Microsoft Europe’s 10 biggest stories of 2018 – Microsoft News Centre Europe

This year has been incredibly busy for Microsoft in Europe. We’ve launched new products, worked with customers and partners to deliver cutting-edge technology solutions, and worked towards our mission of helping every person and organisation achieve more.

We’ve rounded up ten of the biggest stories from the past year below, with the option to click on through to each one to read them in full. Thanks for reading, and have a Happy New Year!

Volkswagen’s future of connected, shareable cars

VW connected car concept

For German car manufacturer Volkswagen, the future of the car goes beyond a mere four-wheeled chauffer and errand-runner. Our cars will also integrate with our lives in ways never before thought possible. Earlier this year, the company revealed its plans for the Volkswagen Automotive Cloud – a platform which will create a seamless experience for drivers from the moment they enter, use, and leave their cars, ushering in a new era of truly connected vehicles.

Powered by Microsoft’s Azure cloud and IoT Edge platform, the Automotive Cloud will allow drivers to effortlessly remain in control of their professional and personal lives. From entering the car to the same music they were just listening to in their living room, to managing their appointments and carrying out work meetings via Skype, the car will evolve into an invaluable physical, and digital, assistant.

Read the full story

This time it’s personal: the financial industry is banking on AI to better serve customers

Brown wallet with cards

The financial services industry is undergoing a massive transformation. Financial technology companies (fintechs) are challenging traditional enterprises, while players from other sectors such as retail and technology are entering their turf. In addition, customers are increasingly demanding predictive, proactive and proximate services. Today’s financial institutions need to ensure that every customer interaction – no matter the channel – goes off without a hitch and delivers value if they want to be industry leaders tomorrow.

Microsoft EMEA President Michel van der Bel had the pleasure of discussing the transformation of the financial services industry with Spiros Margaris, venture capitalist, senior advisor, and international AI, blockchain and fintech influencer. Click below for their full discussion and insights.

Read the full story

The future of fashion and retail

Fashion designer sketching from above

Today’s successful retailers challenge the fundamental assumptions of commerce, from the ways in which physical spaces can be used to create unique customer experiences, to featuring products and services that one cannot find elsewhere to resurrecting the art of selling. The digital transformation of the retail (and indeed, any other) industry is no longer about simply managing costs and increasing efficiency. Rather, it enables companies to react to brutally competitive market forces with new service models, business practices, supply chains and more. At the heart of this retail revolution lies data, alongside the tools required to analyze it to help businesses continuously evolve, improve, and grow – all while creating and maintaining customer loyalty, and remaining competitive.

Read the full story

Medicine Man: How AI is bringing humanity back into healthcare

“When mistakes happen, patients die. I remember thinking to myself ‘What is going on here?’ We can do better. We should do better.”

When Simon Kos practiced critical care medicine in intensive care and anaesthesia early on in his career, digital technology was not well established. “I saw mistakes – avoidable mistakes – happen all around me,” he states. Now Chief Medical Officer at Microsoft, Kos is at the forefront of a medical revolution. His ambition is infectious, and his passion is fuelled by his first-hand experiences of the power that technological transformation, such as artificial intelligence (AI), can bring to our lives.

Read the full story

Knowledge is the best defence

keyboard, side view

If you were asked to pick the most vulnerable demographic to tech support scams, chances are your answer would lean towards the older generation. Traditionally, the elderly have less experience/knowledge of technology, and could therefore be more at risk of falling victim to these scams.

Microsoft’s survey results, however, show that Gen Z, millennials and males are the most vulnerable to tech support scams – a surprising revelation, given that the younger generation is, on the whole, more digitally savvy. This, however, appears to be the cause of their overconfidence and false sense of security – these groups are the most likely to lose money after continuing an interaction with scammers. These demographics, the results show, engage in riskier online behavior such as visiting torrent sites, have a greater familiarity with technology companies than older generations, and are potentially hurt by overconfidence in their device and web expertise.

Read the full story

POLITICO Europe elects Microsoft technology to power its innovative new Elections Hub

EU flag

In collaboration with Microsoft, POLITICO Europe launched a new Elections hub to report on the upcoming 2019 European Parliamentary elections. One of the key features of the hub is a stunning interactive data visualization – built with Microsoft Power BI. The team at POLITICO Europe seeks to bring an unprecedented degree of education and insight to the European electorate as they navigate the complicated election process, which spans thousands of candidates and hundreds of parties across the EU’s 27 member nations. POLITICO Europe’s leaders worked with Microsoft to envision new ways of reporting likely outcomes of the election, and break down complex issues like coalition building, to show individual voters the impact of their vote, and draw new participants into the democratic process.

Read the full story

The secret of productivity

Office workers in a discussion

While there’s no doubt that moving data to the cloud, adopting Artificial Intelligence, and implementing remote working tools is helping businesses to scale and innovate like never before, the question on leaders’ minds is not if, but how, to digitally transform. Leaders must focus on how can technology empower their employees and drive growth.

To help businesses understand how to best empower their workforce, Microsoft spoke to more than 20,000 people working in medium and large companies, from a range of industries, in 21 different countries across Europe. Respondents were asked about the technology they use at work, and their attitudes towards their job and their job performance.

The findings clearly show that to compete in today’s cloud-first world, quality tools alone aren’t enough: for technology to be most effective, it needs to sit within a strong digital culture.

Read the full story

Girls in STEM: the importance of role models

Two children learning to code on a laptop

Research from Microsoft reveals that the number of girls interested in STEM across Europe, on average, almost doubles when they have a role model to inspire them. The findings from a Europe-wide study of girls and young women shows that in general, there is a clear link between role models and an increased passion for science, technology, engineering and maths subjects, with more interest in careers in these fields, and greater self-confidence.

Microsoft’s research stands alongside organisations such as UNESCO and Accenture in providing data and insights around the importance of role models in STEM, with the hope that educators, policy makers, NGOs and the private sector can all work together and invest towards bridging the digital skills gap of the future. With women only making up 30 percent of Europe’s ICT workforce and an expected shortage of up to 500,000 ICT workers by 2020, this is an issue we must all address today – and role models could help.

Read the full story

Healthcare with heart

Medical science continues to progress, allowing doctors to push the boundaries and always achieve more. One such example is the implantation of heart valves via the groin – a procedure which has reached full swing in recent years due to it shorter recovery period and less invasive nature. Some questions, however, are still asked. Are costly procedures such as this as successful as scientific studies are? Do these innovative techniques have the effect of reducing mortality? Are the results as good in one hospital as in the other?

“Such information is crucial for all members of our multidisciplinary team of doctors, carers and paramedics – they allow us to further improve the quality of our care,” says Dr Karl Dujardin, a cardiologist at Delta General Hospital, Roeselare, in Belgium. Although these questions seem simple, it was almost impossible, until recently to answer them, he states. While both Dr Dujardin and his colleagues kept records of their procedures, for example, they lacked an overall vision of the effectiveness of the treatment – and this is where technology comes in.

Read the full story

Transforming a thousand-year-old city into mixed reality

The island of Mont Saint Michel

In the 17th century, before the advent of drones, planes, or even balloons, the solution to creating accurate representations of areas was as time-consuming, as it was beautiful. Plan-relief maps (scale models of landscapes and buildings,) were hand-crafted in meticulous detail, recreating locations of interest in ways that no other means at the time could match.

Coveted by military leaders such as Napoleon and King Louis XIV, these plan-relief maps provided topographic details of landscapes, such as hills and harbours, in addition to showing off the layouts of cities and their fortifications. This is the story of the map of Mont-Saint-Michel—a rocky headland off the Normandy coast, with a stunning Benedictine abbey – and how it was recreated in Mixed Reality.

Read the full story

Go to Original Article
Author: Steve Clarke

Malwarebytes: Fileless ransomware an emerging threat for U.S.

A completely fileless ransomware, dubbed Sorebrect, is “one of the first of its kind” to combine traditional ransom functionality with fileless tactics, according to a new Malwarebytes report.

In “Under the Radar: The Future of Undetected Malware,” Malwarebytes detailed four fileless attacks observed throughout 2018, including Emotet, TrickBot, SamSam and Sorebrect. The report referenced a study from the Ponemon Institute, which stated that “fileless malware attacks are estimated to account for 35% of all attacks in 2018, and they’re almost 10 times more likely to succeed than file-based attacks.”

The report emphasized these four malware families pose as a serious threat to businesses. For example, Malwarebytes stated that “between January and September 2018, Emotet malware was detected and removed more than 1.5 million times using Malwarebytes.” While Emotet was found to be most active in the U.S., an increase in activity was also seen globally in counties such as the U.K., Philippines and Canada.

One of the biggest targets in the U.S. for Emotet was Texas. Adam Kujawa, director of malware intelligence at Malwarebytes, based in Santa Clara, Calif., said he believes this to be due to the fact that Texas holds a large population, several military bases and a growing tech industry.

Sorebrect has also made its way to the U.S. It was first seen in Middle Eastern countries in 2017, infecting networks of primarily manufacturing businesses. But Malwarebytes said the fileless ransomware was discovered this year in several states, including Missouri and Tennessee.

“Lucky for us, this threat hasn’t had a great spread and we haven’t observed any copycats of this functionality making big splashes, yet,” the report stated. “However, it’s just a matter of time before somebody perfects this infection method and using the computer becomes a bigger risk.”

Kujawa said Sorebrect combines traditional ransom functionality with fileless tactics and targets network shares.

“The most popular ransomware right now, being GandCrab, has all kinds of capabilities. But the fact is that [Sorebrect] is a new evolution of ransomware, something that we haven’t really seen before. And it’s almost guaranteed to be copied in the near future,” Kujawa said. “The main way of infection when it comes to fileless malware is either through some kind of script exploited through an exploit script or exploited through a malicious Office document. Either way, it allows the ransomware to reside in memory without putting anything on disk, hanging out for as long as it wants until it wants to start encrypting things.”

The risk Sorebrect poses becomes further evident, as it doesn’t need a human to launch it. While its delivery mechanism is not fully known, Kujawa said it is believed the fileless ransomware is  partially spread through exploit kits and malicious spam campaigns.

“Once it is on the system, what happens usually with any sort of fileless malware is that it will find some way to make itself resistant. Otherwise, once you leave it with the computer, it’s gone,” Kujawa said. “So, in many cases, they’ll create malformed registry entries or keys and have code in them. And every time the computer reboots, it launches that code, that code reaches out, grabs the malware and infects the system again. With Sorebrect, since it can encrypt everything, I imagine that after the initial infection and once it starts encrypting, it probably makes itself known.”

In order to protect against threats such as fileless ransomware, the report recommended enterprises expand their current protections beyond signature-based malware detection and adopting behavioral detection. In addition, Malwarebytes suggested enterprises focus more on blocking delivery mechanisms for threats, specifically email messages, and use security products with self-defense modes that can prevent malware from disabling or removing it from a system.

Go to Original Article

Wanted – Intel Core i5 7500 or better

Discussion in ‘Desktop Computer Classifieds‘ started by silverpuma, Dec 13, 2018.

  1. Hi all, I am looking for a i5 7500 cpu or better as an upgrade for my G4560.

    If it comes with a cooler that would be even better. Let me know what you have.

    I can pay with either bank transfer or paypal gift……Thanks

    Location: Londonderry

    This message is automatically inserted in all classifieds forum threads.
    By replying to this thread you agree to abide by the trading rules detailed here.
    Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

    • Landline telephone number. Make a call to check out the area code and number are correct, too
    • Name and address including postcode
    • Valid e-mail address

    DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

  2. Still looking………..

Share This Page


Go to Original Article

NPM security to use automated tools to boost community alerts

Open source came under fire last month after the chain of trust was compromised for a popular module, event-stream, that may have affected thousands of other dependent packages and millions of users.

Adam Baldwin, director of security at NPM Inc., the Oakland, Calif., company that runs the open source NPM registry, talked about the incident and the NPM security initiatives he has been working on since NPM acquired ^Lift Security in February in order to establish NPM’s internal security team.

NPM is the default package manager for Node.js, and a user discovered malicious code had been added to the event-stream package without anyone noticing for over one month. The poisoning of the package was traced back to a malicious user who had taken over ownership of the module.

How did you view the recent poisoned package in terms of NPM security?

Adam Baldwin: Open source is wonderful, right? We get the advantage of a large ecosystem of packages and a lot of different levels of quality of packages in there. There [are] some people just trying it out, and some that are really maintained by organizations and kept up to rigorous standards. They’re all mixed together in this ecosystem.

So, we’ve got this web of dependencies, and companies consume those. And at the end of the day, you’re responsible for what you require. Hopefully, NPM is going to be able to provide some better tooling to help with that. It is a supply chain security problem for consumers of the software.

What do you see as the best ways to scale NPM security processes?

Baldwin: That’s a challenge. There’s a maintainership side that falls on the ecosystem to keep things going. The problem is that it looks very cut-and-dry when you look at the popularity of a particular module, and you say, ‘OK. Well, it’s above a certain number of downloads.’ Where do we cut that off? Do we take 10,000 downloads a week? A million downloads a week? And certainly, as that goes up, the importance of it is going up, because more and more people are relying on it. So, that’s an honest indicator.

If we already have a lot of users using a piece of the module, they will eventually uncover a problem. Now, that’s not perfect. In fact, nothing in security is perfect, right? We, as NPM, are working on tooling to help understand context when those sort of events of interest happen. A change of ownership is interesting. A new publication from an IP address that’s over Tor, that’s interesting. That gives you more context than just a giant dependency tree to go on.

We’ve already invested heavily in the security team. So, hopefully, we can continue to build tooling that will help consumers understand that context, because really we can’t assert what’s important to you. You might be using a module for a critical system that only gets a few hundred downloads a week, maintained by just a couple of people. So, instead, I think the solution is to provide tooling and context to consumers to better make decisions about what’s happening to that dependency tree, that ecosystem that they rely on.

How do you view your job providing NPM security for the community?

Baldwin: Just like traditional malware, it’s a cat-and-mouse game. It’s going to go on forever. You come up with a new, fancy defense mechanism, and they’re going to get around it. So, we’re going to play that forever, but that doesn’t mean that we shouldn’t do anything. I think that a combination of automated internal tools — because we’re seeing the data first, we have that type of data that we can build to — I think that we can do some really interesting things with that data to proactively block malware.

But, really, we need to enable our 11 million users to be able to, if they see something, say something and to be able to flag those for review. And that’s where our team can come in, as well. We can provide the incident response team for the ecosystem to help respond and help understand if this is a threat. How deep does that threat go? Did the hacker that published that particular module, that malicious activity, are they doing other things elsewhere in the ecosystem?

It’s a process involving community, involving our internal tooling and team that we’re testing.

We’ve touched on it a little bit here and there, but can you go through what kind of processes and security features you already have in place and what you’re working on next?

Baldwin: Right now, the most recent thing that we have from a security feature for a user is NPM audit. When the ^Lift Security platform was acquired, we brought [Node Security Platform], the command lines, into NPM. We took it from our small user base in the security platform to 11 million users, and we turned that on overnight. We made security top of mind. That’s not as proactive; that covers known vulnerabilities and can identify malicious packages, but it does get good reach to our users.

The most important thing, as well, in the registry is to protect accounts. So, we’ve got two-factor auth. Publishers can enforce two-factor authentication for modules that they have. As an example, if you bring in another maintainer, you can require that they have two-factor auth enabled. But, again, that doesn’t protect you from the actively malicious author and things like that.

So, where we want to get to next — and I don’t have concrete details for you — but I talked about behavioral analysis of modules, anomaly detection for publications and just understanding what hackers are doing is kind of the next step for me. Getting that data set and getting those signals, getting those signals out to our end users consuming those modules so they can take action. We’ll likely see those crop up initially in things like NPM enterprise, but I want to see features like that that are protecting the entire registry. It’s difficult to do at scale.

We’ve got over 800,000 packages. That’s like 7 million individual versions of modules and such. That’s a lot of code to cover, but there are patterns that are emerging. There’s interesting tooling that we can build. That’s kind of what I’m seeing [as our] next steps.

Would that kind of anomaly detection be able to cover all the packages hosted?

Baldwin: That’s what I want. I want to be able to tell, ‘Did you intend to publish this?’ Going along with that is sensitive data exposure, too — digitally hidden data, sensitive keys, things like that. People do that on accident. So, helping users protect themselves and having two-factor available to help users protect their accounts.

How do these NPM security features function in the case of a fork where poisoning the initial code may affect many other modules in the registry?

Baldwin: You kind of covered an edge case, because forks are a challenge. I don’t have a solution for that, but what I can say, in this particular instance, we saw people quote that event-stream was downloaded millions and millions of times because [it’s an] interesting number to get people to be [aware of] the data incident. But because it was such a targeted attack, it didn’t impact a whole lot of users, and I’m doubtful that will impact those forks because of the required environment it needed to run in.

Now, that’s not to say that the next one won’t be different. The [owners of the] forks take on responsibility depending on when it was forked. If it was forked before those changes were in or that dependency was in, then maybe you don’t want to accept upstream. They’re going to be fine. It’s kind of one of those initial things. It might bring those changes in. It might not. It depends on forks.

If you think of a fork as like a company, they’re really responsible for understanding what those upstream changes are before they bring them into their forks.

With new NPM security features like anomaly detection alerts, would you send those alerts to a fork in order to bring awareness to potentially malicious upstream changes that might have occurred?

Baldwin: We don’t really know. Forks are interesting in NPM. We don’t actually know which modules are the forks of which, because that sort of occurs in GitHub-land where those projects are being maintained actively. In some cases, we can tell there’s forks, given that they configure to certain points of the GitHub repo. We can do that analysis. I think that that would be an initial challenge and one of those things that we could look at solving down the road. But, definitely, if you’re using a fork on a module, you’re potentially taking on additional risks if it’s depending on if it’s an actively maintained one or not.

Go to Original Article

For Sale – Custom Built Water Cooled High End PC

Hi,for sale is my High End Custom Built Water Cooled PC and specs are as follows.
Selling as a complete sale and will not seperate any items listed.

Intel Core i7-7700K 4.2 GHz QuadCore 8MB Cache Processor.Professionally Delidded with EK Supremacy Water Block Cooled.
Palit GeForce® GTX 1080 Ti Founders Edition with EK-FC Titan Pascal Water Block Cooled.
Gigabyte GA-Z270X-Gaming 7 MotherBoard.
Corsair CMK16GX4M2B3200C16 Vengeance LPX 16 GB (2 x 8 GB) DDR4 3200 MHz C16 XMP 2.0 High Performance Desktop Memory Kit, Black.
Intel 600p 512GB M.2 NVMe PCIe SSD/Solid State Drive. Win 10 os Installed.
Kingston 480 GB SV300S37A/480G V300 SATA 3 Solid State Drive.
Super Flower Leadex Platinum 850W Fully Modular “80 PLUS PLATINUM” Power Supply.
Phanteks Evolv ATX Case with Left Side Tempered Glass Panel.
5X NB-eloop B12-P Ultra Silent Bionic Loop Radiator and Case Fans.
All Water Cooling Fittings and Fixtures are High End EK From Pump and Blocks To Piping and Connectors.I have also included a self made Drainage pipe and extra tubing.
Corsair Lapdog Gaming Control Center.
Corsair K70 Mechanical Gaming Keyboard MX Speed.
Corsair Sabre RGB Gaming Mouse.
Windows 10 Pro with all drivers and bios updated.

LAPDOG is an ultimate gaming control center which revolutionizes PC gaming in any room.As you can see from the pictures(which do not include the tv or sound equipment in the sale),i use this primarily on a 65inch tv and i sit at least 9 feet away in comfort.
This System Build is set to deafult 4.2gig profile and can play the majority of current games at max settings,on a 4k tv at 60fps and can be overclocked to 5gig plus with ease if needed with stable low temps.Whether gaming,video,photo editing or music is your thing,this High End Custom Built PC will suit your requirements and does not look out of place in any Living Room,Bedroom or Office.
All boxes are provided and paperwork if needed.
Majority of purchases are from Overclockers or Corsair.
This has cost me,at the time of build,over £3000 and i am reluctantly selling for £1500 or very nearest offer,to put towards another expensive build.If you know your Computers then you know this is a very fair Sale Price.
I have had a lot of enjoyment from this build and now feel it is time for another project.
All items are sold from a smoke free home and Cash on Collection only is preferred because of the weight and liquid content.
Any questions feel free to contact me.

Price and currency: £1500
Delivery: Goods must be exchanged in person
Payment method: Cash on collection
Location: Stoke On Trent
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article