Microsoft at SAP Sapphire NOW 2019: A trusted path to cloud innovation

In a few weeks, over 22,000 people from around the globe will converge in Orlando, Florida from May 7-9, 2019 for the SAP Sapphire NOW and ASUG Annual Conference. Each year, the event brings together thought leaders across industries to find innovative ways to solve common challenges, unlock new opportunities, and take advantage of emerging technologies that are changing the business landscape as we know it. This year, Microsoft has elevated its presence to the next level with engaging in-booth experiences and informative sessions that will educate, intrigue, and inspire attendees as they take the next step in their digital transformation journey.

Modernize your SAP landscapes

While running SAP on-premises was once business as usual, it is quickly becoming obsolete for businesses looking to compete and win. With the power of the cloud, enterprises have real-time data with intelligent insights from machine learning and artificial intelligence at their fingertips, can spin up a dev-test environment or an application server in minutes instead of hours, and back-up a virtual machine in a few mouse clicks.

At SAP SAPPHIRE NOW, you’ll have the opportunity to get a better understanding on the business value of moving your SAP applications to Azure:

  • On Tuesday, May 7, 2019 from 12:00 PM – 12:40 PM, we will host a session on “Innovating with SAP HANA on Microsoft Azure.” The session will cover how SAP customers are accelerating innovation velocity and saving costs for high-performance SAP HANA applications by moving to Azure.
  • On Tuesday, May 7, 2019 from 3:00 PM – 3:20 PM, we will host a session on “Microsoft’s journey to SAP S/4 HANA on Azure.” In this session you’ll learn how Microsoft migrated to Azure and is now leveraging it to transform its existing SAP landscape and starts migrating to S/4HANA.
  • On Wednesday, May 8, 2019 from 11:30 AM – 11: 50 AM, we will host a session on “Lessons learned from migrating SAP applications to the cloud with Microsoft Azure.” The session will share the lessons Microsoft learned during migration and share best practices that will help you learn how you can transform your existing SAP landscape and start migrating to Azure. To learn more about Microsoft’s journey to running SAP on Azure, check out our IT showcase story: SAP on Azure—your trusted path to innovation in the cloud.
  • Visit the Microsoft booth, #729, for one of our in-booth theatre sessions on topics like “Optimizing your SAP landscapes in Azure” and “SAP on Azure deployment journey and lessons learned,” or get hands-on with Azure at one of our in-booth demo pods.

Explore IoT, AI, and machine learning

Every organization is challenged with doing things faster, cheaper, and smarter to keep up with the ever-evolving pace of innovation. To stay agile in a competitive landscape, businesses need to start thinking about how to leverage emerging technology advancements like IoT solutions and artificial intelligence to better serve customers, build more innovative solutions, and obtain a 360-degree view of the business.

At SAP SAPPHIRE NOW, you’ll have the chance to talk with solution experts from Microsoft around creative ways to leverage technology to solve your most challenging business problems:

  • On Tuesday, May 7, 2019 from 2:00 PM – 2:20 PM, we will host a session, “Harness the power of IoT Data across Intelligent Edge and Intelligent Cloud.” In this session, you’ll learn how you can take advantage of innovations in IoT technology at the edge and in the cloud with SAP business processes with the power of Microsoft Azure IoT to achieve transformative innovation for your business.
  • Stop by booth #729 to experience our Azure Data Services and Analytics demo to learn how you can connect data from multiple inputs and applications to provide a unified view of your business. You can also learn more about how IoT solutions can help you take a step closer to digital transformation by experiencing our Azure IoT demo.

Learn about cloud migration from our trusted partners

There are different paths to migrate to SAP HANA and Azure, depending on your business needs. Microsoft’s SAP on Azure partners can work with you to determine the best way to migrate your SAP applications to the cloud.

At SAP SAPPHIRE NOW, you’ll find multiple opportunities to connect with partners:

  • Join a partner-led session at our in-booth theatre. We’ll have partners from organizations like SAP and Accenture to learn how running your SAP landscapes in the cloud can provide your business with more agility, security, and reduced costs.
  • After the show-floor dies down, we encourage you to engage with Microsoft and our partners at various co-sponsored, partner-led events throughout the week.
  • Also, stop by our booth (#729) to speak with many of our leading partner organizations to learn about the services they provide to help you on your journey to the running SAP on Azure.

Discover business transformation

Look for Microsoft at SAP SAPPHIRE NOW 2019 and see for yourself why the leading enterprises across industries bet their businesses on the technology that Microsoft and SAP provide for a first-and-best pathway to running SAP applications in the cloud.

Sign up for live updates at our dedicated SAP SAPPHIRE NOW 2019 event page.

Go to Original Article
Author: Microsoft News Center

Nokia: 5G network slicing could be a boon for security

One aspect of 5G that could have a major impact on security is network slicing, which will allow wireless carriers to essentially create multiple independent virtual networks in order to separate users, devices and applications from one another.

Kevin McNamee, director of Nokia’s threat intelligence lab,  analyzes threats and develops rules for Nokia’s network-based malware detection system. This network system is deployed in carriers around the world, giving Nokia visibility into the types of malware active on mobile endpoints and IoT devices.

McNamee has been studying the planned rollout of 5G technology, which will take place over the next few years, and how it will affect network security. According to McNamee, network slicing could provide security benefits, especially with efforts to secure IoT devices, but there is also a potential downside to this new feature of 5G networks.

Editor’s note: This interview has been edited for length and clarity.

What will network slicing mean in terms of carrier control and network security?

Kevin McNamee: Network slicing brings two things. On the positive side, it introduces network segmentation. Anyone on the security side of the business realizes that if you break your network into segments that are for specific purposes, then you can provide specific security to different slices.

By segmenting the network into different areas, it can restrict access to those slices to only specific people and specific devices. Reducing the access and being able to apply specific security policies to the various slices is a real pro; that’s a real benefit that the slicing will bring. A network slice that’s used by the healthcare segment to communicate information about patient information requires a lot more security than, for example, a network slice that’s being used by a gaming company to provide access to their customers.

On the downside, the slicing does provide targets for attack. If people learn what the slices are used for, it does provide a focus for any targeted attacks on those particular slices, those particular enterprises that are using those slices.

Where is the balance between carrier control and the security issues that come from malicious devices getting on a 5G network?

McNamee: That’s an area that I’ve actually been looking at very closely over the past, specifically in the 4G networks today. I’ve got some concerns about 5G going forward. One of the things that 5G brings is it’s going to enable more network access for the IoT devices and devices in that classification. These are devices that basically function on their own; there’s no human looking after them, and they’re just sort of out there. And what we’ve noticed with 4G is that the rogue IoT devices are a major problem, and they’re specifically a major problem because those devices are visible from the internet. And if those devices have a vulnerability, we find that they’re going to be hacked literally in a matter of minutes.

IoT botnet activity makes up a very large proportion of the malware detection events we see in these carrier networks today. But the reason for this is because their basic architecture is that any device that’s infected immediately starts to scan the network looking for additional victims, and it tries to enlarge the botnet. Oftentimes, these devices are unmanaged. There’s going to be more bandwidth available, easier access for these devices, and the potential for doing damage becomes larger.

Also, the devices should be managed. There’s going to have to be a way to provide security patches and provide some sort of protection to these IoT devices that are out there. And monitoring the network for rogue devices is pretty critical for the carriers. The carriers have to start doing that. They have to recognize if one of these devices goes rogue [or] starts misbehaving, they have to have a way of detecting that and taking the appropriate action, which might be either reflash the device, reinstall the software or take the device off the network — at least until it’s properly fixed.

So, carriers might end up being in competition with traditional security companies in some ways once 5G is fully rolled out?

McNamee: The carriers are going to have to provide some sort of security for those aspects of their network. But, typically, they will tend to leverage what’s available from the security vendors for those things. The security vendors will be stepping up to the plate to assist them with that.

Specifically within the Nokia security business, we’re actively looking to get the certificate lifetime management systems that are going to be put in place to make sure that all of these devices have to require secure communications, particularly near the edge. [Managing] the lifecycle of those digital certificates can become a disaster when certificates for all these millions of new devices start expiring and then causing network issues.

There’s going to have to be firewalling and some stuff between the slices. I mentioned monitoring IoT devices for anomalous behavior. Certainly, the [intrusion detection system] technology, [deep packet inspection] technology can be leveraged for these purposes.

Can you speak to how edge computing with 5G is going to change security?

McNamee: Technically, for most of the edge computing and also for the 5G core, they’re going to be sort of using a cloud-based technology to provide those systems. Both the edge and in the core, there’s going to be an edge cloud and a core cloud. It’s a very dynamic environment. We have to solve that problem from a security perspective. The idea of orchestrating security in the cloud is the key to that.

When you bring up a service, that service has to be brought up with the appropriate security rules in place. The security policy comes as part of the service. You get away from the physical firewalls of the past, and now you’re more into a micro-perimeter around the actual service itself. And this can be implemented either through virtual firewalling capability or through whole service-based firewalling built right in, and I tend to favor the latter. The latter is built right into the hypervisors, where these things have been built and spun up. Securing the cloud is going to be part of the 5G security both at the edge and also in the core of the network.

So, overall security with 5G should be tighter, but there will be issues that are going to be sorted out on an application-by-application basis?

McNamee: Yes, but I think there are some major areas of concern that I’ve got.

Another concern [besides IoT devices] is the fact that those unmanaged, unprotected devices that are going to be introduced, when they do go rogue, with 5G, they’re going to have a lot more resources to be able to do damage with. One of the major uses of these current IoT bots is to launch DDoS [distributed denial-of-service] attacks against network infrastructure or against people’s web services. Given the increased bandwidth that’s available to them, they can do a lot more damage.

But carriers could shut that down more directly with network slicing and keeping IoT devices less visible?

McNamee: Yes. If the devices are not visible from the internet, they can’t be hacked directly from the internet. It greatly reduces the attack surface. And that’s something that slicing can bring. For example, the carrier can put all the smart traffic lights into a specific slice, and then they make sure to get that slice locked down so people can’t break into it. That’s a real plus.

Go to Original Article

For Sale – Mac Pro 3,1 Dual Quad-Core Intel Xeon

Mac Pro 3,1 (early 2008) Dual 2.8GHz Quad-Core Intel Xeon – total of Eight Cores
OS installed – 10.11.6 (El Capitan) (upgradeable with tricks)
Two drives: 128GB Micron SSD, 320GB (2.5inch) HDD ; two bays spare (with brackets) to fit most 3.5″ SATA drives
32GB RAM (DDR2 667MHz) (eight 4GB RAM sticks) (can use 800MHz ones but these were obtained cheaply)
ATI Radeon HD 5770 (2x mini-DP, 1 DVI) (upgraded from the standard HD 2600 XT)
No wireless card fitted (you can one which I purchased for £10 but did not install – unknown state)
No box (sorry!)

This is a very capable machine, used with little stress on all its components, well kept, cleaned but expect marks, scratches, etc. It is possible to upgrade the OS (tips and tricks available with an online search). Only going due to company cornering me into a windows laptop.

Cash and collect only (heavy machine!) – so buyer can inspect to heart’s content.

Price and currency: 200
Delivery: Delivery cost is not included
Payment method: Cash
Location: Cambridge
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I prefer the goods to be collected

This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Go to Original Article

April Patch Tuesday closes 2 zero-day exploits

Windows administrators might get a feeling of déjà vu with two of the vulnerabilities addressed in the April Patch Tuesday updates.

This month, Microsoft released 15 updates to resolve 74 unique vulnerabilities, including two zero-day exploits in the Win32k component of all supported Windows operating systems. These exploits might sound painfully familiar to administrators, because Microsoft had shut down two similar zero-day bugs in its March security updates.

The two April Patch Tuesday vulnerabilities (CVE-2019-0803 and CVE-2019-0859), rated important, deal with an escalation-of-privilege bug. An attacker could exploit the way an unpatched system fails to handle objects in memory to run arbitrary code in kernel mode.

“In a case like this, the attacker would have to do something else to get access to that box. But once they do that, the escalation-of-privilege attack would allow them to take a user-level privilege that they’ve already exploited and elevated that to pretty much owning the box,” said Chris Goettl, director of product management at Ivanti, based in South Jordan, Utah.

The Win32k bugs require an attacker to first get into an organization’s network, which emphasizes the need to patch all vulnerabilities, both great and small. Otherwise, the intruder can use various means to gather credentials or find other ways to establish a stronger position before launching a serious attack.

Chris Goettl, director of product management at IvantiChris Goettl

“Statistically, 90% or better of all breaches still start with some kind of phishing attempt to get that first foothold,” Goettl said.

April Patch Tuesday also spotlights a critical vulnerability in Internet Explorer 11 (CVE-2019-0753) for Windows desktop systems and several important Microsoft Office vulnerabilities. Beyond Microsoft products, administrators should address several critical bugs in multiple Adobe products, including Flash Player, Adobe Reader and Shockwave. Shockwave reached end of life on April 9, and organizations that don’t have the extended support contract will not receive the latest Shockwave updates.

“Everyone should remove Shockwave from their environments now, because that dinner bell just rang,” Goettl said. “There are seven vulnerabilities that will be unpatched for a majority of the world to give attackers time to look for ways to exploit them.”

Windows Deployment Services fix backfires

Statistically, 90% or better of all breaches still start with some kind of phishing attempt to get that first foothold.
Chris GoettlDirector of product management at Ivanti

Administrators who rely on Windows Deployment Services (WDS) found themselves unable to install Windows on machines across the network after a March Patch Tuesday update broke the deployment tool.

Microsoft acknowledged last month’s rollup disabled WDS functionality for multiple Windows OSes, including Windows Server 2012 R2, Windows Server 2016 and Windows Server 2019, following a system update to close a critical remote code execution vulnerability (CVE-2019-0603).

“After installing this update, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension,” Microsoft wrote.

At time of publication, the company said it would release an update to correct the issue, but gave instructions to fix WDS by disabling the Variable Window Extension in a Knowledge Base article.

Failed recovery compounds problems from Windows ransomware attack

Despite the constant refrain from security professionals for organizations to prioritize timely patching, one company got caught flat-footed recently after sophisticated malware campaign overtook hundreds of Windows systems and disabled production, causing significant financial losses.

Arizona Beverages, known in U.S. markets for its iced tea product, got hit by an attack in March that locked up several hundred Windows machines, according to TechCrunch. The FBI had warned the company that it was the target of a cyberattack through Dridex malware, according to the article. The attackers apparently used a multistage campaign, using Dridex — possibly through a phishing email — to gain access and move laterally throughout the company’s network, and then deliver another type of ransomware that sabotaged the systems.

A blog from cloud security vendor Guardicore deduced the attackers relied on the IEncrypt ransomware to encrypt files across the Arizona Beverages network based on the ransom note displayed on computer screens and the extension used on the scrambled files.

The attack reportedly immobilized several hundred Windows-based systems, including multiple Windows Server machines that were no longer under support and “hadn’t received security patches in years,” according to TechCrunch. This highlights the risks and costs for organizations when they roll the dice with unsupported Windows systems in production.

“Obsolete software is vulnerable. If you do not enter into a paid support contract to continue getting updates, then you must take additional steps to secure the systems in question,” Goettl said.

To protect against this type of attack, a company should move critical workloads into a virtualized environment, tighten security around them, limit access and direct connectivity, and segregate portions of the network.

“The cost of doing nothing is a security incident,” Goettl said. “No matter what, a decision like this will cost you.”

To make matters worse, data recovery efforts failed when administrators found the backup system was not set up properly, and the company had to enlist Cisco for additional assistance, according to TechCrunch.

This case appears to be an example of a growing practice that security analysts call “big game hunting,” where attackers use advanced intrusion campaigns against large organizations that can afford large payoffs to regain access to files and systems.

Go to Original Article

For Sale – Mac Pro 2008 2x 2.8 Quad Core 10GB Ram

Discussion in ‘Desktop Computer Classifieds‘ started by bealehere, Mar 28, 2019.

  1. bealehere


    Active Member

    Dec 28, 2012
    Products Owned:
    Products Wanted:
    Trophy Points:

    For sale is my Mac Pro 2008.

    The machine is in very good condition. A few small scuffs on the case but no dents or damage.

    2x 2.8GHz Quad core (8 processors)
    10GB Ram
    GeForce 8800 GT graphics card (dual port)
    256gb SSD drive
    500GB Hard Drive
    1TB Hard Drive

    Can include an additional 640GB Hard Drive if the price is right.

    Power lead included.

    IMG_9971.JPG Any questions please ask. Thanks

    Price and currency: 250
    Delivery: Delivery cost is not included
    Payment method: Cash on collection
    Location: Sandy, Bedfordshire
    Advertised elsewhere?: Advertised elsewhere
    Prefer goods collected?: I prefer the goods to be collected

    This message is automatically inserted in all classifieds forum threads.
    By replying to this thread you agree to abide by the trading rules detailed here.
    Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

    • Landline telephone number. Make a call to check out the area code and number are correct, too
    • Name and address including postcode
    • Valid e-mail address

    DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

    Attached Files:

Share This Page


Go to Original Article