Safe Documents sandbox tool released for Microsoft 365

Keumars Afifi-Sabet

23 Jun, 2020

Microsoft has rolled out its Safe Documents feature for all Microsoft 365 customers in a bid to boost enterprise security by verifying untrusted files when they’re opened by a user.

When enabled by an administrator, the feature will automatically scan documents for any threats after opening the file in Protected View. This is an additional step which involves uploading and scanning by Microsoft Defender ATP.

Safe Documents essentially brings the power of the firm’s enterprise security platform Intelligent Security Graph to the desktop, with access to a live dataset of billions of data points, combing to form massive security-centric datasets.

The feature has been rolled out to rectify the limitations of Protected View, which is currently in play for all Microsoft 365 users. When opening documents received from external sources, the company suggested, people often exit the Protected View sandbox without considering whether the document is safe.

It was initially previewed in February 2020, when it was touted as a means to automate a crucial phase in the security of opening documents, which may often be overlooked if this decision is in the hands of the individual user.

“While a scan is in progress, Safe Documents will prevent users from exiting the Protected View container,” Microsoft’s security employee Kenny Shi said. “Users are still able to access and read the document during this process but will be unable to make any edits until the scan has completed.

“Once the file has been successfully scanned, users will be able to leave the Protected View container with confidence that their file is safe.”

If the file being scanned is identified as being malicious, users will be prevented from leaving Protected View entirely, with administrators able to decide whether users can bypass and ‘enable editing’ for malicious files using the Admin portal.

In addition to the added security features, IT admins will be given access to an Advanced Hunting feature to get additional analytical information on users.

Safe Documents is turned off by default, with security administrators able to activate the feature by navigating to the Security and Compliance centre within Microsoft 365. Organisations will need a Microsoft 365 E5 Security license in order to use the feature.

Employees are overlooked in digital transformation processes, study claims

Sabina Weston

22 Jun, 2020

Just 5% of IT managers consider employees as their top priority when making technology investments, which stifles productivity and causes staff to become overwhelmed.

That’s according to a new study from Lenovo, which surveyed 1,000 IT managers from the UK, Netherlands, France, and Germany. 

The research that employees are often overlooked in the process of digital transformation, with the majority (62%) of respondents reporting that their investment decisions are entirely business-centric.

This leads to new technology slowing down processes instead of improving them, according to a fifth of employees. Lenovo suggests that, in order to experience the full potential of the newly-implemented technology, businesses should ask people-centric questions during the adoption process.

The study also found that flexible working policies introduced during the coronavirus pandemic provided employees with a greater level of support, signalling the emergence of a more people-centric approach. In fact, 70% of respondents have observed more emphasis within their organisation on responsible business.

President of Lenovo’s Data Center Group for EMEA Giovanni Di Filippo said that, although “organisations place greater emphasis on the wellbeing of their employees, (…) the study shows that this is only the beginning”.

“If there is a change of heart and mind within the industry, taking a people-first approach to IT adoption, we will see positive change for both organisations and wider society. Happier employees, greater productivity and a faster pace of innovation – these are the benefits of placing people at the centre of IT decisions,” he said.

However, for the time being, many employees still feel overwhelmed by the complexity and pace of digital transformation– almost one in two (47%) IT managers reported that users struggle to embrace new software.

According to Di Filippo, “data and technology cannot be transformative without humans bringing it to life and giving it purpose”.

“We want businesses to think human by investing in ‘Smarter Technology for All’. As for vendors – it’s time to think beyond what they make and consider who they make it for. If people are put first, we know the benefits and desired company outcomes will be great.”

The challenges presented by the coronavirus pandemic and resulting lockdown can also be credited with accelerating transformation plans, with digital technology enabling the overwhelmed NHS to keep providing vital services to millions of patients.

Microsoft acquires data model provider ADRM

Keumars Afifi-Sabet

19 Jun, 2020

Microsoft has snapped up enterprise data modelling company ADRM Software with a view to combining the firm’s “information blueprints” with Azure storage and compute to create sophisticated data lakes.

ADRM, which providers large-scale sector-specific industrial data models to large enterprises, has built and refined its services over decades for business-critical analytics. These models allow organisations to more completely capture and define their business processes and build interoperability across IT infrastructures.

Microsoft is hoping to combine these comprehensive industrial models with the limitless storage and computing power of Azure to create intelligent data lakes where data from several lines of businesses can be combined more efficiently.

“Data and AI are the foundation of modern technological innovation, yet businesses today struggle to unlock the full value data has to offer as fragmented data estates hinder digital transformation,” said Microsoft’s CVP for Azure Global Industry Ravi Krishnaswamy said.

“Without a comprehensive and integrated view of their data, companies are at a competitive disadvantage, which hinders digital adoption and data-driven innovation.

Combining ADRM Software’s services with Azure, these capabilities can be offered to enterprises at scale, and allow customers to embark on digital projects quicker and with less risk, Microsoft explained.

Although data and AI are considered key to modern innovation, many businesses struggle to fully extract value from datasets due to fragmentation. Without a comprehensive and integrated view of their data, companies may find their digital transformation plans disrupted. This is the issue that Microsoft is hoping to resolve by feeding ADRM’s data models into its cloud computing platform.

“As we worked closely with the Azure global engineering team during the past year, we became very enthusiastic about the tremendous additional value and acceleration we believe can be unlocked for large enterprises across many industries,” said ADRM Software in an announcement.

The post added that the data lakes that can be created as a result of the acquisition aren’t “just vast reservoirs” but are also metadata-rich foundations that can supercharge data warehouses, analytics, AI and machine learning.

‘Severe’ Cisco WebEx flaw grants hackers access to meeting data

Keumars Afifi-Sabet

19 Jun, 2020

Cisco has patched a dangerous flaw that allows a hacker to access victims’ accounts from another machine in order to see all meetings, individuals invited, meeting passwords and past meeting records.

The shared memory information leakage vulnerability, found in the Cisco WebEx Meetings desktop app for Windows, allows an authenticated attacker to gain access to sensitive information either locally, or by running a malicious programme.

Assigned CVE-2020-3347, the exploitation is based on the unsafe usage of shared memory used by the video conferencing platform’s desktop client, according to Trustwave researchers, who discovered the flaw.

Once the WebEx Meetings application is installed, it adds an application to the tray that starts up automatically once the user logs on. If the user has configured the client to log on automatically too, which by default it does, several memory-mapping files open, with some unprotected from opening for reading and writing.

An attacker with permissions to view system memory could exploit this vulnerability by running an application that’s designed to read shared memory. The hacker can loop over sessions and try to open, read and save content for future examination.

Successful exploitation could give the hacker the power to retrieve sensitive information through this mechanism, including usernames, meeting information, as well as authentication tokens that can be used in future attacks.

“Due to the global pandemic of COVID-19, there’s been an explosion of video conferencing and messaging software usage to help people transition their work-life to a work from home environment,” said Trustwave security research manager Martin Rakhmanov.

“Vulnerabilities in this type of software now present an even greater risk to its users. Cisco WebEx is one of the most popular video conferencing solutions available, so I decided to turn my research skills to see how secure the platform is.

“In an attack scenario, any malicious local user or malicious process running on a computer where WebEx Client for Windows is installed can monitor the memory-mapped file for a login token. Once found the token, like any leaked credentials, can be transmitted somewhere so that it can be used to login to the WebEx account in question, download Recordings, view/edit Meetings, etc.”

Cisco has released a software update addressing this vulnerability, urging users to update their Cisco Webex Meetings software to version 40.6.0 and higher. The “relatively severe” flaw affected versions of the platform released earlier than this, with Rakhmanov testing the exploitation on version

AWS claims to have blocked the largest DDoS attack in history

Bobby Hellard

19 Jun, 2020

Amazon has revealed that its online cloud fended off what’s considered to be one the largest distributed denial of service (DDoS) attacks in history.

The incident happened in February, hitting 2.3 Tbits/sec at its peak, according to a report from AWS Shield, smashing the previous peak record of 1.7 Tbits/sec.

The peak of the attack was 44% larger than anything the services had seen before and led to three-days of “elevated threat” status. Amazon Web Services provides the infrastructure for many websites, but the report doesn’t identify which websites had been targeted by the attack.

“In Q1 2020, a known UDP reflection vector, CLDAP reflection, was observed with a previously unseen volume of 2.3 Tbps,” the report stated. “This is approximately 44% larger than any network volumetric event previously detected on AWS.”

“CLDAP reflection attacks of this magnitude caused 3 days of elevated threat during a single week in February 2020 before subsiding. Despite this observation, smaller network volumetric events are far more common. The 99th percentile event in Q1 2020 was 43 Gbps.”

The attack in February was called a “reflection attack”, which is thought to be an attempt to use a vulnerable third-party server to amplify the amount of data being sent to a victim’s IP address. It relies on exploiting the Connectionless Lightweight Directory Access Protocol (CLDAP), which is often exposed due to configuration issues – though AWS doesn’t suggest this to be the case for the February attack.

Downtime caused by DDoS accounts can have large financial implications. According to a 2019 report from Netscout, the size and scale of DDoS attacks in the UK could cost the country almost £1 billion per year. Part of the problem is that DDoS attacks are cheap and easy to deploy, according to Netscout.

In Q1 of 2020, there was a significant increase in both the quantity and Quality of DDoS attacks, according to Kaspersky. Not only have the number of attacks almost doubled, up by 80% against Q1 2019, these attacks have also become longer, the firm suggests.

Slack invested in a recruitment startup without ever meeting its CEO

Bobby Hellard

18 Jun, 2020

Slack has reportedly invested in a US-based recruitment startup without ever meeting its CEO.

Crosschq, a California-based startup founded in 2015, managed to raise $5.5 million in funding during the coronavirus pandemic, according to CNBC, all via video conferencing.

The company’s CEO, Mike Fitzsimmons, held a virtual meeting in early March, where he told the board of directors he was going to make an unexpected call to Slack.

At the time, with the global economy on the verge of shutting down due to the outbreak of COVID-19, Fitzsimmons wanted to make sure his business had enough money to see it through.

Slack had previously shown an interest in the firm, with its head of investment, Jason Spinell, having already made contact with the company at the start of the year, although Crosschq rejected financial-backing at that time. However, following the economic disruption caused by the coronavirus lockdown, Slack’s offer was ultimately reconsidered.

Fitzsimmons began an email correspondence with Spinell to see if they were still interested in Crosschq, despite having never met face-to-face and knowing they would be unable to for some time. Over the next two months, via four video conferencing calls, Slack joined a $5.5 million financing round, alongside other Crosschq investors.

“Having been in the start-up world and having been through this enough times, the mechanics of this process were all different,” Fitzsimmons said, according to CNBC. “You’re accustomed to doing investor presentations and PowerPoints in front of the room and it’s intimidating and you get peppered with questions. It’s a very different game when you’re attacking it this way.”

Speaking to CNBC, Spinell said that Slack has done a number of investments via Zoom, which he said required “extreme conviction in the product and team”.

“What has changed slightly for us due to the pandemic, is that we’re even hungrier for investments that fulfil obvious ‘future of work’ needs that are even more pronounced in our newly remote world,” Spinell said.

The lockdown has forced companies to adapt the way they operate. In May, Norwegian video conferencing startup Pexip was forced to debut on the stock market entirely virtually, using its own software. It’s now said to be valued at $942 million.

Oracle revenues miss analyst expectations

Bobby Hellard

17 Jun, 2020

Oracle shares fell by 5% on Tuesday after the cloud giant reported mixed fourth-quarter results. 

The company reported that revenues were down 6% from a year ago, missing analysts estimates, due to the impact of COVID-19

“Our overall business did remarkably well considering the pandemic, but our results would have been even better except for customers in the hardest-hit industries that we serve such as hospitality, retail, and transportation postponing some of their purchases,” said Oracle CEO, Safra Catz. 

“Still, for the third year in a row, we delivered double-digit constant currency earnings per share growth in FY20.”

Oracle had previously suggested in March that it was expecting flat revenue for the quarter. Its largest category, cloud services and license support delivered $6.85 billion in revenue, with revenue from cloud and on-premises licenses coming in at $1.96 billion.

Oracle also recently announced new cloud business from video communications firms Zoom and 8×8, which has helped to keep the firm in double figures for the quarter and also get one over its fiercest rival. 

“8×8 was very surprised by the extent of their performance gains by moving out of AWS, moving part of their system out of AWS and into OCI [Oracle cloud infrastructure],” Oracle co-founder Larry Ellison, said, according to CNBC

“They were so surprised by the performance gains they achieved and the cost savings they achieved that they decided to move all of their services out of AWS and into Oracle.”

While the tech industry has done better than most during the pandemic, it hasn’t managed to entirely avoid some financial impact from COVID-19. Last week, the top five firms – Amazon, Google, Apple, Microsoft and Facebook – lost a combined $260 billion in value.

Four of those firms had a combined value of over $5 trillion before the outbreak. Bellow them, the likes of IBM and Cisco all lost significant value with drops in share price. 

Google and Parallels bring native Windows apps to Chromebooks

Bobby Hellard

17 Jun, 2020

Google has partnered with Parallels to bring native Windows applications to Chromebook Enterprise.

Chrome OS already supports Windows desktop apps, but only when streamed through a Parallels Remote Application Server. With the new partnership, apps will now be natively run on Chromebook devices.

A variation of Parallels Desktop will be integrated into Chrome OS, which should improve performance and also enable offline access to applications such as Microsoft Office. The feature will be available later in the year for Chrome Enterprise customers.

The move will likely entice more businesses to consider Chromebooks as alternatives to Windows laptops, particularly as it will now mean they won’t need to invest in services to stream business apps to the devices. 

Remote work is a new reality, making efficiency, connectivity, speed, reliability, security and undisrupted access essential elements of a successful organisation,” Parallels wrote.

“At this key moment, our two organisations have formed a landmark partnership to equip enterprises with solutions that optimise their businesses and teams to meet the evolving challenges of modern work environments.”

For Google, the post-coronavirus economy will put greater strain on business expenditure, which could become challenging when workforces will need to be equipped for remote working.

The tech giant said it had seen 109% growth in commercial Chromebooks in Q1 2020 compared to the previous year, fueled in part by the cost benefits of deploying these low-cost laptops.  

“The Chrome OS team is working on new ways to make sure every company can benefit from the velocity created by supporting a cloud workforce,” John Solomon, VP of Chrome OS, wrote in a blog post.

“For example, our new partnership with Parallels brings legacy application support – which includes Microsoft Office desktop apps – to Chromebooks, with more to come on this over the coming months.”

Privacy advocates urge Zoom to encrypt free video calls

Sabina Weston

17 Jun, 2020

Mozilla and the Electronic Freedom Foundation (EFF) have published an open letter to Zoom that urges it to make end-to-end encryption available for all users.

The letter, addressed to Zoom CEO Eric Yuan, criticises the company’s decision to offer end-to-end encryption only to paying users. 

It has been signed by 19,000 internet users and backed by tech organisations and advocacy groups including Fight for the Future and MPower Change.

Earlier this month, the video conferencing platform announced plans to roll out stronger encryption for businesses and institutions that pay for its service. 

Zoom’s security consultant Alex Stamos suggested that stronger security measures may also be rolled out for non-profit organisations or users in need of an extra layer of protection, such as political dissidents, but added that “the current plan is paid customers plus enterprise accounts where the company knows who they are”. 

The decision has garnered criticism from many tech companies and organisations, including Mozilla and the EFF. In the open letter to Yuan, they argued that “best-in-class security should not be something that only the wealthy or businesses can afford”.

“Around the world, end-to-end encryption is already an important tool for journalists and activists that are living under repressive regimes and fighting censorship,” wrote Mozilla’s Advocacy and Engagement VP Ashley Boyd and EFF’s associate director of Research Gennie Gebhart.

Boyd and Gebhert also criticised Zoom’s recent decision to suspend three user accounts at the request of the Chinese government for hosting meetings to commemorate the 21st anniversary of the Tiananmen Square massacre.

“Tools like Zoom can be critical to help protesters organize and communicate their message widely,” they wrote. “Activists should be able to plan and conduct protest-related activities without fear that these meetings, and the information they include, may be subject to interception. 

“Unfortunately, recent actions from law enforcement – and a long history of discriminatory policing – have legitimized such fears, making end-to-end encryption all the more critical.”

The letter acknowledged Stamos’s argument that full encryption for every meeting would leave Zoom’s trust and safety team unable to tackle child sexual abuse material (CSAM), but added that “restricting end-to-end encryption to paid accounts is not the right solution”.

Organisations such as Fight for the Future, MPower Change, Daily Kos, Kairos, Media Alliance and Jewish Voice for Peace have also launched a petition targeted at the video conferencing platform, arguing that “people who can’t afford Zoom’s services are left vulnerable to cyber-criminals, stalkers, and hackers”. It has been co-signed by 42,000 internet users.

Lau Barrios, campaign manager at MPower Change, said that “end-to-end encryption has always been a racial justice issue”.

“It most directly protects Black, brown, Muslim and poor communities from the disproportionate risk of surveillance, policing, and criminalization,” she said. 

“Zoom has already misled the public once on whether or not they use end-to-end encryption. Openly defending their refusal to provide it to those not wealthy enough to pay to protect themselves and their communities is unconscionable. And it’s a direct refusal to protect activists and organizers from surveillance in this moment.”

Dropbox launches a password manager and secure file vault

Bobby Hellard

17 Jun, 2020

Dropbox has unveiled several new features to help users stay organised while they work from home.

The updates include a password manager service called ‘Dropbox Passwords‘ and filing system called ‘Dropbox Vault’ that follows on from the companies acquisition of Valt last year.

As life has become more internet-based, with many people now working remotely, Dropbox suggests that employees’ life/work balance has become strained and “chaotic”. As such, the company is looking to provide services that help organise workflows as well as life at home.

In addition to Dropbox Passwords and Dropbox Vault, the company is also launching an automatic backup service, ‘Computer backup’, which saves Mac and PC folders to Dropbox for secure access on the go. This can be retrieved even when the hardware fails, according to Dropbox.

“The lines between work and home are blurred, and we’re all being pulled in a million directions right now,” said Drew Houston, CEO of Dropbox. “It can feel chaotic and overwhelming.” 

“We’re working quickly to provide new features to help people stay better organised in all aspects of their lives so they can focus on what really matters – like health and family.”

The company also has some new services for businesses, with HelloSign eSignature becoming a native feature within Dropbox following the company’s acquisition of HelloSign last year. With this feature, users will be able to send, receive and sign documents without leaving Dropbox. 

The company is also launching a suite of integrations, which includes tools for Zoom, Slack and Google. The Dropbox App Center is available to a subset of users in beta with over 40 integrated partners and more coming soon.

“According to IDC survey data, 31% of workers are concerned about lost productivity due to shifting to work from home,” said IDC analyst, Holly Muscolino.

“However, a recent poll shows that 70% of organisations would be investing in content sharing and collaboration over the next 12 months to support at-home workers. With today’s announcement, Dropbox has created a single place to help users get better organised at work and at home, to help them stay productive.”