Dell has launched a new lineup of monitors that puts Microsoft Teams at the forefront as the company looks to capitalise on businesses’ continued reliance on video conferencing.

With the Dell 24, 27, and 34 Video Conferencing Monitors, the company claims it has created the “world’s first video conferencing monitors certified for Microsoft Teams”.

​

This comes after Microsoft started certifying displays, webcams, and headsets last year in a bid to ensure a range of devices could be offered to both consumers and business that required no additional configuration to interact with Microsoft Teams and Skype for Business.

The monitors’ dedicated Microsoft Teams button will let users quickly launch the app to make and receive video calls, while the onboard 5MP infrared camera, noise-cancelling microphone and dual 5-watt integrated speakers promise to deliver high-quality video calls.

The Dell 24, 37, and 34 Video Conferencing Monitors, with the numbers reflecting the size of each monitor in inches, will launch in the US on 16 February, priced at $519.99, £719.99 and $1,149.99. UK availability details have not yet been announced.

Dell has also updated its business laptop lineup ahead of next week’s all-digital CES conference. The new Dell Latitude 9420 and 9520 add Intel’s 11th Gen vPro chips, optional 5G support, and a new automated webcam shutter to physically shut off the camera when not in use.

The “SafeShutter”, which Dell claims is an “industry-first”, can open and close automatically when the webcam is in use, but the laptops also feature dedicated “mute” keys to manually disable the microphone or camera as needed.

The 14-inch Dell Latitude 9420 will be available this month, while availability details for the 15.6-inch Latitude 9520 have not yet been announced.

Dell has also unveiled the Latitude 7520 with a 15-inch 4K UHD display and an optional full high-definition camera, and has updated its Latitude 5000 series and Precision 3560 PCs with new bioplastic designs that the company claims will help it to achieve its moonshot goal to have half of its products’ content be made of recycled materials by 2030.

​

Starting April 1, Microsoft plans to update its service level agreement (SLA) for Azure AD user authentication to 99.99%. Hitting this four-nine uptime will be an improvement over the current 99.9% SLA.

A multi-tenant identity management service, Azure AD processes tens of billions of authentications per day. To deliver on its ‘99.99% uptime’ promise, Microsoft aims to drop service credit for administrative features and include only vital user authentication and federation features under Azure AD’s new SLA. 

Any period of time when users can’t log in to the service, access applications on the Access Panel and reset passwords, accounts to service downtime. Furthermore, organisations can avail service credits if Azure AD’s uptime drops below the SLA. For instance, Microsoft offers a full-service credit when uptime falls below 95% per month.

Microsoft attributed the enhanced SLA to its ongoing program of resilience investment to improve reliability in all areas of its identity services. 

To increase the reliability of its Azure AD, Microsoft centralised architecture to scope and isolated the impact of failures to a minimum number of users; included a backup authentication service that transparently and automatically handles authentications for participating workloads; integrated Azure infrastructure authentication with regional authentication endpoints; and provided instant enforcement of policy changes with continuous access evaluation (CAE) protocol for critical Microsoft 365 services. 

“In conversations with our customers, we learned that the most critical promise of our service is ensuring that every user can sign in to the apps and services they need without interruption,’’ said Nadim Abdo, vice president of engineering at Microsoft.

“To deliver on this promise, we are updating the definition of Azure AD SLA availability to include only user authentication and federation (and removing administrative features). This focus on critical user authentication scenarios aligns our engineering investments with the vital functions that must stay healthy for customers’ businesses to run.”

The Emotet Trojan was used to target over 100,000 users per day over December, placing it at the top of a list of the most dangerous malware threats facing businesses today.

That’s according to a new global index from security research firm Check Point, which revealed the malware has impacted 7% of organisations around the world during the last month of 2020, closely followed by banking trojan Trickbot and information-stealing virus Formbook, both impacting 4% of global companies.

All three viruses made a return to the index for December, although the sudden uptake of Emotet should be a cause for concern among businesses, Check Point has warned. It was originally developed as a banking malware, sneaking onto a target’s computer to steal sensitive information, but it has since evolved into one of the most costly and destructive malware variants available, according to Maya Horowitz, director of threat intelligence and research products at Check Point.

“It’s imperative that organisations are aware of the threat Emotet poses and that they have robust security systems in place to prevent a significant breach of their data,” said Horowitz.

Emotet was at the top of the Global Threat Index in September and October, and is best known as being a tool for opening access to infected computers for further ransomware operations. It is also thought to have been used by the criminal group known as Ryuk, said to be responsible for a number of attacks on healthcare facilities throughout the autumn.

Researchers believe that a brief lull in activity during November was the moment the Emotet malware was updated with new payloads and improved detection capabilities. The Check Point team believes the malware is now far more dangerous as a result.

The same is true for Hiddad, an Android malware variant which repackages legitimate apps and then releases them to a third-party store. Its main function is to display ads, but it can also gain access to key security details built into the operating system.

The most exploited vulnerability of the month was the MVPower DVR Remote Code Execution flaw, which affected 42% of organisations around the world during the month.

Amazon Web Services can no longer use the abbreviation ‘AWS’ as a logo in China after a Beijing court ruled in favour of a local software company.  

ActionSoft Science & Technology Development (AWS in China) have the rights to the trademark, according to a court verdict published 30 December, The Wall Street Journal reports. 

The verdict, made in May last year but only released in December, has decreed that Amazon can no longer use the term ‘AWS’ or any similar logos in China. The tech giant has also been ordered to pay compensation of 76.5 million Yuan (£812.5 million) to ActionSoft. 

Amazon still had ‘AWS’ on its Chinese cloud services website as of Tuesday, according to the WSJ. However, a disclaimer at the bottom of the page notes that ‘AWS’ is used as an abbreviation and “is not displayed herein as a trademark”.

In a statement, Amazon said it invented cloud services and made them popular around the world under the AWS name long before “any other company”.

“Amazon was the first to use the AWS logo in China to sell cloud services by many years,” a spokesperson for the company said. “We strongly disagree with the court’s ruling and have appealed the case to the Supreme People’s Court.”

However, this is disputed by the court ruling which cites China’s official trademark database. It states that ActionSoft registered ‘AWS’ for cloud computing services in 2004, while Amazon only did so in China in 2012. 

Despite being the biggest cloud provider in the world, Amazon is only the fifth largest in China, far behind the likes of Alibaba and Tencent, with a market share of only 7.2%.

Trademark disputes between US and Chinese companies are quite common; Apple settled an iPad dispute in 2012 that allowed it to continue selling the tablet in China, while Facebook, Starbucks and even basketball legend Michael Jordan have battled with Chinese firms over naming rights.

The majority of IT leaders in the US and UK don’t believe their company’s infrastructure is fit for the future, according to a survey by IBM. 

The company’s ‘The State of IT Transformation’ study found that 60% of CIOs and CTOs in America and the UK felt their company’s modernisation programme wasn’t ready yet. 

The survey questioned 380 IT decision-makers, with almost a quarter (24%) admitting that their company had only just started its migration programmes. 

CIOs and CTOs around the world have been under significant pressure to maintain or modernise their IT systems amid the coronavirus outbreak. Cloud migrations have been at the forefront of most business plans throughout the pandemic and this has ramped up demand for skilled professionals and greater security controls. 

60% of respondents suggested they expected this increased demand for cloud infrastructure to be permanent, and nearly all (95%) said they were looking for public, hybrid or private cloud strategies. Most of those also said they were doing so ‘aggressively’, according to IBM. 

However, the study highlighted a stark difference in attitude between IT leaders in the US and the UK. Approximately 56% of American respondents said they were ‘aggressively’ moving their IT infrastructure to hybrid cloud models, while British respondents appeared to be less active in the market, with only 38% describing their approach as ‘aggressive’. 

There were also contrasting answers when it came to changes brought about by COVID-19. Around 56% of US CIOs and CTOs said their infrastructures were ‘completely prepared’ for the challenges of lockdowns and remote working, but only 23% of those based in the UK could say the same.

A shortage of skilled workers seems to be a large part of the issue, with 40% of the respondents revealing that they didn’t feel their teams had the right skillsets to meet their company’s IT ambitions. As a result, more than 75% said they will be relying more on trusted partners to provide managed infrastructure services.

Around 67% of CIOs and CTOs also cited a need for increased ‘infrastructure flexibility’ in the digital transformation plans. This was followed by the need for a competitive advantage (61%), meeting client demands (45%) and general cost savings (58%). 

Adobe has officially killed off Flash Player, the browser plugin that helped define the early internet.

The iconic plug-in was discontinued on 1 January, almost 25 years after it was first launched. Adobe will not be rolling out any further security updates and the company is set to block all Flash content from 12 January.

Despite the sunset date being scheduled for 2020, the majority of browsers had already jumped ship. As of 2018, less than 5% of worldwide websites used Flash, with most favouring Javascript for running multimedia features. Other, more secure alternatives also included HTML5, WebAssembly and WebGL.

The decision to sunset the plug-in was first announced in July 2017 due to dwindling demand, as browser makers opted to integrate the software’s capabilities within their own offerings.

Flash was also plagued by various security concerns. In 2015, for example, security firm Recorded Future discovered that Flash Player comprised eight out of 10 top vulnerabilities leveraged by exploit kits, with more than 100 exploit kits and vulnerabilities affecting the technology. There were also reports of Flash being exploited by North Korean hackers, who used it to access Microsoft Office documents, web pages, and spam emails.

Nevertheless, Flash Player managed to write itself into internet history. The software’s unprecedented capabilities shaped the way users interact with multimedia content offered by an array of industries, such as gaming, education, and video.

The final nail in the coffin for Flash came in October 2020, when Microsoft rolled out an optional update for Windows 10 that permanently removed Adobe Flash from the operating system and prevented it from being re-installed. The company released the removal tool prior to 1 January 2021 in order to help customers test and validate their environments for any impact that might occur by the removal of the software.

Starting later in 2021, all APIs, group policies and user interfaces that govern the behaviour of Adobe Flash Player are expected to be removed from the legacy Microsoft Edge and Internet Explorer 11. 

US web infrastructure firm Cloudflare has devised its own tool that lets web developers build and host websites.

Taking advantage of the company’s global infrastructure network, Cloudflare Pages is a hosting service that supports platforms built directly on the edge using the JAMstack architecture.

The firm has described this as “the next breakthrough in the web performance battle” due to the way it takes advantage of edge computing, with Cloudflare claiming performance will be almost twice as fast as other platforms.

Beyond this, Cloudflare also suggests its Pages service will be secure and scalable, saving developers time on integrated disparate systems, as well as benefitting from seamless GitHub integration to ease the development process.

“From day one Cloudflare was built to service developers. Over the last ten years, millions of developers have counted on us for our network performance and security services,” said Matthew Prince, Cloudflare CEO and co-founder. “With Cloudflare Pages, we’re now providing them with a scalable, fast, secure, cost-effective platform to build next-generation applications that they can deploy globally. 

“Internally, we believe it’s only a matter of time before an individual developer builds a billion-dollar company on their own. We hope Cloudflare Pages will provide the building blocks to help make our belief a reality.”

Its scalability can be attributed to the fact it’s built on Cloudflare’s global network of more than 200 cities, the company added, while running on the edge means Pages will be within 100 milliseconds of 99% of the internet-connected population.

The firm is also hoping to soon integrate Cloudflare Pages with its Cloudflare Workers serverless development platform, so users can integrate third-party APIs into their own platforms. This will allow frontend developers versed in JavaScript to build scalable backends to their applications in the same language.

The security of the platform, meanwhile, is being assured with free SSL as standard, alongside the firm’s Web Application Firewall (WAF). The company will also provide support for the latest web standards with HTTP/3, the QUIC transport layer network protocol, and image compression.

2020 will undoubtedly be remembered for the coronavirus pandemic, but it should also be marked as the year cloud services and the SaaS market kept the world ticking over.

The sudden shift to mass remote working presented a lot of software firms with an opportunity to show what they could do to a wider audience. For example, very few had heard of Zoom in January, but just two months later it was a household name. By the summer, so many of us were using it that the company had reported 355% growth year-on-year and many businesses were starting to worry about “video-call fatigue”. 

That wasn’t the only issue Zoom users worried about, initially, as the sudden attention on the video conferencing platform also unearthed some critical security flaws. A lack of end-to-end encryption and the ease with which unwanted guests could access meeting IDs created a bit of a PR nightmare.  

Despite these faults, the firm grew and grew and the simplest explanation for its rapid rise is that it was offered as a free service. Businesses need to stay connected with employees and Zoom allowed them to do that without adding an extra cost. So far, the company’s success is tied to the coronavirus pandemic, but it may live on long after COVID-19. 

“The pandemic forced many organisations to implement remote working overnight,” explains Rob Harrison, UK MD at SAP Concur. “With employees unable to travel to the office, activities such as expense claims and invoice processing became more difficult for those organisations still using paper-based processes. 

“Cloud-based tools helped organisations to continue their operations with minimal disruption, despite having no access to the office. Now that both organisations and employees have seen the lifeline that these tools can provide, we are likely to see continued investment in cloud-based systems.” 

SaaS (Software as a saviour) 

The switch to remote working was so swift and large that, by July, Gartner predicted the Software as a service (SaaS) market would grow from $104.7 billion in 2019 to $120.9 billion by 2021. The organisation’s vice president of research, Sid Nag, said the cloud had “delivered exactly what it was supposed to” by meeting customers’ demand for remote software.

The benefits of cloud computing and remote working software have been obvious to the tech industry for years, but the rest of the world needed a little more convincing. So when COVID-19 hit and we all went inside, collaboration services like G Suite or Office 365 suddenly saw a rapid increase of users. 

This was particularly true for communications platforms. In the first three months of 2020, as the pandemic spread around the west, Microsoft Teams usage surged to 44 million active daily users. This jumped up to 75 million a couple of months later partly because, as rival firm Slack pointed out, it was bundled into a subscription service, so users had it whether they specifically wanted it or not. 

Slack referred to Microsoft Teams as a “weak copycat product” in an anti-competition complaint it filed with the European Commission (EC). But the year ended with Slack being acquired by Salesforce after failing to match the pandemic growth of other collaboration services, while Microsoft Teams continued to grow. 

The acquisition of Slack by Salesforce capped off a brilliant year for the SaaS giant. The company made changes to its business during the first half of the year – “reallocating resources”, as CEO Marc Benioff phrased it – making certain roles redundant while investing in more digital ones. The firm saw 29% growth in Q2 and announced plans to hire 12,000 new workers over the next year. 

Given what Salesforce provides, this is as good an indication of the growth of the software market. And, despite news of a vaccine, now that world has seen what it can do, it may never go back.

Malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions has been discovered by security researchers.

The malware has the functionality to redirect user’s traffic to ads or phishing sites and to steal people’s personal data, such as birth dates, email addresses, and active devices, according to a report released by cybersecurity firm Avast.

Researchers have said that up to three million users could be affected by the malware.

The malware in question masquerades as legitimate extensions that help download videos from Instagram, Facebook, Vimeo, and other social platforms. The researchers have identified malicious code in the JavaScript-based extensions that allow the plugins to download further malware onto a user’s PC. 

The threat was first spotted last month, but researchers believe the extensions could have been active for years without anyone noticing.

Users have also reported that these extensions are manipulating their internet experience and redirecting them to other websites. Anytime a user clicks on a link, the extensions send information about the click to the attacker’s control server, which can optionally send a command to redirect the victim from the real link target to a new hijacked URL before later redirecting them to the actual website they wanted to visit.

“The actors also exfiltrate and collect the user’s birth dates, email addresses, and device information, including first sign-in time, last login time, name of the device, operating system, used browser and its version, even IP addresses (which could be used to find the approximate geographical location history of the user),” the report said.

Researchers added that the objective behind this is to monetize the traffic itself. For every redirection to a third-party domain, the cyber criminals would receive a payment. Nonetheless, the extension also has the capability to redirect users to ads or phishing sites.

“Our hypothesis is that either the extensions were deliberately created with the malware built-in, or the author waited for the extensions to become popular, and then pushed an update containing the malware. It could also be that the author sold the original extensions to someone else after creating them, and then the buyer introduced the malware afterwards,” said Jan Rubín, malware researcher at Avast.

At this moment, the infected extensions are still available for download. Avast has contacted the Microsoft and Google Chrome teams to report them. Both Microsoft and Google confirmed they are currently looking into the issue. Users are recommended to disable or uninstall the extensions for now until the problem is resolved.

Extensions mentioned in the report, many of which are still available to download, include: Direct Message for Instagram, DM for Instagram, Downloader for Instagram, App Phone for Instagram, Universal Video Downloader, Vimeo Video Downloader, Volume Controller, Spotify Music Downloader, and Video Downloader for YouTube.

Android phones in the future will support up to four new OS versions thanks to a collaboration between Google and Qualcomm.

All new mobile platforms with Qualcomm silicon will get four OS version updates and four years of security updates, according to a blog post by Google engineers.

In 2017, Google changed Android to be more modular and enabling easier updates. This move, known as Project Treble, split the OS framework and device-specific low-level software (called the vendor implementation).

While this was good for device manufacturers, it introduced “additional complexity” for chipmakers.

“For each SoC model, the SoC manufacturers now needed to create multiple combinations of vendor implementations to support OEMs who would use that chipset to launch new devices and deploy OS upgrades on previously launched devices,” said Google engineers.

They added that the result was that three years beyond the launch of a chipset, the SoC vendor would have to support up to six combinations of OS framework software and vendor implementations – something that resulted in enormous engineering costs.

The new solution now extends the “no-retroactivity principle” to the SoCs as well as to devices. “With this change, the SoC provider would be able to support Android with the same vendor implementations on their SoCs for device launches as well as upgrades.”

Over the last year, Google has worked with Qualcomm so that “all new Qualcomm mobile platforms that take advantage of the no-retroactivity principle for SoCs will support four Android OS versions and four years of security updates”.

This means that a device will ship with the initial Android OS and then will receive 3 additional software updates over the course of its life. Security updates will extend for an additional year, to cover the final software launch, bringing the total lifespan to four years.

Engineers added that all Qualcomm customers will be able to “take advantage of this stability to further lower both the costs of upgrades as well as launches and can now support their devices for longer periods of time”.

The move will see Google reusing the same OS framework across multiple Qualcomm chipsets. It added that this would “dramatically” lower the number of OS framework and vendor implementation combinations that Qualcomm has to support across their mobile platforms and results in lowered engineering, development, and deployment costs.

Google said that the change would be taking effect with all SoCs launching with Android 11 and later.