IT Managed Services Provider Resource Recommendation Updated on 16 July 2020 – TechSNAP, Everything, PowerToys, OpenSSH, Microsoft Teams Together Mode, and more

The headline on 16 July 2020

Term of the Day: Procure to pay

Procure to pay is the process of requisitioning, purchasing, receiving, paying for and accounting for goods and services. It gets its name from the ordered sequence of procurement and financial processes, starting with the first steps of procuring a good or service to the final steps involved in paying for it.

There is software expressly designed to handle the entire procure to pay process or components of it. One of the biggest benefits of integrated procure to pay suites is the ability to consolidate data, and enable the intelligent spend management that executives can use to get more control over expenses.

Vendors of e-sourcing and procurement software, such as Coupa Software and SAP Ariba, have developed significant procure to pay features. A few niche players, among them BirchStreet Systems, Basware, GEP,  Verian, Jaggaer, and Zycus claim to automate the entire process.

Term of the Day: Strategic Sourcing

Strategic sourcing is an approach to supply chain management that requires analysis of what an organization buys, from whom, at what price and at what volume. The goal of strategic sourcing is to help an organization consolidate its purchasing power and ensure purchasing strategies are aligned with business goals.

While the most important advantage of strategic sourcing is still to reduce cost, the benefits of rethinking the sourcing process itself can be far-reaching. It begins with analyzing business needs and historical spending, followed by outlining a strategic plan, and then conducting data collection and market analysis to guide the selection of a roster of suppliers.

Term of the Day: TensorFlow

TensorFlow is an open-source framework developed by researchers at Google to run machine learning, deep learning, and other statistical and predictive analytics workloads. TensorFlow platform is designed to streamline the process of developing and executing advanced analytics applications used by data scientists, statisticians and predictive modellers.

The TensorFlow software handles data sets that are arrayed as computational nodes in graph form. The edges that connect the nodes in a graph can represent multidimensional vectors or matrices, creating what is known as tensors. TensorFlow applications can run on either conventional CPUs or higher-performance graphics processing units (GPUs), as well as Google’s own tensor processing units (TPUs), which are custom devices expressly designed to speed up TensorFlow jobs.

Term of the Day: Chief Procurement Officer

Chief Procurement Officer (CPO) leads an organization’s purchasing department and oversees the acquisitions of goods and services made by the organization. The CPO’s policies and procedures determine which acquisitions require the procurement department’s involvement and need to begin with an RFP and which can be handled independently as non-RFP purchases by employees.

A CPO’s policies and procedures are intended to help the company:

  • Evaluate and select suppliers
  • Reduce and contain costs
  • Facilitate contract negotiations
  • Establish supplier performance metrics
  • Meet internal and external compliance requirements.

A CPO must be well versed in regulations and compliance, as well as in the various laws and requirements governing the procurement process. This position is most common at larger companies, where the volume of purchases justifies the need for an executive position and staff to handle those acquisitions.

The headline on 15 July 2020

TechSNAP is a podcast on systems, networking and administration with a focus on best practices and helping listeners solve problems. TechSNAP features topics of importance to those in the tech industry, with a segment dedicated to audience questions in every episode. New episodes are released every 2 weeks.

Update #1: TechSNAP stopped producing episodes last month, but you can now find host Jim Salter in a new tech podcast called 2.5 Admins.

Everything is a command-line search engine for Windows that instantly locates files and folders by filename. Everything initially displays every file and folder on the computer and then filters what is displayed as you type. Because it only indexes file and folder names, it generally takes a few seconds to build its database (e.g., a fresh install of Windows 10 (about 120,000 files) will take about 1 second to index).

PowerToys includes Windows system utilities to help improve productivity, especially likes, “PowerRename, PowerToys Run (ALT+SPACE is a universal shortcut for search/run/navigate) and Keyboard Manager (Rebind keys to other keys). There is a lot of other stuff too, and it is still evolving. It is pre-1.0 so might contain bugs (e.g., running it as admin was breaking PowerToys Run last week).”

OpenSSH is a connectivity tool for remote login with SSH as the best alternative to PuTTY. All traffic is encrypted and it also provides a suite of secure tunnelling capabilities, authentication methods and sophisticated configuration options.

Shortcut: CTRL + SHIFT + <Click Taskbar or Start Menu Icon> 

“Opens an instance of selected program with elevated privileges. This also works on non-pinned open programs on your taskbar. (E.g., I have Windows Terminal pinned to my Taskbar, which I regularly need to open PowerShell or Command Prompt with elevated privileges to run some scripts or stop services. This is one of the fastest ways for me to do it.)”

Microsoft is trying out some new ways to present a conference call that’s well, not like Zoom. Together Mode in Teams will put everyone together on the same virtual background, which it hopes will make these calls more human and less exhausting. I think this is a powerful feature that really speaks to our need to connect with each other in better ways.

Term of the Day: Procurement Plan
A procurement plan, also known as a procurement management plan, refer to the document that is used to manage the process of finding and selecting a vendor, justifies the need for an external supplier and explains how the process of finding a supplier will be performed from identifying the project requirements to closing the contract.

The goal of a procurement plan is to increase the efficiency, effectiveness, and transparency of the procurement process. Procurement plan specifically describes how products or services will be acquired and how vendors will be managed during the project. It includes information such as the types of contracts that will be used, the planned delivery or implementation dates for the contracted products or services, the types of metrics that will be used to evaluate the vendor’s performance and an explanation of how the procurement process will be performed.

Term of the Day: Technology Buying Team

A technology buying team is a committee within a company whose members are responsible for making software and hardware buying decisions, using either a request for proposal (RFP) or non-RFP procurement process.

Technology Buying teams are the result of two important trends in technology:

  • Technology design is now increasingly driven by business needs and ease of use rather than the complexity of capability or depth of features.
  • The sales cycle for technology has become shorter and the amount of time for vendors to influence purchasing decisions has become shorter as well.

How to Lower AWS Cost Spending and Optimize Usage

Companies that operate new cloud services with the old mindset of traditional data centres lose money fast. This article helps you to optimize AWS spending with 16 powerful tips.

How to Lower AWS Cost Spending and Optimize Usage
How to Lower AWS Cost Spending and Optimize Usage. People photo created by Racool_studio – www.freepik.com

The shift to public cloud providers like AWS offers many advantages for companies. According to AWS CEO Andy Jassy, the conversation starter for cloud adoption is almost always cost savings. For many companies, this means trading the old model of using heavy CAPEX for capital to invest in data centres and servers upfront to a variable expense model that is pay-as-you-go. However, organizations often forget to adapt the strategy of using the cloud. Rather, they continue to operate new services with the old mindset of traditional data centres, and because of that, they lose money.

To maximize the cost optimization model of AWS, companies need to plan accordingly and leverage the many tools that AWS provides for monitoring resource usage. In this article, we’re going to discuss the most popular, yet often overlooked tools. This is not intended to be an ultimate guide, but it is a great place to start planning AWS usage or evaluating existing practices. I’ll spend most of the time on EC2, EBS and S3 services, but will leave hints for some others too.
Continue reading “How to Lower AWS Cost Spending and Optimize Usage”

How AI Can Help Address Contract Challenges During LIBOR Transition

The transition from LIBOR to alternative reference rates presents numerous challenges, particularly when it comes to renegotiating and operationalizing fallback language for both existing and new contracts. Although uncertainty remains among market participants and industry guidance continues to evolve, adopting a “wait-and-see” attitude before amending contracts is not considered wise. Financial institutions should consider acting now to develop a solution that supports the use of appropriate contract language in preparation for the permanent discontinuation of LIBOR.

How AI Can Help Address Contract Challenges During LIBOR Transition
How AI Can Help Address Contract Challenges During LIBOR Transition. Photo by Andy Kelly on Unsplash

This article looks at why financial institutions should consider acting now to develop a solution that supports the use of appropriate contract language in preparation for the permanent discontinuation of LIBOR.
Continue reading “How AI Can Help Address Contract Challenges During LIBOR Transition”

Cybersecurity News Headline Updated on 18 July 2020 – UK, Canada, and US Say Russian Hackers Targeting Vaccine Research; Hackers Hijacked High-Profile Twitter Accounts; US Legislators Adding Solarium Report Recommendations to Bill, and more

The headline on 18 July 2020

Microsoft Patches Severe, Wormable Vulnerability in Windows Server 2019. The bug is a vulnerability found in Windows DNS servers, that allows remote code execution due to mishandled requests. It’s only present in Windows Servers configured to handle DNS requests, but the severity of the bug means all affected server versions should update ASAP.

Both Microsoft and the researchers who discovered the bug have confirmed it’s wormable as well. Vulnerabilities are nothing new, but wormable vulnerabilities are particularly nasty. They allow attackers to infect one machine after another, spreading malware across the internet and eventually infecting every vulnerable machine that it touches.

Microsoft urges patching as quickly as possible, so if you’re currently using Windows Server 2019, you should look into applying the fix.

Read more at arstechnica.com

Zoom Fixes a Bug In Subdomain Handling. The bug resulted from the ability to construct malicious URLs posing as a company’s genuine vanity URL. For example, if the original link was https://zoom.us/j/####, the attacker could change it to https://<organization’s name>.zoom.us/j/####, and potentially pose as a company employee in a meeting.

Read more in: Zoom Addresses Vanity URL Zero-Day

UK, Canada, and US Say Russian Hackers are Targeting COVID-19 Vaccine Research. In a joint advisory, government officials from the UK, Canada, and the US said that hackers with ties to Russia have been targeting organizations conducting research on COVID-19 vaccines. Suggestions for mitigating the risk of attack include keeping devices and networks up-to-date; implementing multi-factor authentication; and preventing and detecting lateral movement in networks.

Read more in:

Hackers Hijacked High-Profile Twitter Accounts And Used Them in Bitcoin Scam. Hackers took over dozens of high-profile Twitter accounts and used them to tweet that if people sent then bitcoin, they would send back twice as much. They received $120,000 worth of the cryptocurrency before the scam was detected and shut down. Twitter says is believes that the hackers targeted Twitter employees in a “coordinated social engineering attack” to take control of the accounts.

Read more in:

US Legislators Adding Solarium Report Recommendations to Defense Spending Bill. Cybersecurity recommendations made in the Cyberspace Solarium Commission report, which was released earlier this year, are finding their way into markups of and proposed amendments to the FY 2021 US National Defense Authorization Act (NDAA). This month, the Cyberspace Solarium Commission staff released a list of 54 legislative proposals drawn from the report.

Read more in:

Patch Tuesday: Cisco and Oracle. Cisco has released fixes for more than 30 vulnerabilities in a variety of products, five of which are rated critical. The critical flaws include two remote code execution vulnerabilities, authentication bypass, privilege elevation, default credential. Oracle’s Critical Patch Update for July 2020 includes nearly 450 fixes for vulnerabilities in multiple products.

Read more in:

Patch Tuesday Adobe. On Tuesday, July 14, Adobe released fixes for a total of 13 vulnerabilities affecting five different products: Download Manager, ColdFusion, Genuine Service, Media Encoder and the Creative Cloud Desktop Application. Four of the vulnerabilities are rated critical; the other nine are rated important. The critical flaws are a Symlink vulnerability in Creative Cloud; two out-of-bounds write vulnerabilities in Media Encoder; and a command injection vulnerability in Download Manager.

Read more in:

Microsoft Patch Tuesday Addresses 120+ Vulnerabilities, Including Wormable Flaw (SIGRed). On Tuesday, July 14, Microsoft released fixes for more than 120 vulnerabilities across its product line; 18 of the vulnerabilities are rated critical. One of the critical flaws is a “wormable” remote code execution flaw which can spread from machine to machine with no human interaction. Check Point detected the flaw and reported it to Microsoft in May. SIGRed, as Check Point named the flaw, affects Windows DNS servers and can be exploited by sending a malicious request to a vulnerable Windows DNS server. The flaw has been present in Windows DNS Server for 17 years. It has been given a CVSS base score of 10.

Read more in:

Apple Updates: iOS, macOS, and More. On Wednesday, July 15, Apple released updates for numerous products, including iOS (13.6), iPadOS (13.6), macOS (10.15.6), Safari (13.1.2), tvOS (13.4.8), and watchOS (6.2.8).

Read more in:

Counterfeit Cisco Devices Caused Network Switch Failures. An F-Secure investigation into network switch failures at an unnamed IT company found that the problem was caused by counterfeit Cisco devices. The failure occurred after a software upgrade in fall 2019.

Read more in:

IBM X-Force Found Iranian Threat Group Training Videos Online. IBM’s X-Force Incident Response Intelligence Services (IRIS) discovered a server that contained video files of an Iranian threat group’s operations. The server contained 40 gigabytes of data. The videos include evidence of stealing data from a US Navy officer and a Greek naval officer.

Read more in:

EU Court of Justice Invalidates Privacy Shield Data Sharing Agreement. The European Union Court of Justice has ruled that Privacy Shield, the EU/US data sharing agreement, is invalid. The court said that the agreement did not adequately protect EU residents’ data when it is sent to the US, and as such, violates EU privacy law. Privacy Shield was created in 2016, after the Safe Harbor agreement was deemed inadequate and the establishment of Standard Contractual Clauses (SCC), which are still valid.

Read more in:

Identity Theft Resource Center: Data Breaches Decreasing. The Identity Theft Resource Center says that data breaches have decreased during the first quarter of 2020. The organization compiled data from publicly reported breaches in the US during the first three months of 2020.

Read more in: Identity Theft Resource Center Sees a Data Breach Decrease in First Quarter of 2020

Decommissioned Police Bodycams Purchased Online Contain Sensitive Data. A used bodycam purchased on eBay yielded unencrypted video of US military police officers at work. Other decommissioned bodycams purchased online have turned up similar data.

Read more in:

The headline on 15 July 2020

Cyber Attacks Against Health Care Facilities Skyrocketing During COVID Pandemic. Attacks against hospitals and other healthcare providers have increased during the pandemic as more employees switched to working from home and medical facilities were cash-strapped and stretched thin because of COVID-19. IBM reported a 6,000 percent increase in spam attacks leveraging COVID-19 on information technology system between March and April; many of the targeted systems are at health care facilities.

Read more in: A game of ‘cat and mouse’: Hacking attacks on hospitals for patient data increase during coronavirus pandemic

SAP Patches Critical Flaw – Severity 10 – Patch Now. SAP has released a fix for a critical vulnerability in the SAP NetWeaver Application Server Java component LM Configuration Wizard. The flaw could be remotely exploited to create user accounts with maximum privileges on vulnerable systems.

Read more in:

Zoom Releases Fix for RCE Flaw Affecting Older Versions of Windows. Zoom has released an update to address a remote code execution vulnerability that affects the Zoom client running on Windows 7 and on older versions of Windows. Zoom released version 5.1.3 of the Zoom client on July 10. Zoom released additional updates on Sunday, July 12 to address “minor bug fixes” and implement “new and enhanced features” for phone and web users.

Read more in:

Amazon Walks Back its TikTok Ban; Wells Fargo Imposes One. Amazon said that an email sent to employees last week banning them from using TikTok on mobile devices that connect to corporate email “was sent in error.” The message told the employees to remove the app from those devices or risk losing access to work email on those devices. TikTok has come under scrutiny by US legislators and administration officials because it is owned by a Chinese company and some are concerned that the app could be used to spy on people. Late last year, the US Department of Defense told personnel to delete TikTok from government-issued phones. Wells Fargo has also told its employees to delete the app from company-owned devices.

Read more in:

Conti Ransomware Can Encrypt Files Very Quickly. Researchers from Carbon Black have detected Conti, a new strain of ransomware that appears to share some code with Ryuk. Conti is a human operated ransomware, meaning that its operators control it rather than allowing it to execute automatically. One of Conti’s notable features is that it uses 32 simultaneous CPU threads to encrypt data.

Read more in:

Secret Service Cyber Fraud Task Force. The US Secret Service has merged two existing units to create the Cyber Fraud Task Force. In a July 9 press release, the Secret Service said, “In today’s environment, no longer can investigators effectively pursue a financial or cybercrime investigation without understanding both the financial and internet sectors, as well as the technologies and institutions that power each industry,” prompting the decision to unify the Electronic Crimes Task Forces (ECTFs) and Financial Crimes Task Forces (FCTFs).

Read more in:

Mozilla Will Reduce TLS Certificates’ Lifespan to 398 Days. Mozilla has announced its intent to reduce the lifespan of TLS certificates it deems valid from 825 days (about 27.5 months) to 398 days (just over 13 months). As of September 1, 2020, Mozilla will consider new TLS certificates with expiration dates further out than 398 days as invalid. Earlier this year, Apple announced it will require certificates issued after September 1, 2020 to have lifespans of 398 days or less. Mozilla and Apple plan to make this change regardless of any decision reached by the CA/B Forum.

Read more in:

Amnesty International Loses Bid to Revoke NSO Export License. An Israeli court has denied Amnesty International’s petition to revoke the export license of NSO Group, which sells surveillance software. Amnesty International filed the lawsuit in 2019, alleging that NSO group’s Pegasus software had been used against an Amnesty International employee.

Read more in:

Nikulin Found Guilty of Breaking Into LinkedIn, DropBox, and Formspring. A federal jury in California has found Russian citizen Yevgeniy Nikulin guilty of breaking into computers that belonged to social networking companies, installing malware on those computers, stealing employees’ access credentials, and selling that information. Nikulin was arrested in the Czech Republic in 2016 and held there for over a year before being extradited to the US. Sentencing is scheduled for September 29, 2020.

Read more in:

US Dept. of Energy Report: DoE’s Office of Science Lacks Sufficient Peripheral Device Security. A report from the US Department of Energy Office of Inspector General warns that DoE’s Office of Science does not have adequate security for peripheral devices. The IG reviewed four DoE field sites. Among the reasons given site officials for the lack of security are that DoE’s security standards are “technically not feasible or extremely difficult to implement,” and that they are expensive to implement and hinder collaboration.

Read more in:

Belgian Bank Closes Down Older ATMs After Jackpotting Attacks. Two Argenta ATMs in Belgium were hit with jackpotting attacks over the weekend. These were older machines that were scheduled to be replaced. ATMs belonging to the same bank were hit with jackpotting attacks in late June as well. Argenta’s Christine Vermylen told The Brussels Times, “We have decided to shut down the 143 devices of this type now, pending the installation of new devices later this year. We are looking into whether that operation can be speeded up.”

Read more in:

Ukrainian Police Arrest Alleged Government Database Hacker. Police in Ukraine have arrested an individual who is suspected of breaking into government databases, stealing information, and then selling it. The suspect allegedly accessed 50 Ukrainian government databases by “hacking passwords to e-mail accounts, messengers, [and] social media accounts” of government employees.

Read more in: Ukraine arrests government database hack suspect

EFF Files Amicus Brief in Supreme Court Case Involving CFAA. The Electronic Frontier Foundation (EFF) has filed an amicus brief on behalf of cybersecurity researchers and companies urging the US Supreme Court to narrow the scope of the Computer Fraud and Abuse Act (CFAA). Specifically, the EFF urges the Supreme Court to decide that accessing computers in ways that violate terms of service does not violate the CFAA. The brief was filed in reference to Nathan Van Buren v. United States.

Read more in:

The headline on 11 July 2020

Zoom Zero-day Affects Clients Running on Older Versions of Windows. Zoom is working on a fix for a zero-day vulnerability that was disclosed on Thursday, July 9. The arbitrary code execution flaw affects the Zoom client running on Windows 7, Windows Server 2008 R2, and older versions of the operating system. Zoom clients running on Windows 8 and Windows 10 are not affected.

Read more in:

Palo Alto Networks Releases Updates for Another PAN-OS Vulnerability. Palo Alto Networks has released updates to fix a critical command injection vulnerability in its PAN-OS GlobalProtect portal. The flaw affects PAN-OS 9.1 versions prior to 9.1.3; PAN-OS 8.1 versions prior to 8.1.15; PAN-OS 9.0 versions prior to 9.0.9; and all versions of PAN-OS 8.0 and PAN-OS 7.1. Fixes will not be released for PAN-OS 8.0 and 7.1 as those versions are no longer supported.

Read more in:

Citrix Patches 11 Vulnerabilities in Networking Products; Someone is Already Scanning for Vulnerable Installations. Earlier this week, Citrix released fixes for 11 vulnerabilities in Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP appliances. The flaws include information disclosure, local privilege elevation, code injection, cross-site scripting, authorization bypass, denial of service. Rob Joyce, the former head of the NSA’s Tailored Access Operations (TAO) team, has urged users to apply the patches as soon as possible. Active scanning for vulnerable installations has been detected.

Read more in:

Critical Flaw in WordPress Plugin. A critical remote code execution flaw in the Adning Advertising plugin for WordPress could be exploited to completely take control of vulnerable sites. The flaw has been exploited in the wild. Users are urged to update to Adning version 1.5.6, which also fixes a high-severity unauthenticated arbitrary file deletion via path traversal vulnerability.

Read more in:

Russian Hacking Group Cosmic Lynx is Conducting Sophisticated eMail Scams. A group of Russian hackers dubbed Cosmic Lynx has been launching sophisticated business email compromise schemes since last July. According to researchers at Agari, the group has launched more than 200 attacks against organizations in 46 countries. Cosmic Lynx targets organizations that have not implemented DMARC; the group has focused on scams involving mergers and acquisitions.

Read more in:

Criminals are Taking Control of Abandoned Subdomains. Criminals have been taking control of abandoned subdomains associated with well-known organizations and using them for nefarious purposes, including malware, pornographic content, or spreading malware. In late June, Microsoft published an article describing how to prevent subdomain takeovers.

Read more in:

ThiefQuest macOS Malware More Focused on Stealing Information than on Encrypting Data. Researchers now think the ThiefQuest malware that targets macOS is largely focused on exfiltrating data from infected networks. Initial assessment of ThiefQuest categorized the malware as ransomware. While it does have an encryption component, researchers think it may be included as a distraction rather than the main purpose of the malware.

Read more in:

DigiCert Will Revoke 50,000 Certificates This Weekend Because of Botched Audit. DigiCert plans to revoke 50,000 Extended Validation (EV) certificates on Saturday, July 11 after learning that they were not properly audited. While the situation does not pose a security threat, EV guidelines require that the certificates be revoked.

Read more in:

Turchin Indictment Unsealed. The US Department of Justice recently unsealed an indictment charging Andrey Turchin with conspiracy to commit computer hacking, two counts of computer fraud and abuse, conspiracy to commit wire fraud, and access device fraud. Turchin allegedly hacked into networks at hundreds of organizations, established backdoors, and then sold access to those systems. Turchin is a citizen of Kazakhstan and is believed to be residing there currently.

Read more in:

German Authorities Seize BlueLeaks Server. Authorities in Germany have seized a server hosting BlueLeaks data, 269 GB of US police documents. The department of public prosecution in Zwickau said the server was seized on July 3 at the request of the US government.

Read more in:

Microsoft Seizes Domains Used in Phishing Attacks that Targeted Office 365 Users. Recently unsealed documents detail Microsoft’s efforts to thwart phishing attacks that preyed on people’s concerns about COVID-19. The attacks targeted Office 365 users in 62 countries around the world and were crafted to appear to be from employers or other trusted entities. Microsoft’s Digital Crime Unit became aware of the fraudulent activity in December 2019. On July 1, Microsoft obtained a court order allowing it to seize the malicious domains.

Read more in:

CISA Warns of Vulnerabilities in Medical Devices and Hospital Information Management System. The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published two advisories regarding security issues in ultrasound systems from Philips and in the OpenClinic GA open source hospital information management system. Philips has released updates to address the authentication bypass issue in some of the affected products and expects to have fixes for the rest of the affected products by the end of the calendar year.

Read more in:

Playing Smart – Safe Casino Betting Tips for First Timers

Betting over the internet has never been more popular, with a general trend of growth over the years and an understandable increase during the pandemic lockdown. But what are the best and easiest ways for beginners to gamble safely? We’ve got some quick tips to help you stay safe, as well as some important guidance on how to enjoy the best online casino bonuses.

Playing Smart - Safe Casino Betting Tips for First Timers
Playing Smart – Safe Casino Betting Tips for First Timers. Photo by Macau Photo Agency on Unsplash

Continue reading “Playing Smart – Safe Casino Betting Tips for First Timers”

Key Challenges for 5G Networks New Radio (NR) Field Testing

Live field testing 5G networks ensure that beams are transmitting accurately to fulfil performance metrics such as throughput per cell, throughput per device, and Quality of Experience (QoE). Learn about the key challenges that mobile network operators face in this article.

Key Challenges for 5G Networks New Radio (NR) Field Testing
Key Challenges for 5G Networks New Radio (NR) Field Testing

Continue reading “Key Challenges for 5G Networks New Radio (NR) Field Testing”