Posts

Workday, Microsoft forge partnership revolving around Adaptive Planning, Teams, Azure integration

Image
  Microsoft will adopt Workday Adaptive Planning, which will run on Azure. Separately, Workday reported better-than-expected first quarter results and outlined plans to integrate with Salesforce's Work.com. Microsoft and Workday have forged a broad partnership that combines Workday Adaptive Planning and Microsoft Azure as well as Workday integrations with Azure Active Directory and Microsoft Teams.  Key points on the partnership include: Workday customers will be able to run Workday Adaptive Planning on Microsoft Azure's cloud. Microsoft will adopt Workday Adaptive Planning for its global finance teams for planning, budgeting and forecasting. The partnership includes integrations between Workday applications and Microsoft Teams and Azure Active Directory. Tom Bogan, Workday vice chairman, said the company has had a close working relationship with Microsoft for years as Adaptive Planning has been landing more large enterprise customers. "Midsized is still are largest custom...

Europe Super Computers being fraudulently used to mine Cryptocurrency

Image
  Just a week ago reports were in that the Supercomputer named Archer from Europe was cyber-attacked by hackers to steal critical information about the research and development taken up by Universities and Government to find a vaccine for COVID 19.   Now the news is out that almost all the supercomputers operating in Germany, UK, Switzerland, and Spain were affected by a malware strain propelling mining of cryptocurrency.   According to the breaches took place at different time frames in this year and were infected by a specific malware strain designed to use the computing power of a supercomputer to mine Monero XMR Cryptocurrency.   Chris Domain, the Co-Founder of ‘Cado Security’ was the person who discovered and passed on the details to technology news resource which now states that many of the powerful machines were forced to shut down as they have already leaked a section of information related to research carried out to find medicine for Corona Virus   Evid...

Out-of-date, insecure open-source software is everywhere

Image
  Synopsys has found that 99% of commercial software programs include at least one open-source component. But 91% of those included out of date or abandoned open-source code. Open source rules. Everyone from Apple to Microsoft to  Zoom  uses it. Don't believe me? Synopsys, a software and silicon design company, which also covers intellectual property, reported in its  2020 Open Source Security and Risk Analysis (OSSRA) report  that nearly all (99%) of audited codebases contained at least one open-source component. That's good news. The bad news is 91% of the codebases containing components were either more than four years out of date or had seen no development activity in the last two years. Not good. Underlining how disturbing this is,  Synopsys Cybersecurity Research Center (CyRC)  found that open source made up  70% of all. That's a lot of aged and abandoned open-source software. Old software, unlike fine wine, does not age well.  The...

For 8 years, a hacker operated a massive IoT botnet just to download Anime videos

Image
  For almost eight years, a hacker has silently hijacked D-Link NVRs (network video recorders) and NAS (network-attached storage) devices into a botnet that had the sole purpose of connecting to online websites and download anime videos. Named Cereals and first spotted in 2012, the botnet reached its peak in 2015 when it amassed more than 10,000 bots. However, despite its size, the botnet operated without detection from most cyber-security firms. Currently, Cereals is slowly disappearing, as the vulnerable D-Link devices on which it fed all these years have started aging and are being decommissioned by their owners. Further, the botnet's decline was also accelerated when a ransomware strain named Cr1ptT0r wiped the Cereals malware from many D-Link systems in the winter of 2019. Now that both the botnet and the vulnerable devices behind it are dying out, cyber-security firm Forcepoint published a report on the botnet's past operations, without fear that its report could draw att...

Microsoft rebrands Visual Studio Online as 'Codespaces'; plans to lower pricing

Image
  Visual Studio Online is being rechristened as Visual Studio Codespaces. And pricing cuts are coming for all tiers as of mid-May. Microsoft is on a rebranding roll these days. The latest product to get the treatment is Visual Studio Online, which is now going to be known as  Visual Studio Codespaces. In a blog post on April 30, Microsoft officials said the reason for the rebranding is because they wanted to be clear that the product is much more than just "an editor in the browser." The new tagline: Codespaces "are simply the most productive place to code." The rebranding will begin showing up "in the coming weeks and months." Microsoft made the  public preview of Visual Studio Online in November 2019 . At that time, officials stressed that its online code editor and companion to Visual Studio and  Visual Studio Code  could be used for managed development for anything from long-term projects to short term tasks. (An aside:  Visual Studio Online originally...

Microsoft tries to stem its self-made collaboration-tool confusion

Image
  Microsoft is using this week's Ignite conference to try to help clarify its collaboration-tool strategy. Here's how SharePoint, Teams and Yammer figure in the mix. Choice is good. But too much choice, especially when it comes to collaboration tools, has been a problem for Microsoft. This isn't news to customers, partners or Microsoft execs themselves. But at the company's Ignite IT Pro conference in Orlando this week, Microsoft execs took a step to try to clarify the company's strategy and messaging in this area. Microsoft Office 365 Marketing chief Ron Markezich kicked off the conference this week with a slide entitled "Microsoft 365 Teamwork: Where to Start a Conversation." That slide attempts to do what  Microsoft initially attempted with a 60-plus-page whitepaper : Clarify which collaboration tools customers should use when. The slide, which features SharePoint -- and its files, sites and content storage at the center -- is broken down into the ...

Almost four million Quidd users have credentials exposed

Image
  The credentials of almost four million users of the collectible-trading website Quidd have been discovered on a deep-web hacking forum, according to Risk Based Security (RBS). A threat actor going by the name ‘ProTag’ originally posted the compromised data on March 12 this year, after which they were removed. They were reposted by a different user, however, on March 29. Another threat actor responded to this post stating they had decrypted nearly a million password hashes, says RBS. A RBS researcher confirmed the claim after affirming the creditability of the poster. RBS says the leaked data sets include email addresses, usernames, and bcrypt hashed passwords of 3,954,416 users. RBS also revealed that the data leak contains email addressed belonging to many well-known organisations, including Microsoft, Accenture, Virgin Media, Target and AIG. This development vastly increases the potential for attackers with access to this data to launch effective phishing campaigns. A cybersecu...

Email provider got hacked, data of 600,000 users now sold on the dark web

Image
  Italian email provider Email.it confirms security breach. The data of more than 600,000  Email.it  users is currently being sold on the dark web "Unfortunately, we must confirm that we have suffered a hacker attack," the Italian email service provider said in a statement FAILED EXTORTION ATTEMPT The Email.it hack came to light on Sunday, when the hackers went on Twitter to promote a website on the dark web where they were selling the company's data. The hackers -- going by the name of NN (No Name) Hacking Group -- claim the actual intrusion took place more than two years ago, in January 2018. We cite from their website: We breached Email.it Datacenter more than 2 years ago and we plant ourself like an APT. We took any possible sensitive data from their server and after we choosen to give them a chance to patch their holes asking for a little bounty. They refused to talk with us and continued to trick their users/customers. They didn't contacted their users/customers...

Docker servers targeted by new Kinsing malware campaign

Image
  For the past few months, a malware operation has been scanning the internet for Docker servers running API ports exposed on the internet without a password. Hackers are then breaking into unprotected hosts and installing a new crypto-mining malware strain named Kinsing. Attacks began last year and are still ongoing, according to cloud security firm Aqua Security, which  detailed the campaign in a blog post on Friday . These attacks are just the last in a long list of malware campaigns that have targeted Docker instances — systems that, when compromised, provide hacker groups with unfettered access to vast computational resources. According to Gal Singer, a security researcher at Aqua, once the hackers find a Docker instance with an exposed API port, they use the access provided by this port to spin up an Ubuntu container, where they download and install the Kinsing malware. The malware’s primary purpose is to mine cryptocurrency on the hacked Docker instance, but it also com...

COVID-19 slams tech outfits and startups in India

Image
  Most vulnerable are wage-earners working for rideshare companies or manufacturing plants who have no safety net. With COVID-19 cutting a devastating swath throughout the world, what everyone wants to know about India is how bad the situation really is. In a country with a large but mostly poor population of 1.3 billion and a per capita of around just $2,000, a virus such as this can spread like wildfire and cause devastation of no one has expected.  So far, India has seen  612 cases  and twelve deaths, but this is easily a questionable number considering the lack of testing kits, testers, and the country's massive population. China shut Wuhan down almost instantly and still suffered. India, like China, could also be deeply affected, especially if it has under-reported its figures. Realising this, the Indian government has done the smart thing by implementing a 21-day lockdown -- or de-facto "house arrest" -- along with an international and domestic flight...