Zoom will reportedly add ‘Slack-like’ chat functionality


Bobby Hellard

16 Sep, 2020

Zoom is reportedly working on a major update to the messaging functionality of its video conferencing platform to build a more ‘Slack-like’ service. 

The company has hired a “significant number of engineers” to move its basic text interface to a more advanced setup, according to The Information

Zoom is actually a partner of Slack and both services offer similar products, though each specialises in different segments. Slack is mostly a chat-based platform – though it does have low key video comm services, while Zoom is a rapidly growing video conferencing platform.

A lot of companies, particularly in the startup space, use both in tandem. 

However, as standalone services, both are rivals of Microsoft Teams which has both video conferencing and instant messaging capabilities. Slack has been heavily critical of Teams, calling it a “weak copycat product” when filling an antitrust complaint. Zoom, however, hasn’t voiced any concerns over Microsoft’s rival product – despite Microsoft reportedly labelling the firms as a “threat”. 

All three services have seen gains during the pandemic, particularly Zoom, with its revenue shooting up 355% year on year. Teams reportedly surpassed 44 million daily active users at the very start of lockdown, but Slack CEO Stewart Butterfield argued that the figure was inflated by the fact Teams was bundled into Office 365, suggesting it was anti-competitive.

Slack’s own revenue has seen a sharp decline with growth falling 32% compared to the 49% recorded in Q1. 

The general consensus seems to be that Slack is falling behind Teams, and unless its antitrust complaint is successful, its growth could be hampered. The company recently launched a service for adding external organisation to channels, called ‘Slack Connect‘, which is seen as a big play to kill off email. 

The current chat capabilities on Zoom already resembles Teams, though it doesn’t have ‘channels’ and seems more like a rudimentary instant messaging service. It does, however, sync with Google services. 

Nokia simplifies Microsoft Azure integration


Sabina Weston

16 Sep, 2020

Nokia has announced a slew of new features for its Nokia Digital Automation Cloud (DAC) private wireless networking platform, including simplified integration with Microsoft Azure IoT modules.

Nokia’s new approach to software installation, described as  ‘click and deploy’, means that Microsoft Azure IoT Edge Modules such as Modbus can now be deployed on the Nokia DAC edge server.

The announcement comes almost a year after Nokia and Microsoft made their first joint solutions public. In November 2019, the two companies announced a strategic collaboration aiming to accelerate transformation and innovation with the help of cloud, artificial intelligence (AI), and the Internet of Things (IoT).

BT was the first global telecommunications service provider to provide its enterprise customers with a managed service integrating Microsoft Azure cloud and Nokia SD-WAN solutions.

According to Stephan Litjens, general manager of Nokia Digital Automation: “Microsoft Azure IoT services enable customers to address interconnected scenarios across multiple industries that include manufacturing, logistics, utilities, smart cities and transportation”.

The Finnish tech giant also announced that it would be extending platform capabilities complementing private wireless connectivity as well as providing new, integrated voice and video in order to facilitate campus-wide communications.

“With the new functionality and added value features introduced today, we further ease and accelerate customers’ transformation path towards Industry 4.0”, said Litjens.

Nokia’s DAC team comms and DAC VoIP will now offer voice and video solutions to provide customers with secure communication, regardless of how many people they are speaking to. The new on-premise applications are delivered over the platform’s scalable edge cloud and are expected to be especially useful for larger, asset-intensive locations such as ports, mines, and factories.

Nokia DAC Applications head Tuuli Ahava said that the new features will “address the questions facing organizations as they begin to implement Industry 4.0 use cases”.

“Data security, backward and forward compatibility, legacy system integration, ecosystem access, and ease-of-use are just some of the concerns that the DAC platform resolves in one optimized solution,” she added.

The announcement follows the launch of Nokia’s 5G SA private wireless network, which is used by Lufthansa Technik, Toyota Production Engineering, and Sandvik.

MFA bypass allows hackers to infiltrate Microsoft 365


Keumars Afifi-Sabet

15 Sep, 2020

Critical vulnerabilities in multi-factor authentication (MFA) protocols based on the WS-Trust security standard could allow cyber criminals to access various cloud applications including core Microsoft services.

Microsoft 365 is the most notable cloud service that can be infiltrated in such a way due to the way the platform’s session login is designed, according to Proofpoint, with hackers able to gain full access to a target’s account. Information including emails, files, contacts, among other data points would be vulnerable to such an attack.

This is in addition to the MFA bypass granting access to a host of other cloud services, including production and development environments such as Microsoft Azure as well as Visual Studio.

The flaw lies in the implementation of the WS-Trust specification, an OASIS standard that is used for renewing and validating security tokens and establishing trusted connections. Proofpoint researchers claim that WS-Trust is inherently insecure and that Microsoft’s identity providers implemented the standard with a number of bugs.

These vulnerabilities can be exploited to allow an attacker, for example, to spoof their IP address to bypass MFA through a simple request header manipulation. Changing the user-agent header, in another example, may also cause the system to misidentify the protocol, and believe it to be using ‘modern authentication’. 

“Most likely, these vulnerabilities have existed for years. We have tested several Identity Provider (IDP) solutions, identified those that were susceptible and resolved the security issues,” Proofpoint said.

“Vulnerabilities require research, but once discovered, they can be exploited in an automated fashion. They are hard to detect and may not even appear on event logs, leaving no trace or hint of their activity. Since MFA as a preventative measure can be bypassed, it becomes necessary to layer additional security measures in the form of account compromise detection and remediation.”

With MFA becoming an essential and more widely-adopted additional layer of security to reinforce username-and-password logins, cyber criminals are certainly more attracted to identifying and implementing bypasses.

This is particularly pertinent during the coronavirus crisis, where the mass shift to remote and home working meant critical apps and services were being accessed from insecure locations, with protocols such as MFA in place to bolster cyber security.

Microsoft retrieves underwater data centre after two years


Bobby Hellard

15 Sep, 2020

Microsoft has retrieved a data centre from the ocean floor, just off the coast of Orkney, Scotland, and early signs show that the project was a successful moonshot. 

Of the 864 servers onboard, Microsoft reports that only eight faulted, which is an eighth of the failure rate of a typical land-based data centre.

A team from Microsoft sank the cylindrical storage container, called “project Natick“, in 2018. It was loaded with 12 server racks and ocean water was used to keep the servers cool. The container was also sealed and filled with nitrogen, which is not as corrosive to computer equipment as oxygen.

The Natick research team are now conducting tests on the data centre to see what they can learn from the experiment and how it could help to solve environmental problems raised by conventional data centres.  

“Computers are not designed to work in the environment we humans operate,” said Spencer Fowers, principal researcher for project Natick. “Things like oxygen, moisture in the air, that is really bad for computers, it causes corrosion on the components. 

“You also get temperature fluctuations. The heat from night to day, summer to winter, can cause those components to fail so we had this theory: if we’re in a really stable environment, we’re in this cylinder, we’ve taken all the oxygen out, controlled the humidity, no one’s walking around, bumping into things, causing additional failures, we’d see better reliability.” 

The concept of an underwater data centre first came up at Microsoft’s 2014 ‘ThinkWeek’ as a way to provide fast cloud services to coastal populations. With more than half of the world’s population living within 120 miles of a coast, localised hubs would give data a shorter distance to travel, leading to smoother, faster services. 

Once it was hauled out of the sea, the container was cleaned and air-samples were retrieved. The data centre was then loaded onto a truck and driven to a facility in the North of Scotland, where the server racks were slid out so Fowers and his team could perform health checks and collect components to send to Microsoft for analysis.

Among the components boxed up and sent were the failed servers and related cables. The researchers think this hardware will help them to understand why the servers in the underwater data centre are seemingly more reliable than those on land.

Xero urges UK gov to introduce digital tax relief for SMBs


Sabina Weston

15 Sep, 2020

Xero has urged the UK government to step and encourage SMBs to use digital tools to their fullest potential in a bid to help the economy recover from the impact of the COVID-19 pandemic.

According to a new report from the cloud-based accounting software provider, smaller businesses have been more dramatically impacted by the current financial crisis than larger enterprises, with job losses estimated to be almost twice as big. 

By analysing 300,000 customers’ anonymised and aggregated data, Xero found that resilience and recovery of SMBs is significantly influenced by their digital skills.

SMBs that used business management apps before the financial crisis had 12% smaller revenue declines as well as 12% less job losses. Moreover, businesses with at least five apps connected to their account suffered from losses a third smaller than other SMBs during the crisis, and had 40% fewer job losses.

The findings from the report have resulted in Xero calling on the UK government to encourage small businesses to use digital tools to their fullest advantage. The company’s policy recommendations include a digital tools tax relief, improved regional internet access, as well as an offset of technology expenses against tax in order to aid small businesses in digitising and building resilience for future economic challenges.

Managing director of Xero, Gary Turner, described the economic recovery as “at a crossroads now as furlough and eating out schemes come to an end”. 

“As unpredictable as this year has been, one certainty is that digitally-enabled businesses are likely to recover faster than those who aren’t,” he said.

“We’re calling on the Government to support business recovery with funding for tech adoption and the introduction of a tax offset for expenses against technology implementation. Driving digitisation will help countless small businesses to get back on their feet.”

The message to the government comes as Xero announces changes to its Starter Plan, aiming to facilitate cash flow management and growth for SMBs during the pandemic.

Xero users can now send up to 20 invoices a month and make as many bank reconciliations as they need. The company has also announced the launch of a new Xero Projects’ profitability dashboard, aiming to simplify the overview and management of projects and their profitability by showing total profit margin, all work invoiced, and costs. 

Xero’s chief product officer Anna Curzon said that the company wants “to help these new businesses that are starting off now to be set up for a digital environment right from the start by lowering the barriers of entry”.

“We also know that with COVID-19, being paid on time and controlling cash flow has become more important than ever,” she added. “We want to do all we can to ensure businesses stay strong by providing deeper cash flow insights and creating seamless experiences to help them get paid faster.”

Zoom finally rolls out two-factor authentication


Sabina Weston

11 Sep, 2020

Zoom has added two-factor authentication (2FA) to its video-conferencing platform in an effort to help organisations prevent identity theft and security breaches, as well as reduce security costs for businesses and schools.

Users who are part of an organisation can now use the additional security layer by choosing between one-time password (TOTP) apps, such as Google Authenticator and Microsoft Authenticator, or having Zoom send a code via SMS or phone call.

Admins can enable the tool by signing into the Zoom Dashboard, selecting Advanced, then Security, and enabling the “Sign in with Two-Factor Authentication” option.

They will then be able to enable 2FA for all users in their account, users with specific roles, or users belonging to specific groups, choosing the groups, and then clicking OK.

In a blog post announcing the update, the company outlined the benefits of the new tool, such as improved security, simplified credential management, being able to meet compliance obligations for sensitive data and customer information, as well as reduced costs of security.

“For small businesses and schools, it can be expensive to pay for an SSO service,” the company said. “Zoom’s 2FA provides a free and effective way to validate users and protect against security breaches.”

The announcement comes days after it was revealed that the company’s revenues were up 355% in the second quarter of 2020, making it one of the biggest beneficiaries of the global lockdown. The firm capitalised on the sudden need to communicate remotely with work, friends and family and averaged 148.4 million monthly active users in the second quarter, an increase of 4,700% year on year, according to CNBC.

However, its sudden success had also been plagued with security issues, such as the infamous Zoom-bombing trend, which recently affected the trial against the teenager accused of July’s mass Twitter hack.

The issue forced the company to improve encryption standards and password security, leading to the hire of former Salesforce and Microsoft security executive Jason Lee.

Red Hat and IBM launch OpenShift software marketplace


Keumars Afifi-Sabet

10 Sep, 2020

Red Hat and its parent company IBM have together launched a one-stop-shop marketplace for customers seeking to run OpenShift enterprise applications on their hybrid cloud infrastructures.

Red Hat Marketplace offers a broad catalogue of more than 50 open-source software, across a dozen categories, available for enterprises to purchase and deploy, including apps in the areas of AI and machine learning, security, and big data, among others.

The marketplace aims to deliver an ecosystem of software from independent vendors so enterprise customers can easily deploy new tools on their hybrid cloud infrastructures, based on Red Hat OpenShift’s container platform. Some of the vendors whose tools are available include CognitiveScale, MongoDB and StorageOS.

“We believe that removing the operational barriers to deploy and manage new tools and technologies can help organizations become more agile in hybrid multi-cloud environments,” said Red Hat’s senior director for technology partnerships, Lars Herrmann.

“The software available on Red Hat Marketplace is tested, certified and supported on Red Hat OpenShift to enable built-in management logic and streamline implementation processes. This helps customers run faster with automated deployments while enjoying the improved scalability, security, and orchestration capabilities of Kubernetes-native infrastructure.”

The companies have also launched a private form of the marketplace, dubbed Red Hat Marketplace Select, available at additional cost for enterprises that want more control and governance over purchases.

The private marketplace allows clients to provide their teams with easy access to curated, pre-approved software, and also tracks usage and spending by departments of all software deployed across hybrid cloud environments.

The marketplace has been devised especially for companies building cloud-native infrastructure and supports the wider drive to cut down on vendor lock-in. Programmes can essentially be deployed across the open hybrid cloud and operate in any environment.

Deployment is automated, too, and purchases will be readily accessible on Red Hat OpenShift consoles, with customers also being offered 24/7 support.

Enterprise customers can access the collection of open-source tools in a metered, pay-per-hour, fashion, with the platform offering a granular understanding of usage and spending patterns. Red Hat claims this payment model allows customers to experiment with an array of tools in early-stage development projects, given there’s no need to commit to any lengthy subscriptions.

Data centre provider Equinix hit by ransomware


Keumars Afifi-Sabet

10 Sep, 2020

US data centre provider Equinix has been rocked by a major security incident, with some of its internal company systems compromised by ransomware.

The company revealed yesterday that its security teams took immediate action against the threat, notified law enforcement agencies, and are continuing to investigate the nature and scale of the infection.

The severity of the attack at this stage is unclear, with the company pledging to release further details soon. Thankfully for its customers, however, Equinix data centres and services, including its managed services, remained fully operational during the period of the attack, according to a statement released by the company.

“Equinix is currently investigating a security incident we detected that involves ransomware [on] some of our internal systems,” the company said.

“Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix.”

Equinix provides an array of data centre and networking services for businesses, including data centre design, as well as colocation, which is the practice of housing privately-owned equipment in third-party data centres.

With internal systems kept separate from those that run many of the external services and from customers’ equipment housed in its data centres, the risk of the attack spilling over is said to be minimal, according to Equinix. Services are largely operating as normal at the time of writing.

There have been a number of high profile ransomware attacks in recent months, with a swathe of IT services companies similarly on the receiving end, in addition to high profile organisations like Canon and Honda.

Industry giant Cognizant, for example, recently experienced service disruptions for some of its clients. The IT services firm was targeted with Maze ransomware in April, with the incident costing the company around $70 million.

The attack on Equinix has similar hallmarks to one on CyrusOne in December 2019. In that instance, the company did sustain a degree of service disruption, with the attack affecting six customers served from one data centre based in New York.

Hackers abusing legitimate cloud monitoring tool to infiltrate Linux environments


Keumars Afifi-Sabet

9 Sep, 2020

Cyber criminals are abusing a trusted Docker and Kubernetes cloud monitoring tool to map the networks of their victims and execute system commands.

Having previously been known to use malicious Docker images to infect victims’ servers, TeamTNT has now been observed using Weave Scope as an effective backdoor into the cloud networking infrastructure of its targets, according to analysis by Intezer.

Weave Scope is a trusted tool that gives users full access to their cloud environment, and is integrated with Docker, Kubernetes, the Distributed Cloud Operating System (DC/OS) and the AWS Elastic Compute Cloud (ECS). Hackers, however, have illicitly deployed this tool to map out the environments of prospective victims, and execute system commands without the need to deploy malicious code. 

“To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure,” said Intezer security researcher Nicole Fishbein. “When abused, Weave Scope gives the attacker full visibility and control over all assets in the victim’s cloud environment, essentially functioning as a backdoor.”

“By installing a legitimate tool such as Weave Scope the attackers reap all the benefits as if they had installed a backdoor on the server, with significantly less effort and without needing to use malware,” she adds. 

The open-source tool, developed by Weave Works, providers monitoring and visualisation over Docker and Kubernetes servers, with users gaining full control over the infrastructure through a dashboard accessible through a web browser.

When successfully abused, attackers are granted access to all information about the server environment, in addition to the ability to install applications, establish connections between cloud workloads, and start or stop or open interactive shells in containers. 

This degree of functionality is equivalent to an attacker having installed a backdoor on the server, with significantly less effort and without needing to use malware, Fishbein added.

To install Weave Scope, a hacker would need to use an exposed Docker API port and create a new privileged container with a clean Ubuntu image. This container would then be configured to mount the file system of the container to the file system of the victim server, and therefore grant attackers access to all files on the server. 

The initial command, as observed by Intezer, was to download and execute several cryptominers. The attacker then attempted to gain root access to the server by setting up a local privileged user on the host server, using this to connect back via Secure Shell (SSH). The attackers subsequently downloaded and installed Weave Scope, which, once launched, connected the cyber criminals with the Weave Scope dashboard via HTTP on port 4040.

From this dashboard, the hackers can see a visual map of the Docker runtime cloud environment and give shell commands without deploying any backdoor. This is the first time that an attacker, to Intezer’s knowledge, has downloaded legitimate software to be used as an admin tool on the Linux operating system.

The cyber security firm has recommended that organisations close any exposed Docker API ports to prevent the initial infiltration, given this attack takes advantage of a common misconfiguration of the Docker API. All Docker API ports should, therefore, be either closed or contain restricted access policies in the firewall.

Organisations should also block incoming connections to port 4040 given Weave Scope uses this as a default to make the dashboard accessible. This port should also be closed or restricted by the firewall.

Blackberry to open new GDPR and EECC-compliant data centres


Sabina Weston

9 Sep, 2020

Blackberry will open additional data centres in France and the Netherlands as well as expanding its existing data centre in the UK to help customers comply with EU data protection regulations and the upcoming Public Warning directives.

The new Directive on the European Electronic Communications Code (EECC), which was adopted in 2018, is to ensure that all EU member states establish a public warning system to protect citizens in cases such as natural disasters or terrorist attacks. 

The data centres will be used to store the personal data of citizens, ensuring that it is compliant with the EU’s General Data Protection Regulation (GDPR).

Using its emergency mass notification system AtHoc, Blackberry aims to provide organisations with a secure way of communicating emergencies to their workforce. Staff will be able to be notified with the help of mobile apps, desktops, sirens, and building systems such as fire panels. 

Adam Enterkin, senior VP of EMEA at BlackBerry, said it’s vital for Blackberry to “adhere to new and existing EU data residency requirements per the General Data Protection Regulation (GDPR)”.

“With BlackBerry AtHoc’s new EU based data centres we are able to scale our infrastructure to better support our customers’ needs over a secure and reliable network,” he said, adding that “empowering [Blackberry’s] customers with the most secure communication platform for increasing resiliency and communicating swiftly is critical in a crisis”.

In July, the company announced that it was partnering with Vodafone to offer the BlackBerry AtHoc platform as a crisis communications solution for UK emergency services.

The mobile app is already used by military, government, and commercial organisations in order to provide their workforce with physical security, force protection, as well as personnel accountability. 

Greater Manchester Police and Greater Manchester Fire and Rescue Service were the first two clients to benefit from the partnership, with the Greater Manchester Police inspector Darren Spurgeon saying that the system was chosen to allow the police “to share and receive real time information across our business and police operations”.

“BlackBerry AtHoc will help us rapidly respond to internal operational issues and ensure accurate information is shared across multiple police departments and personnel using both analog and digital channels,” he added.