenes to combine the power of LLMs, including GPT-4, with the Microsoft 365 apps and your business data in the Microsoft Graph — now accessible to everyone through natural language.” said Microsoft Corporate Vice President Jared Spataro
The demos showed how a user can prompt Microsoft 365 Copilot within in minutes or even seconds to:
Create a personalized slide deck in PowerPoint.
Highlight relevant data in an Excel sheet in response to a question.
Create a customized marketing document, as well as a corresponding PowerPoint presentation (with presenter notes).
Summarize a Teams meeting and identify calls to action.
Microsoft acknowledge that Microsoft 365 Copilot is not infallible as put it sometimes, it will “be usefully wrong”. A user might then choose to manually make edits, corrections or stylistic changes to the file that Copilot generated. , Sumit Chauhan, head of Microsoft’s Office product group, cautioned: “Now remember — you’re not going to send this off to a customer without a review.”
. Microsoft also debuted a brand-new feature on Thursday called Business Chat, which Spataro described as a “knowledge navigator” that users can access from Teams, Bing or Microsoft365.com. From his blog:
“Business Chat works across the LLM, the Microsoft 365 apps, and your data — your calendar, emails, chats, documents, meetings and contacts — to do things you’ve never been able to do before. You can give it natural language prompts like “Tell my team how we updated the product strategy,” and it will generate a status update based on the morning’s meetings, emails and chat threads. “
Jon Friedman, head of design and research at Microsoft said. “Our goal is to give people agency,” …. “You always have the option to use, discard, adjust or undo.”
Copilot has “mitigations against mistakes, biases and misuse, said Chief Microsoft Scientist Jamie Teevan,. “Every Copilot feature has passed privacy checks … and is monitored in real time,” “We’re going to make mistakes, but when we do, we’ll address them quickly.” she said.
Copilot has two-factor authentication enabled and will fall in line with the Microsoft 365 security, compliance and privacy policies that a company already has in place. It also has protections against data leakage, Spataro wrote:
“Copilot LLMs are not trained on your tenant data or your prompts. Within your tenant, our time-tested permissioning model ensures that data won’t leak across user groups. And on an individual level, Copilot presents only data you can access using the same technology that we’ve been using for years to secure customer data “
Recently, the UAE Cabinet issued a resolution that stipulates penalties for violating the UAE Federal Decree by Law No 32 of 2021 concerning Commercial Companies (“Commercial Companies Law”).
This applies to all UAE onshore or mainland companies, including Limited Liability Companies (LLCs). Penalties for Non-Compliance · Accounting Registers: A fine of AED 15,000 for failing to maintain accounting registers. · Trade Name Change: A monthly fine of AED 500 for failing to comply with the decision to change the trade name, with a maximum annual amount of AED 5,000. · Ownership: When the LLC carries out activities with strategic significance, it may face a fine of AED 100,000 for non-compliance with the required UAE national ownership percentage or minimum number of Emirati board members. · Memorandum of Association: A fine of AED 1,000 on the director or chairman of the board for not having updated the MOA as per the Commercial Companies Law. · Loss Disclosure: A fine of AED 50,000 will be given to the director, chairman of the board, or their representative when a general assembly is not called to disclose losses equal to 50% or more of its capital. · Data Access: A fine of AED 5,000 for refusing access to minutes of meetings, books, and other related transaction documents with respect to shareholders. · Board Meetings: A fine of AED 3,000 for failing to invite a director or board member to a board meeting. · Refusal of Information or Misleading Information: AED 5,000 fine on the director or chairman of the board of directors of the LLC, their representative, or the auditor upon refusal, concealment or providing misleading information to authority inspectors. · Penalties for Share Disposal: A fine of AED 20,000 may be imposed on any individual who disposes shares in violation of the Commercial Companies Law. · General Assembly: The director or chairman of the LLC board may be fined AED 5,000 for failing to call the annual general assembly meeting, with a fine of AED 10,000 for failing to call the meeting when requested by the Ministry.
The implementation i suggests that authorities are considering a stringent examination of companies’ adherence to the Commercial Companies Law. so thoroughly assess your corporation’s practices to minimise the likelihood of fines due to non-compliance.
Companies Are Required to Achieve 1% Emirationsation by 1 July 2023 to Avoid Penalties – The penalties for private companies that fail to meet Emiratisation targets under the amended scheme will now be imposed ‘semi-annually‘. – Firms that don’t achieve the 1 per cent Emiratisation target growth by 1 July 2023 will be fined Dh7,000 for each UAE national who has not been hired. – Violating companies will be charged from 1 July 2023. – Private firms are now required to increase the number of Emiratis in skilled jobs by 1 per cent every six months, while remaining on track to achieve the overall 2 percent target by the end of the year. – The penalties for non-compliance from 2022 will continue to be collected.
Comments Off on New Penalties for violating the UAE Federal Decree by Law No 32 of 2021 concerning Commercial Companies (“Commercial Companies Law”). »
Windows 10 use currently leads worldwide in terms of Windows desktop use.
Windows 7 with Extended Security Updates support fell out of support on Jan. 10. The same date as the end of supportfor Windows 8.1.
Both the Home and Pro Windows 10 OSes can’t be purchased from Microsoft after this month. Here’s Microsoft’s language to that effect from its Microsoft Store listings for the Home and Pro editions:
January 31, 2023 will be the last day this Windows 10 download is offered for sale. Windows 10 will remain supported with security updates that help protect your PC from viruses, spyware, and other malware until October 14, 2025.
Corporate Tax is a form of direct tax levied on the net income of corporations and other businesses. Corporate Tax is sometimes also referred to as “Corporate Income Tax” or “Business Profits Tax” in other jurisdictions.
Broadly, Corporate Tax applies to the following “Taxable Persons”: ● UAE companies and other juridical persons that are incorporated or effectively managed and controlled in the UAE; ● Natural persons (individuals) who conduct a Business or Business Activity in the UAE as specified in a Cabinet Decision to be issued in due course; and ● Non-resident juridical persons (foreign legal entities) that have a Permanent Establishment in the UAE (which is explained under Section 8). Juridical persons established in a UAE Free Zone are also within the scope of Corporate Tax as “Taxable Persons” and will need to comply with the requirements set out in the Corporate Tax Law. However, a Free Zone Person that meets the conditions to be considered a Qualifying Free Zone Person can benefit from a Corporate Tax rate of 0% on their Qualifying Income (the conditions are included in Section 14). Non-resident persons that do not have a Permanent Establishment in the UAE or that earn UAE sourced income that is not related to their Permanent Establishment may be subject to Withholding Tax (at the rate of 0%). Withholding tax is a form of Corporate Tax collected at source by the payer on behalf of the recipient of the income. Withholding taxes exist in many tax systems and typically apply to the cross-border payment of dividends, interest, royalties and other types of income.
During this month, FTA will also be running a series of online orientation sessions for EmaraTax users. There will be two sessions per day:
• 10 – 11 am providing you an opportunity to raise specific questions about using EmaraTax; • 3 – 4 pm focusing on specific aspects of EmaraTax, in particular password reset, returns submission and payments.
This You Tube recording has already been released and will soon also be available in Arabic.
Comments Off on Federal Decree-Law No. 47 of 2022 – – the legislative framework for corporate tax on business profits in the UAE »
Microsoft announced last week that in February. 2023 a future Microsoft Edge update will permanently disable the Internet Explorer 11 desktop web browser on some Windows 10 systems.
115 June 22was the day Internet Explorer reached its end of support, and the company told customers that the legacy web browser would get disabled via a Windows update.
“The out-of-support Internet Explorer 11 (IE11) desktop application is scheduled to be permanently disabled on certain versions of Windows 10 devices on February 14, 2023, through a Microsoft Edge update, not a Windows update as previously communicated,” Redmond said on Friday.
“All remaining devices that have not already been redirected from IE11 to Microsoft Edge are scheduled to be redirected with the Microsoft Edge update scheduled for February 14, 2023.”
Enterprise admins should to transition from IE11 to Microsoft Edge with IE mode and remove IE visual references from the Start Menu and the Windows taskbar with the Disable IE policy before February 14 to avoid “business disruption at scale when users lose access to IE11-dependent applications.”
Next year’s May non-security preview release and the June Windows monthly security update are designed to remove those in environments where admins do not act before IE11 gets permanently disabled.
Internet Explorer will redirect users to the new Chromium-based Microsoft Edge when launching the Internet Explorer 11 desktop applications. During the process, users’ data (including settings, passwords, and favorites) will be imported into Microsoft Edge to make the switch easier.
Since October 2020, IE11 has automatically launchrd Microsoft Edge when visiting incompatible sites. The list of incompatible sites (managed by Microsoft) contains 7,562 domains, a long list of high-profile online platforms and services, including Facebook, Instagram, Google Drive, Microsoft Teams, Twitter, and many others.
Internet Explorer around for some time yet
Although officially retired from multiple Windows 10 versions on the semi-annual channel (SAC) servicing channel and not shipping with Windows 11, IE11 will still be available on Windows 7 ESU, Windows 8.1, and versions of Windows 10 LTSC client, IoT, and Server. The web browser will continue to receive technical support and security updates on systems that run these Windows versions for the lifecycle of the Windows version.
You can switch to Microsoft Edge with IE mode which enables backward compatibility and will be supported through at least 2029. To enable IE mode in Microsoft Edge, go to edge://settings/defaultbrowser, toggle on the ‘Allow sites to be reloaded in Internet Explorer‘ option, and restart the browser.
Microsoft also discontinued IE support in Teams in November 2020 and also ended support across Microsoft 365 apps and services in August 2021. Other Microsoft services and apps have also ended support for Internet Explorer during the last few years.
Comments Off on Microsoft Edge update will permanently disable the Internet Explorer 11 desktop web browser »
Microsoft has invested billions of dollars into Dynamics 365 technology and security, which has produced many great new features.
When you move to the cloud, everyone is maintained on the same version, and you will always be in lockstep with Microsoft updates. You can be proactive and flexible in promoting those upgrades into your production environment to enhance your user experience.
Your integrations will become extensions-based, rather than relying on over-layering. This will give you several benefits because Extensions make rolling updates much easier
Easier to apply new releases, updates, and hotfixes without affecting customization
ISVs provide new releases quicker
Reduce the cost and effort involved with an upgrade
– all of this without impacting the core code of your environment
We understand why some businesses are hesitant to move to the cloud, but from our view, the benefits outweigh the risk. Microsoft has invested heavily in Azure. It is built on the latest hardware, has 24-7 monitoring year-round, and is consistently updated.
With this move, you will have peace of mind not having to worry about the hardware, energy, labour costs and work associated with backup and disaster recovery. While many businesses feel they have control over their on-site servers, this can lead to a false sense of security. Cyber threats are prevalent and getting faster and more sophisticated. Whether a business has on-site servers with a backup plan or not, many simply aren’t prepared for the worst-case scenario unless they have a large internal IT team or pay for a costly third-party IT service.
Microsoft recognizes this and has over 3,500 Azure cybersecurity professionals working to protect its cloud and has invested in it to the tune of over $1 billion annually. Simply put, upgrading takes that load off your shoulders and puts it onto a specially trained Microsoft team.
Azure also has thousands of connectors, and a Dataverse ( Common data model) to integrate non-Microsoft systems with your Dynamics 365 Finance and Operations environment.
One of the greatest benefits of upgrading is you can create low/no-code applications using the Power Platform. Power BI, PowerApps, Power Automate, and the Dataverse combine to form the Power Platform, a program that integrates seamlessly with Dynamics 365 solutions.
It lets you compile, design, and publish your data very easily into visually appealing reports and dashboards that can be used internally and externally and published to workspaces or organizational/public-facing apps.
Create apps for your team to have the information they need to work from wherever they are, on whatever device they use..
One of the best features of the Power Platform is that data changes synchronise across your system. For example, go into a system to update a client’s contact information, and that change will update in all your connected systems.
Power BI is a cloud-based analytics tool that gives you a single visual view of your most critical business data. You can create reports on the health of your business, dashboards displaying critical numbers and figures that help your staff work, and rich and interactive visualizations. It is easy to use and integrates seamlessly with Dynamics 365 technologies. There are out of the box embedded dashboards and Synergy has created many client specific dashboards.
Comments Off on Why Dynamics 365 Finance and Operations technology makes a difference. »
Most versions of Dynamics AX are off both Mainstream and Extended Support, which means they have no access to new features, and will not get fixes for either non-security or security issues, and cannot reach out to Microsoft for one-on-one support.
AX 2012 R3 is on extended support, but that support cycle will end on January 10, 2023. Extended support means you still get security fixes. However, you have no access to new features, and need to pay an annual fee plus a per-incident charge for non-security fixes and access to support.
From January 2023, all Dynamics AX customers will be on their own for Microsoft core code and security threats, or for issues about compatibility with database or operating system changes. It’s essential to have a proven partner to support local builds and customisations and to help explain and manage the upgrade process.
That’s why if you have not already moved to Dynamics 365 Finance and Operations then time has run out. Urgent action is advised. It takes time to review options, to understand the different licences, the many new features, the new technology platform, and to mobilise resources and to reimplement an enterprise company.
Comments Off on Time to move to Dynamics 365 Finance and Operations with Synergy Software Systems »