Tag Archives: overhaul

GandCrab ransomware adds NSA tools for faster spreading

With version 4, GandCrab ransomware has undergone a major overhaul, adding an NSA exploit to help spread and targeting a larger set of systems.

The updated GandCrab ransomware was first discovered earlier this month, but researchers are just now learning the extent of the changes. The code structure of the GandCrab ransomware was completely rewritten. And, according to Kevin Beaumont, a security architect based in the U.K., the malware now uses the EternalBlue National Security Agency (NSA) exploit to target SMB vulnerabilities and spread faster.

“It no longer needs a C2 server (it can operate in airgapped environments, for example) and it now spreads via an SMB exploit – including on XP and Windows Server 2003 (along with modern operating systems),” Beaumont wrote in a blog post. “As far as I’m aware, this is the first ransomware true worm which spreads to XP and 2003 – you may remember much press coverage and speculation about WannaCry and XP, but the reality was the NSA SMB exploit (EternalBlue.exe) never worked against XP targets out of the box.”

Joie Salvio, senior threat researcher at Fortinet, based in Sunnyvale, Calif., found the GandCrab ransomware was being spread to targets via spam email and malicious WordPress sites and noted another major change to the code.

“The biggest change, however, is the switch from using RSA-2048 to the much faster Salsa20 stream cipher to encrypt data, which had also been used by the Petya ransomware in the past,” Salvio wrote in the analysis. “Furthermore, it has done away with connecting to its C2 server before it can encrypt its victims’ file, which means it is now able to encrypt users that are not connected to the Internet.”

However, the GandCrab ransomware appears to specifically target users in Russian-speaking regions. Fortinet found the malware checks the system for use of the Russian keyboard layout before it continues with the infection.

Despite the overhaul of the GandCrab ransomware and the expanded systems being targeted, Beaumont and Salvio both said basic cyber hygiene should be enough to protect users from attack. This includes installing the EternalBlue patch released by Microsoft, keeping antivirus up-to-date and disabling SMB version 1 altogether, which is advice that has been repeated by various outlets, including US-CERT, since the initial WannaCry attacks began.

Salesforce Quip gets a facelift

SAN FRANCISCO — Salesforce launched a major overhaul of the Quip collaboration tool it acquired in July 2016….

“;
}
});

/**
* remove unnecessary class from ul
*/
$(“#inlineregform”).find( “ul” ).removeClass(“default-list”);

/**
* Replace “errorMessageInput” class with “sign-up-error-msg” class
*/
function renameErrorMsgClass() {
$(“.errorMessageInput”).each(function() {
if ($(this).hasClass(“hidden”)) {
$(this).removeClass(“errorMessageInput hidden”).addClass(“sign-up-error-msg hidden”);
} else {
$(this).removeClass(“errorMessageInput”).addClass(“sign-up-error-msg”);
}
});
}

/**
* when validation function is called, replace “errorMessageInput” with “sign-up-error-msg”
* before return
*/
function validateThis(v, form) {
var validateReturn = urValidation.validate(v, form);
renameErrorMsgClass();
return validateReturn;
}

/**
* DoC pop-up window js – included in moScripts.js which is not included in responsive page
*/
$(“#inlineRegistration”).on(“click”,”a.consentWindow”, function(e) {
window.open(this.href, “Consent”, “width=500,height=600,scrollbars=1”);
e.preventDefault();
});

The core concept behind the new version is organizing everything related to a project in one tab.

This, Salesforce hopes, can reduce the friction associated with clicking through different browser tabs associated with email, chat, cloud storage, shared spreadsheets and other Salesforce apps a company may have integrated into its CRM platform

First launched in 2013, Salesforce Quip enables users to collaboratively chat and work on shared documents and spreadsheets. Salesforce calls the latest update, announced at the annual Dreamforce user conference, the Salesforce Quip Collaboration Platform. It enables users to bring a wide variety of live applications onto a single canvas.

A project manager can customize the widgets associated with a project and provide team members with the permissions required to make changes. All the updates to this page can be automatically reflected in the appropriate Salesforce database in an auditable and, if necessary, reversible manner.

Focus on a single canvas

Collaborative interfaces are certainly not new, but the team behind Quip has a lot of experience in launching some of the most successful apps on the web, including Google Maps, FriendFeed and the Google App Engine.

The team leveraged this experience to create a core set of Quip widgets called Live Apps, as well as an API that enables third-party developers to add new widgets to the platform. The individual apps were developed by DocuSign, Lucidchart, New Relic Inc., Altify and others. Now that the platform is live, more apps are expected to be developed. Current Salesforce apps include Salesforce records, calendars, Kanban boards, shared documents and chat.

View of Quip dashboard and examples of mobile layout
A screenshot of the Salesforce Quip dashboard and mobile features

The Altify app enables teams to include a widget to map out the relationships inside a customer opportunity. The New Relic app enables a marketing team to track website performance during big events, like Black Friday sales, so that the sales and engineering teams can collaboratively make changes during the campaigns.

A project manager can also create a Quip workbook that best matches their team’s process. A single workbook can include a marketing budget, marketing goals and marketing documents, all in one place.

Collaborating on a better film

Salesforce Quip is used by 29,000 employees at 21st Century Fox Inc. to manage film production, sales and marketing. Creatives use it to track scripts or call sheets associated with TV and movie productions. All changes are made to a document of record in one place so that everyone is working on the same version. This reduces the burden of trying to weave changes made to different versions of a document into the master.

What’s particularly intriguing is the level of granularity with which participants can reference data in the apps. For example, 21th Century Fox producers use Quip for reviewing film dailies, and they can tie a chat to an arrow pointing to a specific object in a video frame. This saves them time because everyone involved can look at the exact video frame in the footage without having to open another window and manually look for it.

Creating a new experience layer to drive process

Salesforce Quip represents an example of driving better workflow by improving the user experience layer.

Twenty years ago, enterprises talked about process. Now, we have moved to engagement. If I create the right engagement mechanism, the process is a byproduct of that.
Paul Gaynorpartner, PricewaterhouseCoopers

headshot of Paul GaynorPaul Gaynor

“The experience could be a customer, employee or partner experience,” said Paul Gaynor, partner at PricewaterhouseCoopers LLC, at Dreamforce. “A focus on the experience layer allows enterprises not to focus so much on the process, [but on] how to bring about engagement. Twenty years ago, enterprises talked about process. Now, we have moved to engagement. If I create the right engagement mechanism, the process is a byproduct of that.”

The key is to hide the complexity from users.

“Behind the scenes, we want to apply AI, machine learning and the capability to bring multiple data repositories together, either in the public or private cloud, and have them merge,” Gaynor said. “If I create the right enablement, then the process naturally follows.”

Turning business into a team sport

“Complex enterprise selling is a team sport,” said Anthony Reynolds, CEO of Altify, referring to the difficulty of a company selling its products or services to large organizations.

It’s too easy for teams on all kinds of projects to get bogged down in the minutia and friction of moving between different apps. The promise of Quip is to make any enterprise process a team sport. The idea of a team sitting around a single screen related to a campaign sounds a lot more exciting than separate individuals trying to keep up with a flurry of emails, chats and various app notifications.

Leading sales organizations are starting to adopt a more collaborative approach to selling to larger customers. Account-based marking (ABM) has emerged as a way of customizing the marketing message to address the unique needs of all the stakeholders in a target opportunity. But this requires a high level of collaboration between all the employees involved in customizing the marketing communication and sales strategy for the target customer.

headshot of Anthony ReynoldsAnthony Reynolds

“A company can’t really be successful with their ABM strategy unless it is tightly coupled with an account-based selling strategy,” Reynolds explained. “Account-based marketing starts with [a] better understanding of a company’s unique needs to enable a custom engagement. Altify allows an organization to cleanly execute the handoff from marketing to sales teams so they can effectively position value, connect to power and get a deal done.”

Salesforce Quip is still in its early phases compared to traditional communication channels, like email and chat. Reynolds estimates that about 10% of Altify’s customers are using Quip today, while another 25% are exploring it.

Note: TechTarget offers ABM and project intelligence data and tool services.

Cisco revenues fall, likely to go lower

Cisco’s latest earnings report reflects the pains of a legacy vendor struggling to overhaul an outdated business model while rivals chip away at its market share.

Overall Cisco revenues dropped 4% year over year for the quarter ended July 29, to $12.1 billion, the company reported this week. Cisco expected the decline to continue in the current quarter, forecasting a reduction of between 1% and 3%. The drop in the October quarter would mark nearly two straight years of declines.

Cisco’s troubles are mostly due to the steady weakening of its switching business — the company’s largest. Sales of switches in the July quarter fell 9%. The company reported the same decline in its router business, another important hardware line.

Falling Cisco revenues show rivals cutting into market share

While Cisco stumbled, switching rivals Arista Networks and Juniper Networks reported double-digit growth in their June quarters.

Rivals are chipping away at Cisco, for sure,” said Glenn O’Donnell, an analyst at Forrester Research. “In many ways, they [rivals] are reacting more effectively at what the market really needs.”

Cisco’s competitors have been more successful at selling to cloud and communication service providers that favor products less likely to tie them to a single vendor. At the same time, enterprises — Cisco’s core customers — are buying fewer switches, as they migrate more software to cloud providers.

“Cisco’s decline in their core market is another signal that the general networking vendor is an old business model,” said Andre Kindness, an analyst at Forrester.

Cisco’s solution to revenue drop

Cisco understands its dilemma and is gradually moving away from its legacy hardware approach to networking. The company has introduced software that centralizes network control, so operators no longer have to make changes box by box.

In June, Cisco introduced a central software console, called the Digital Network Architecture Center, for managing a campus network. The hardware underpinning is a new line of Catalyst switches, called the 9000 Series.

Cisco’s decline in their core market is another signal that the general networking vendor is an old business model.
Andre Kindnessanalyst at Forrester Research

Cisco attributed its latest drop in switch revenue to the product launch. “Anytime we do a major platform announcement, particularly in switching, there is a period of time where our customers pause because they want to understand what this means,” Cisco CEO Chuck Robbins told financial analysts following the latest earnings report.

Within the enterprise data center — Cisco’s historic sweet spot — the company has been pushing customers to switch to its software-defined networking platform, called Application Centric Infrastructure. ACI is also dependent on Cisco hardware, namely the Nexus 9000 Series of switches.

Enterprise adoption of ACI, which Cisco started shipping in 2014, has been slow, according to analysts. In February, Gartner reported that only 30% of companies buying Nexus 9000 switches were also using ACI.

Forrester has found that many businesses are choosing VMware’s competing NSX because it requires fewer architectural changes within the data center. “Cisco ACI is an all-or-nothing proposition,” Kindness said.

Also, ACI is less flexible when working with third-party appliance vendors. Companies using ACI are often limited to products from Cisco partners for load balancing and firewalls.

“My clients don’t want to have one vendor dictate the other vendors,” Kindness said.

Cisco revenues from security slow

To mitigate its troubles in networking, Cisco has been focusing on high-growth areas in the tech industry, such as the internet of things, technology for connecting data centers to the cloud and security. In security, Cisco’s revenues failed to meet analysts’ expectations for the July quarter, reporting 3% growth, which was significantly less than the 16% increase a year ago and the 9% growth in the previous quarter.

Despite the slowdown, Robbins said he had “zero concerns about the business,” because the company has recently recorded “some of the strongest order growth as we’ve seen in the last two years.”

Cisco’s approach to security is to sell it as part of an overall purchase of networking infrastructure, and not as a solo product. As a result, security sales will tend to move up or down depending on sales of switches and other products.

“I think we should wait a few quarters to see where this goes,” said Patrick Moorhead, an analyst with Moor Insights & Strategy, based in Austin, Texas. “The security products are so linked to their networking products that we didn’t see the numbers that the street [Wall Street] had expected.”

If Moorhead has it right, then security sales will improve as sales of switches head north. But indicators are Cisco has yet to reach the bottom.