Tag Archives: been

For Sale – Synology DiskStation DS416j with 2x2TB HDD

It’s the 2016 model, it’s been on most of the time for four years.

The drives are a couple of years older than that, were in a 2 bay NAS prior.

These are the model numbers of them-
Seagate ST2000DL003 3.5 inch 2TB Hard Drive (Serial-ATA, 6Gb/s, 64Mb, 5900RPM).

They are not new by any means but they have been faultless for their whole lives, error free and awesome.

I would say although being on 24/7 I only use the NAS a couple of times a month, so they haven’t been hammered.

Go to Original Article
Author:

For Sale – SOLD 120GB Solid State Drives (SSD) & 1TB Hard Disk Drives (HDD)

All been sold, thanks MrR0b0T

Few drives for sale, all fully working and HDD’s have been securely erased using Active Killdisk, with the SSD’s secure erased with Parted Magic.

1 x Samsung 120GB, 2.5″ Solid State Drives, 650 Model: MZ-650120 (SSD) – £10

1 x Samsung 128GB, 2.5″ Solid State Drives, PM851 Model: MZ-7TE1280 (SSD) – £10

2 x 1TB WD Blue 3.5″ Hard Disk Drives (HDD), 7200rpm, 64MB cache, Model: WD10EZEX – £15 each

Go to Original Article
Author:

For Sale – EVGA RTX 2080 Ti FTW3 Ultra 11GB Graphics Card – As New Condition *Boxed with Warranty*

Purchased previously on the forums as can be seen here. Has been used in my rig exclusively in a smoke free, pet free environment since then.

Comes boxed and complete in the original factory packaging. Cooler hasn’t been removed, so the inspection seals are still in place. There are waterblocks available and the EVGA warranty covers cooler removal.

Goes without saying that you need a decent quality 650W+ PSU with 2 x 8-Pin connectors. Depending on the rest of your setup a higher wattage PSU is advisable, especially if you want to overclock the card. You’ll also need a case that can support this beast of a card.

437 days remaining on warranty.

Looking for £900 inc P&P, open to offers.

Go to Original Article
Author:

SAP HANA Enterprise Cloud, HPE to provide SaaS-like option

SAP customers who want to run their systems in a cloud environment have been limited to either private cloud in SAP data centers or public cloud hyperscalers.

However, a new partnership between SAP and Hewlett Packard Enterprise will now provide a SaaS-like deployment option for full SAP systems on HPE GreenLake. The new offering is called SAP HANA Enterprise Cloud, customer edition.

HPE GreenLake delivers complete pre-configured software systems as a service to a customer’s data center. HPE manages the systems throughout their lifecycle and customers pay for the service in a monthly subscription.

Peter PluimPeter Pluim

The combination of SAP HANA Enterprise Cloud, SAP’s private managed cloud service, and HPE GreenLake allows SAP customers to keep their SAP software stack and data on premises while taking advantage of a predictable, subscription-based cloud environment, said Peter Pluim, SAP’s global head of enterprise cloud.

“We contract HPE GreenLake for the customer and basically buy the service from HPE,” Pluim said. “They install it within a cage in the customer’s data center. And we apply our services and software and the customer pays a monthly fee just as they would if it ran as a SaaS on a hyperscaler.”

Data sovereignty a current issue

The partnership helps customers who need strict control over the location of their data, which is an issue that has become more complex with the COVID-19 pandemic, Pluim said.

We contract HPE GreenLake for the customer and basically buy the service from HPE.
Peter PluimGlobal head of enterprise cloud, SAP

“In the COVID world there are more needs now around data sovereignty, as well as regulatory requirements around data locations,” he said. “This requires customers to have much more control over where it is.”

The HPE GreenLake option is also ideal for customers who want to move to S/4HANA in a SaaS environment, but find that S/4HANA Cloud is limited in functionality and doesn’t support customizations from SAP ECC environments.

“This takes care of that huge issue that customers have with so many moving parts, and now we can deploy this — and customers at their own pace with their own partners can move from ECC to S/4HANA,” Pluim said. “It’s good, especially if they have data sovereignty issues, or maybe they have made huge investments in data centers that they don’t want to give up but they are reaching a hardware refresh cycle.”

Keith WhiteKeith White

The partnership came about because customers have been requesting a simplified cloud experience, said Keith White, HPE senior vice president and general manager of HPE GreenLake.

“The nice thing about this is you get the ‘one plus one equals three’ experience with HPE hardware infrastructure and HPE GreenLake’s as-a-service capability together with SAP systems,” White said. “Customers get that seamless experience, so they can then go analyze the data and get good information from the data and do all of the things that they want to in order to run their business more effectively.”

Customers want clarity

SAP HANA Enterprise Cloud, customer edition provides SAP with an option that its main competitor Oracle has offered since 2016 with Oracle [email protected], said Liz Herbert, vice president and principal analyst at Forrester Research. Oracle [email protected] is Oracle’s managed private cloud service that enables customers to run Oracle Cloud Infrastructure public cloud services and Oracle Fusion SaaS applications in their data centers.

Liz HerbertLiz Herbert

“That said, SAP is already supporting a very wide range of options for customers — on-premises, various hosting and private cloud options, various public cloud options — both directly and through partners like IBM and NTT,” Herbert said. “They have had significant choice largely because they are very partner-friendly when it comes to cloud hosting and infrastructure, and this partnership with HPE GreenLake expands those existing choices.”

However, rather than focusing on the range of infrastructure choices, SAP customers tend to want help cutting through the complexity, asking for better comparisons and more clarity on the differences between those choices, she said. SAP customers are also more interested in making a case for an S/4HANA migration rather than drilling down into the particulars of the infrastructure.  

“[SAP customers] are confused and overwhelmed by having too many choices,” she said. “Furthermore, many of the customers we work with are still asking about the business case for S/4HANA and when or whether to make the move. Infrastructure and cloud choice are not the biggest issues they are dealing with because they are still struggling more fundamentally with what their future ERP environment should look like from a vendor and applications perspective.”

Go to Original Article
Author:

Importance of analytics heightened by COVID-19 pandemic

The importance of analytics has been brought to light by the economic crisis caused by COVID-19.

That was one of the key messages from Real Business Intelligence 2020, the virtual conference hosted by consulting firm Dresner Advisory Services.

“It’s time to double down on data,” said Howard Dresner, founder, chief strategy officer and chief research officer of Dresner Advisory Services, who spoke on Aug. 11, the first day of the event.

With retail stores, bars and restaurants, and a host of other businesses forced to close their physical doors for months at the start of the pandemic and only allowed to open in limited capacities since, such businesses are struggling to stay afloat. Meanwhile, air travel and hotel occupancy have plummeted, and theaters and concert halls have stayed empty.

Some businesses — mostly white-collar firms at which most work was already done digitally — have been able to shift to remote work and have gone on without much issue. Others have been able to change course in order to survive. Still others, however, have not been able to manage their way through the pandemic and are either struggling to survive or have already shut down.

Financial markets, as a result, plummeted at the start of the pandemic, though they have gained back the initial losses, and unemployment has skyrocketed.

Some organizations, however, are adding staff rather than cutting it. Some enterprises are looking to expand rather than contract. In fact, according to data collected by Dresner Advisory Services since the start of April, about 40% of companies responding to a survey are hiring new employees.

And it’s because they understand the importance of analytics, and their analytics are telling them that there are growth opportunities despite the overall economic downturn.

As a result of the coronavirus and the pandemic there is even more emphasis on data and analytics and business intelligence than ever before.
Howard DresnerFounder, chief strategy officer and chief research officer, Dresner Advisory Services

“This is a wake-up call,” Dresner said. “This is a wake-up call to your management team to step back and look at how to do a better job, because there will be another disruptive event in the future. A lot of organizations have told me that as a result of the coronavirus and the pandemic there is even more emphasis on data and analytics and business intelligence than ever before.”

Enterprises, he added, need to have a better understanding of what’s happening both inside and outside their organizations in order to survive and thrive.

At the heart of employing analytics to navigate the pandemic is developing an organizational culture that understands and values the importance of analytics.

One of the keys to that is data literacy.

Most organizations, according to data collected by Dresner Advisory Services, don’t have data literacy programs in place. Nevertheless, more than 75% report at least a moderate level of data literacy among their employees, and among those at which data literacy is valued, BI initiatives tend to have high levels of success.

Chris von Simson, research director at Dresner Advisory Services, discusses the importance of data literacy during Real Business Intelligence 2020, the firm's virtual conference.
Chris von Simson, research director at Dresner Advisory Services, shows the correlation between data literacy and successful use of analytics.

“Our research shows a correlation between data literacy levels and data-driven decision-making,” said Elizabeth Espinoza, research director at Dresner. “Data literacy enables that data-driven decision-making.”

Those organizations with high data literacy levels, she added, report that 75% of their decisions are data-driven, while just 42% of decisions are data-driven at other organizations.

A data governance policy is another key part of developing a culture that understands the importance of analytics.

Data governance develops the trust that’s needed to make data-driven decisions.

“Among about 40 topics that we cover, governance ranks at the very top out of all of them in terms of user importance,” said Jim Ericson, vice president and research director at Dresner. “Governance forms that groundwork for building trust in information and accountability, and for providing a unifying platform for promoting information use.”

According to the firm’s research, 80% of organizations think it’s important to have faith in their data and are buying in to their data governance policies. Meanwhile, there’s a strong correlation between the success of BI projects and confidence in the quality of that data.

Still another important part of creating a culture that understands the importance of analytics is the presence of a chief analytics officer or chief data officer.

Ultimately, however, the return on investment in BI projects that organizations report provides the evidence of the importance of analytics.

Data collected by Dresner shows that 13% of respondents report an ROI of 24% or higher and an additional 64% of respondents report an ROI of at least 3%.

“There’s a massive majority of people who have found that their investments pay for themselves and only a tiny fraction where people have had some calamity and it’s not working out well,” said Chris von Simson, research director at Dresner. “For the most part, if you’ve got a lot of BI going on, you’re going to have some risky bets but you’re going to have some big, positive bets.”

That, von Simson added, means data should be present at every meeting and help drive every decision.

And that’s never been truer than now during the pandemic, according to Howard Dresner.

“You should be investing strategically in this notion of data-driven decision-making,” he said. “The pandemic has been very disruptive. We wish it didn’t happen, that’s for sure. A lot has been lost at so many levels. But it does serve as that wake-up call for organizations to take a hard look at how they’re leveraging data so they can do a better job.”

Go to Original Article
Author:

Microsoft plugs 2 zero-days on August Patch Tuesday

Microsoft shut down two zero-days, including one that had been publicly disclosed, as part of its security update releases for August Patch Tuesday.

In total, Microsoft addressed 120 unique vulnerabilities, with 17 of those rated critical. Technologies and products with security updates this month include both the HTML- and Chromium-based Microsoft Edge browsers, Microsoft’s ChakraCore JavaScript engine, Internet Explorer, Microsoft Scripting Engine, SQL Server, Microsoft JET Database Engine, .NET Framework, ASP.NET Core, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Windows Codecs Library and Microsoft Dynamics. This month marks the sixth in a row Microsoft addressed more than 100 unique vulnerabilities in its monthly security updates package.

Microsoft terminates two zero-days

One zero-day (CVE-2020-1464) fixed by the August Patch Tuesday releases is a Windows spoofing vulnerability rated important that would allow an attacker to sidestep the OS security features and load an improperly signed file. This bug affects all supported versions of Windows — as well as Windows 7 and Windows 2008/2008 R2 for customers who paid for Extended Security Update (ESU) licenses for continued support of these systems that reached end of life in January. A bug that allows a malicious actor to bypass this security feature could open the door to put malicious files on a Windows system.  

“Typically, files get signed by a trusted vendor, and that signature validation is critically important to a lot of security mechanisms,” said Chris Goettl, director of product management and security at Ivanti, a security and IT management vendor based in South Jordan, Utah. “The fact that an attacker can bypass that means that they can introduce improperly validated malicious files to the operating system, and technologies that should be able to validate based on signature might be able to be tricked because of this.”

Chris Goettl, director of product management and security, IvantiChris Goettl

Microsoft’s notes on this CVE lacked the usual details about potential attack scenarios, which seems to indicate an attacker would have some additional hurdles to take advantage of the flaw. This might be why a Windows zero-day also got a relatively low CVSS base score of 5.3.

“The attacker would need to execute an asset that is improperly signed, so it’s not something they can just send to somebody. Microsoft doesn’t really get into details about how some attacker might be able to take advantage of that,” Goettl said.

The second zero-day (CVE-2020-1380) is remote code execution vulnerability in the Microsoft Scripting Engine used in Internet Explorer 11 rated critical in Windows desktop systems and moderate on Windows Server 2008 R2, Windows Server 2012 and 2012 R2. Because the Microsoft Scripting Engine is also used in Microsoft Office, which widens the attack vector for this vulnerability.

“The vulnerability could be exploited a couple of different ways: by setting up a specially crafted website via advertisements that may be compromised, or it could be loaded up using an application or an Office document that uses the IE rendering,” Goettl said.

Windows Server hit by domain controller bug

Microsoft provided a lengthy description for handling CVE-2020-1472, a critical Netlogon elevation-of-privilege flaw affecting supported Windows Server OSes, including Windows Server 2008 and 2008 R2 for ESU customers. On an unpatched domain controller — the Active Directory component tasked with managing security authentication requests — an attacker could acquire domain administrator access without needing system credentials. 

Microsoft said it is using a “phased two-part rollout” to patch the bug with the first part of the deployment executed in the August Patch Tuesday security update.

“The updates will enable the [domain controllers] to protect Windows devices by default, log events for non-compliant device discovery, and have the option to enable protection for all domain-joined devices with explicit exceptions,” according to the CVE instructions.

Microsoft plans the second phase on February Patch Tuesday in 2021, which it calls “the transition into the enforcement phase.

“The [domain controllers] will be placed in enforcement mode, which requires all Windows and non-Windows devices to use secure Remote Procedure Call (RPC) with Netlogon secure channel or to explicitly allow the account by adding an exception for any non-compliant device,” the company wrote.

Goettl said administrators should begin testing the patch in a lab and testing it before the hard enforcement occurs, which requires all domain controllers — even those in read-only mode — to be updated. Microsoft provided further guidance in the support documentation at this link

Other notable corrections from August Patch Tuesday

  • Microsoft Outlook has two CVEs this month. CVE-2020-1483 is a memory-corruption vulnerability rated critical that could let an attacker run arbitrary code in the context of the current user using several different attack vectors, including the preview pane. CVE-2020-1493 is an information-disclosure vulnerability rated important that could let an attacker view a restricted file from the preview pane by sending it as a file attachment.
  • CVE-2020-1455 is a Microsoft SQL Server Management Studio denial-of-service vulnerability rated important that, if exploited, could let an attacker disrupt the use of the application.
  • The .NET Framework has two CVEs. CVE-2020-1046 is a critical remote code execution vulnerability that an attacker could use to control the unpatched system using a specially crafted file. CVE-2020-1476 is an important elevation-of-privilege vulnerability in ASP.NET or .NET web applications running on IIS that could let an attacker access restricted files.
  • Microsoft resolved an elevation-of-privilege vulnerability (CVE-2020-1337) rated important for supported Windows systems on both the client and server side. The patch resolved a lingering printer spooler issue that had been patched multiple times — most recently in May — but security researchers found a way to bypass the patch and gave a recent Black Hat USA presentation on the flaw, which has its origins in the Stuxnet worm from 2010. Despite public knowledge of the bug, Microsft’s CVE did not report this as publicly disclosed.

Go to Original Article
Author:

Microsoft plugs 2 zero-days on August Patch Tuesday

Microsoft shut down two zero-days, including one that had been publicly disclosed, as part of its security update releases for August Patch Tuesday.

In total, Microsoft addressed 120 unique vulnerabilities, with 17 of those rated critical. Technologies and products with security updates this month include both the HTML- and Chromium-based Microsoft Edge browsers, Microsoft’s ChakraCore JavaScript engine, Internet Explorer, Microsoft Scripting Engine, SQL Server, Microsoft JET Database Engine, .NET Framework, ASP.NET Core, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Windows Codecs Library and Microsoft Dynamics. This month marks the sixth in a row Microsoft addressed more than 100 unique vulnerabilities in its monthly security updates package.

Microsoft terminates two zero-days

One zero-day (CVE-2020-1464) fixed by the August Patch Tuesday releases is a Windows spoofing vulnerability rated important that would allow an attacker to sidestep the OS security features and load an improperly signed file. This bug affects all supported versions of Windows — as well as Windows 7 and Windows 2008/2008 R2 for customers who paid for Extended Security Update (ESU) licenses for continued support of these systems that reached end of life in January. A bug that allows a malicious actor to bypass this security feature could open the door to put malicious files on a Windows system.  

“Typically, files get signed by a trusted vendor, and that signature validation is critically important to a lot of security mechanisms,” said Chris Goettl, director of product management and security at Ivanti, a security and IT management vendor based in South Jordan, Utah. “The fact that an attacker can bypass that means that they can introduce improperly validated malicious files to the operating system, and technologies that should be able to validate based on signature might be able to be tricked because of this.”

Chris Goettl, director of product management and security, IvantiChris Goettl

Microsoft’s notes on this CVE lacked the usual details about potential attack scenarios, which seems to indicate an attacker would have some additional hurdles to take advantage of the flaw. This might be why a Windows zero-day also got a relatively low CVSS base score of 5.3.

“The attacker would need to execute an asset that is improperly signed, so it’s not something they can just send to somebody. Microsoft doesn’t really get into details about how some attacker might be able to take advantage of that,” Goettl said.

The second zero-day (CVE-2020-1380) is remote code execution vulnerability in the Microsoft Scripting Engine used in Internet Explorer 11 rated critical in Windows desktop systems and moderate on Windows Server 2008 R2, Windows Server 2012 and 2012 R2. Because the Microsoft Scripting Engine is also used in Microsoft Office, which widens the attack vector for this vulnerability.

“The vulnerability could be exploited a couple of different ways: by setting up a specially crafted website via advertisements that may be compromised, or it could be loaded up using an application or an Office document that uses the IE rendering,” Goettl said.

Windows Server hit by domain controller bug

Microsoft provided a lengthy description for handling CVE-2020-1472, a critical Netlogon elevation-of-privilege flaw affecting supported Windows Server OSes, including Windows Server 2008 and 2008 R2 for ESU customers. On an unpatched domain controller — the Active Directory component tasked with managing security authentication requests — an attacker could acquire domain administrator access without needing system credentials. 

Microsoft said it is using a “phased two-part rollout” to patch the bug with the first part of the deployment executed in the August Patch Tuesday security update.

“The updates will enable the [domain controllers] to protect Windows devices by default, log events for non-compliant device discovery, and have the option to enable protection for all domain-joined devices with explicit exceptions,” according to the CVE instructions.

Microsoft plans the second phase on February Patch Tuesday in 2021, which it calls “the transition into the enforcement phase.

“The [domain controllers] will be placed in enforcement mode, which requires all Windows and non-Windows devices to use secure Remote Procedure Call (RPC) with Netlogon secure channel or to explicitly allow the account by adding an exception for any non-compliant device,” the company wrote.

Goettl said administrators should begin testing the patch in a lab and testing it before the hard enforcement occurs, which requires all domain controllers — even those in read-only mode — to be updated. Microsoft provided further guidance in the support documentation at this link

Other notable corrections from August Patch Tuesday

  • Microsoft Outlook has two CVEs this month. CVE-2020-1483 is a memory-corruption vulnerability rated critical that could let an attacker run arbitrary code in the context of the current user using several different attack vectors, including the preview pane. CVE-2020-1493 is an information-disclosure vulnerability rated important that could let an attacker view a restricted file from the preview pane by sending it as a file attachment.
  • CVE-2020-1455 is a Microsoft SQL Server Management Studio denial-of-service vulnerability rated important that, if exploited, could let an attacker disrupt the use of the application.
  • The .NET Framework has two CVEs. CVE-2020-1046 is a critical remote code execution vulnerability that an attacker could use to control the unpatched system using a specially crafted file. CVE-2020-1476 is an important elevation-of-privilege vulnerability in ASP.NET or .NET web applications running on IIS that could let an attacker access restricted files.
  • Microsoft resolved an elevation-of-privilege vulnerability (CVE-2020-1337) rated important for supported Windows systems on both the client and server side. The patch resolved a lingering printer spooler issue that had been patched multiple times — most recently in May — but security researchers found a way to bypass the patch and gave a recent Black Hat USA presentation on the flaw, which has its origins in the Stuxnet worm from 2010. Despite public knowledge of the bug, Microsft’s CVE did not report this as publicly disclosed.

Go to Original Article
Author:

For Sale – Pack of two – TP-Link Deco M9 Plus Whole Home Mesh Wi-Fi – Brand new sealed

This thread post for the sale of this item has been prior approved by Moderator booyaka

==============================================

Pack of two – TP-Link Deco M9 Plus Whole Home Mesh Wi-Fi – Brand new sealed

I have had my TP Link Deco M9 Plus system replaced under warranty, by TP Link and Amazon (I have the amazon.co.uk invoice and can include it (but with my details redacted)

I ended up upgrading to an Asus Wifi6 system instead. So I have no need for this now.

Pack of two – TP-Link Deco M9 Plus Whole Home Mesh Wi-Fi – Brand new sealed

Includes:
> TP-Link Deco M9 Plus Whole Home Mesh Wi-Fi with Built-in Smart Home Hub, Up to 4500 sq ft Coverage – Pack of 2

Condition:
> Brand new – Sealed – Never opened
> Serial number will be recorded and sent to the buyer, along with a picture of their address next to the serial number
> Will ship via insured / Tracked courier delivery (will be parcel force 24hr or Royal mail special delivery 1pm which ever is cheaper)

I am looking for £205 delivered (payment via paypal gift or Bank transfer (prefered))

Go to Original Article
Author:

See the Future of Xbox on July 23 on the Xbox Games Showcase – Xbox Wire

The day you’ve been waiting for is nearly here: On Thursday, July 23 at 9 a.m. PT, we’ll be giving you a closer look at the future of gaming with the Xbox Games Showcase, including world premieres and updated looks at some of the games we’ve already revealed. And yes, that includes your first-ever look at campaign gameplay from Halo Infinite.

Xbox Game Studios is pushing the industry forward with a huge variety of games, all of which support services and features that put the player first, including Xbox Game Pass and Smart Delivery.

What’s more, our celebration of all things Xbox games will start with a Summer Game Fest pre-show beginning at 8 a.m. PT. Tune in for reveals, predictions, insights from YouTube creators, and more on some already-announced titles coming to Xbox. Hosted by Geoff Keighley, the Xbox Games Showcase pre-show will air on YouTube Gaming.

You’ll be able to watch the Xbox Games Showcase in a variety of ways. You can tune-in on:

On the Xbox YouTube channel, live language support for the Xbox Games Showcase will include Japanese, Korean, Spanish, Castilian Spanish, Brazilian Portuguese, French, German, Italian, Polish, Mandarin Chinese, Russian, and Arabic translations.

If you’re a content creator interested in hosting a watch-along or co-stream of the Xbox Games Showcase, or posting a reaction or recap after the show, know that Xbox is appreciative!

If you’ve never co-streamed before, be sure to follow your platform’s terms and guidelines, and look for tips on your stream setup. For example, Twitch has put together some top-line tips for content creators to get you started here. Keep an eye out for the new Master Chief emotes!

We hope you’ll join us as we take a closer look at the future of Xbox on Thursday, July 23 at 9 a.m. PT. If you can’t make it, don’t worry: you can check out highlights immediately following the show or view the whole Xbox Game Showcase on-demand soon after it airs.

We’ll see you next week!

Go to Original Article
Author: Microsoft News Center

For Sale – Macbook Pro 2009 2.53Ghz, 8GB, 250SSD and 9400M £150

Have had this since new but it has had very little use the last number of years. It has been upgraded to 8gb ram and ssd so it is still a great little machine. Outside of body has a number fine scores, but considering its age i’d say well below average. Keyboard and track pad are in excellent condition. Screen is unmarked but I have noticed a few dead pixels on the screen (highlighted in pics)

–– ADVERTISEMENT ––​

Battery cycle is showing as 300 and state as Normal. The charger can be a bit picky sometimes, but has been working fine when i’ve powered it up the last number of weeks however so ive priced this to factor in a decent charger from amazon (around £20) should you end up needing one.
Currently on El Capitan (the max it can officially support) but it can run the latest OSX Catalina through a patched loader.

Was originally going to trade this in at cex but as it wasnt the original apple hd they wouldnt take it, so it has sat unused again for the past number of months

I may also put this on ebay today as it is £1 final value fees

£150 delivered or 140 collected

Go to Original Article
Author: