Tag Archives: year

Vendor 3PM uses AI and analytics to prevent Black Friday fraud

The months and weeks leading up to Black Friday, one of the most hectic shopping days of the year, keeps e-commerce intelligence vendor 3PM Solutions busy.

“This is a very important time,” said Rob Dunkel, CEO of 3PM.

More people buy products and more retailers and individuals sell products online on Black Friday than on any other day, and the number of counterfeit products listed for sale skyrockets, Dunkel said. Chicago-based 3PM, with its platform built to collect, change and then analyze unstructured data, identifies potentially counterfeit products for its e-commerce clients so they can crack down on Black Friday fraud.

Founded in 2013, 3PM sells software that automatically combs through products and reviews to give its e-commerce clients a better snapshot of what customers are purchasing and why, as well as to protect brands and identify and take down counterfeit or misrepresented items.

The 3PM platform automatically scrapes public data off e-commerce websites, such as Amazon and eBay, Dunkel explained. Data includes customer reviews, product images and descriptions, and buyer and seller information.

No APIs are used, he said — instead, the platform collects data as it appears on e-commerce dealers’ websites using machine learning and natural language processing. The collected data is then brought into the platform and structured for its clients, some of which include major e-commerce players.

The process is continuous and encompasses billions of online product listings.

Google AI

Black Friday fraud, shopping
AI and analytics help prevent online shopping fraud on Black Friday and all year

The vendor uses a host of Google Cloud products to support its platform. A few years ago, 3PM left AWS for the Google Cloud Platform, after seeing the capabilities of Google Cloud Bigtable, a scalable, fully managed NoSQL database.

The database product was in beta testing then, Dunkel said. But, with its ability to handle huge workloads, it seemed perfect for 3PM.

Also, Dunkel said, 3PM was drawn to Google for its machine learning and AI products and tools available on the cloud.

Google Cloud Vision AI, alongside Google Cloud TPU, gives 3PM the ability to automatically classify and match images, for example.

“We’re heavy users of Google AI,” Dunkel said.

Preventing Black Friday fraud

Analyzing products in search of counterfeits is particularly important around Black Friday. Due to the sudden, massive increase in buyers and sellers during this holiday period, Black Friday fraud is common.

Using its platform, 3PM can identify fraudulent products for its clients and partners generally within four hours, Dunkel claimed. He offered an example.

Game of Thrones: Season 8 comes out on DVD and Blu-ray soon. Given the popularity of the show, and the expected demand for the season, it’s inevitable that some sellers will purposely mislist similar products to make them appear to be Season 8, to trick potential buyers. They could, for example, use clever descriptors or images to pass off a poster of Season 8 for the DVD.

So, said Dunkel, “We’ve been able to train the system to understand each title” of the different products, to automatically identify from the title what the product is.

We’re able to build and train our models to understand what is good and what is not.
Rob DunkelCEO, 3PM Solutions

Moreover, the platform can identify and compare a product listing’s image to a known image of the product, and scan for discrepancies using image recognition. Models can also read the descriptors and listing categories and compare them with other listings or with what the category is known to be. In the case of the Game of Thrones: Season 8, a category might be DVD. If the product lists as something else, 3PM issues a warning.

“We’re able to build and train our models to understand what is good and what is not,” Dunkel said.

The platform can also analyze product reviews. On certain e-commerce sites, third-party sellers can change their listings. They may have listed a specific product that racked up many positive reviews, but later changed the listing to a completely different product. Yet, the reviews stayed.

At first glance, then, the product seems to have high reviews. By reading through the reviews, it may become clear that the positive reviews were meant for a different product altogether. The 3PM platform can automatically read through reviews, and comb through the history of the listing, to detect that, Dunkel said.

While most Black Friday sellers are honest, Dunkel emphasized the importance of watching for Black Friday fraud.

“With Black Friday, with all the people shopping, consumers need to be more diligent,” he said. “Consumers need to take more steps to make sure they are buying an authentic product.”

Go to Original Article
Author:

Insights from one year of tracking a polymorphic threat – Microsoft Security

A little over a year ago, in October 2018, our polymorphic outbreak monitoring system detected a large surge in reports, indicating that a large-scale campaign was unfolding. We observed as the new threat attempted to deploy files that changed every 20-30 minutes on thousands of devices. We gave the threat the name “Dexphot,” based on certain characteristics of the malware code.

The Dexphot attack used a variety of sophisticated methods to evade security solutions. Layers of obfuscation, encryption, and the use of randomized file names hid the installation process. Dexphot then used fileless techniques to run malicious code directly in memory, leaving only a few traces that can be used for forensics. It hijacked legitimate system processes to disguise malicious activity. If not stopped, Dexphot ultimately ran a cryptocurrency miner on the device, with monitoring services and scheduled tasks triggering re-infection when defenders attempt to remove the malware.

In the months that followed, we closely tracked the threat and witnessed the attackers upgrade the malware, target new processes, and work around defensive measures:

Timeline of evolution of Dexphot malware

While Microsoft Defender Advanced Threat Protection’s pre-execution detection engines blocked Dexphot in most cases, behavior-based machine learning models provided protection for cases where the threat slipped through. Given the threat’s persistence mechanisms, polymorphism, and use of fileless techniques, behavior-based detection was a critical component of the comprehensive protection against this malware and other threats that exhibit similar malicious behaviors.

Microsoft Defender ATP data shows the effectiveness of behavioral blocking and containment capabilities in stopping the Dexphot campaign. Over time, Dexphot-related malicious behavior reports dropped to a low hum, as the threat lost steam.

Number of machines that encountered Dexphot over time

Our close monitoring of Dexphot helped us ensure that our customers were protected from the evolving threat. More importantly, one year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.

Complex attack chain

The early stages of a Dexphot infection involves numerous files and processes. During the execution stage, Dexphot writes five key files to disk:

  1. An installer with two URLs
  2. An MSI package file downloaded from one of the URLs
  3. A password-protected ZIP archive
  4. A loader DLL, which is extracted from the archive
  5. An encrypted data file that holds three additional executables that are loaded into system processes via process hollowing

Except for the installer, the other processes that run during execution are legitimate system processes. This can make detection and remediation more difficult. These legitimate system processes include msiexec.exe (for installing MSI packages), unzip.exe (for extracting files from the password-protected ZIP archive), rundll32.exe (for loading the loader DLL), schtasks.exe (for scheduled tasks), powershell.exe (for forced updates). In later stages, Dexphot targets a few other system processes for process hollowing: svchost.exe, tracert.exe, and setup.exe.

Dexphot attack chain

Multiple layers of security evasion

Based on Microsoft Defender ATP signals, SoftwareBundler:Win32/ICLoader and its variants are primarily used to drop and run the Dexphot installer. The installer uses two URLs to download malicious payloads. These are the same two URLs that Dexphot use later to establish persistence, update the malware, and re-infect the device.

The installer downloads an MSI package from one of the two URLs, and then launches msiexec.exe to perform a silent install. This is the first of several instances of Dexphot employing living-off-the-land techniques, the use of legitimate system processes for nefarious purposes.

Dexphot’s package often contains an obfuscated batch script. If the package contains this file, the script is the first thing that msiexec.exe runs when it begins the installation process. The said obfuscated script is designed to check for antivirus products. Dexphot halts the infection process immediately if an antivirus product is found running.

When we first began our research, the batch script only checked for antivirus products from Avast and AVG. Later, Windows Defender Antivirus was added to the checklist.

If the process is not halted, Dexphot decompresses the password-protected ZIP archive from the MSI package. The password to this archive is within the MSI package. Along with the password, the malware’s authors also include a clean version of unzip.exe so that they don’t have to rely on the target system having a ZIP utility. The unzip.exe file in the package is usually named various things, such as z.exe or ex.exe, to avoid scrutiny.

The ZIP archive usually contains three files: the loader DLL, an encrypted data file (usually named bin.dat), and, often, one clean unrelated DLL, which is likely included to mislead detection.

Dexphot usually extracts the decompressed files to the target system’s Favorites folder. The files are given new, random names, which are generated by concatenating words and numbers based on the time of execution (for example, C:UsersFavorites\Res.Center.ponse). The commands to generate the new names are also obfuscated, for example:

Msiexec.exe next calls rundll32.exe, specifying loader DLL (urlmon.7z in the example above) in order to decrypt the data file. The decryption process involves ADD and XOR operations, using a key hardcoded in the binary.

The decrypted data contains three executables. Unlike the files described earlier, these executables are never written to the filesystem. Instead, they exist only in memory, and Dexphot runs them by loading them into other system processes via process hollowing.

Stealthy execution through fileless techniques

Process hollowing is a technique that can hide malware within a legitimate system process. It replaces the contents of the legitimate process with malicious code. Detecting malicious code hidden using this method is not trivial, so process hollowing has become a prevalent technique used by malware today.

This method has the additional benefit of being fileless: the code can be run without actually being saved on the file system. Not only is it harder to detect the malicious code while it’s running, it’s harder to find useful forensics after the process has stopped.

To initiate process hollowing, the loader DLL targets two legitimate system processes, for example svchost.exe or nslookup.exe, and spawns them in a suspended state. The loader DLL replaces the contents of these processes with the first and second decrypted executables. These executables are monitoring services for maintaining Dexphot’s components. The now-malicious processes are released from suspension and run.

Next, the loader DLL targets the setup.exe file in SysWoW64. It removes setup.exe’s contents and replaces them with the third decrypted executable, a cryptocurrency miner. Although Dexphot always uses a cryptocurrency miner of some kind, it’s not always the same miner. It used different programs like XMRig and JCE Miner over the course of our research.

Persistence through regularly scheduled malware updates

The two monitoring services simultaneously check the status of all three malicious processes. Having dual monitoring services provides redundancy in case one of the monitoring processes is halted. If any of the processes are terminated, the monitors immediately identify the situation, terminate all remaining malicious processes, and re-infect the device. This forced update/re-infection process is started by a PowerShell command similar to the one below:

The monitoring components also detect freshly launched cmd.exe processes and terminate them promptly. As a final fail-safe, Dexphot uses schtasks.exe to create scheduled tasks, with the command below.

This persistence technique is interesting, because it employs two distinct MITRE ATT&CK techniques: Scheduled Task and Signed Binary Proxy Execution.

The scheduled tasks call msiexec.exe as a proxy to run the malicious code, much like how msiexec.exe was used during installation. Using msiexec.exe, a legitimate system process, can make it harder to trace the source of malicious activity.

Furthermore, the tasks allow Dexphot to conveniently update the payload from the web every time the tasks run. They automatically update all of Dexphot’s components, both upon system reboot as well as every 90 or 110 minutes while the system is running.

Dexphot also generates the names for the tasks at runtime, which means a simple block list of hardcoded task names will not be effective in preventing them from running. The names are usually in a GUID format, although after we released our first round of Dexphot-blocking protections, the threat authors began to use random strings.

The threat authors have one more evasion technique for these scheduled tasks: some Dexphot variants copy msiexec.exe to an arbitrary location and give it a random name, such as %AppData%.exe. This makes the system process running malicious code a literal moving target.

Polymorphism

Dexphot exhibits multiple layers of polymorphism across the binaries it distributes. For example, the MSI package used in the campaign contains different files, as shown in the table below. The MSI packages generally include a clean version of unzip.exe, a password-protected ZIP file, and a batch file that checks for currently installed antivirus products. However, the batch file is not always present, and the names of the ZIP files and Loader DLLs, as well as the password for extracting the ZIP file, all change from one package to the next.

In addition, the contents of each Loader DLL differs from package to package, as does the encrypted data included in the ZIP file. This leads to the generation of a different ZIP archive and, in turn, a unique MSI package, each time the attacker bundles the files together. Because of these carefully designed layers of polymorphism, a traditional file-based detection approach wouldn’t be effective against Dexphot.

MSI package ID MSI package contents Password for ZIP file Contents of encrypted ZIP
Unzip.exe name ZIP file name Batch file name Loader DLL file name Encrypted data name
MSI-1 ex.exe webUI.r0_ f.bat kjfhwehjkf IECache.dll bin.dat
MSI-2 ex.exe analog.tv f.bat ZvDagW kernel32.bin bin.dat
MSI-3 z.exe yandex.zip f.bat jeremy SetupUi.dll bin.dat
MSI-4 unzip.exe ERDNT.LOC.zip iso100 ERDNT.LOC data.bin
MSI-5 pck.exe mse.zip kika _steam.dll bin.dat
MSI-6 z.exe msi.zip arima ic64.dll bin.dat
MSI-7 z.exe mse.zip f.bat kika _steam.dll bin.dat
MSI-8 z.exe mse.zip kika _steam.dll bin.dat
MSI-9 z.exe yandex.zip f.bat jeremy SetupUi.dll bin.dat
MSI-10 hf.exe update.dat f.bat namr x32Frame.dll data.bin
MSI-11 z.exe yandex.zip f.bat jeremy SetupUi.dll bin.dat
MSI-12 unzip.exe PkgMgr.iso.zip pack PkgMgr.iso data.bin
MSI-13 ex.exe analog.tv f.bat kjfhwefkjwehjkf urlmon.7z bin.dat
MSI-14 ex.exe icon.ico f.bat ZDADW default.ocx bin.dat
MSI-15 hf.exe update.dat namr AvastFileRep.dll data.bin
MSI-16 pck.exe mse.zip f.bat kika _steam.dll bin.dat
MSI-17 z.exe mse.zip f.bat joft win2k.wim bin.dat
MSI-18 ex.exe plugin.cx f.bat ZDW _setup.ini bin.dat
MSI-19 hf.exe update.dat namr AvastFileRep.dll data.bin
MSI-20 ex.exe installers.msu f.bat 000cehjkf MSE.Engine.dll bin.dat
MSI-21 z.exe msi.zip f.bat arima ic64.dll bin.dat
MSI-22 z.exe archive00.x f.bat 00Jmsjeh20 chrome_watcher.dll bin.dat

A multitude of payload hosts

Besides tracking the files and processes that Dexphot uses to execute an attack, we have also been monitoring the domains used to host malicious payloads. The URLs used for hosting all follow a similar pattern. The domain address usually ends in a .info or .net TLD, while the file name for the actual payload consists of random characters, similar to the randomness previously seen being used to generate file names and scheduled tasks. Some examples from our research are shown in the table below.

Scheduled task name Download URL
hboavboja https://supe********709.info/xoslqzu.pdi
{C0B15B19-AB02-0A10-259B-1789B8BD78D6} https://fa*****r.com/jz5jmdouv4js.uoe
ytiazuceqeif https://supe********709.info/spkfuvjwadou.bbo
beoxlwayou https://rb*****.info/xgvylniu.feo
{F1B4C720-5A8B-8E97-8949-696A113E8BA5} https://emp*******winc.com/f85kr64p1s5k.naj
gxcxhbvlkie https://gu*****me.net/ssitocdfsiu.pef
{BE7FFC87-6635-429F-9F2D-CD3FD0E6DA51} https://sy*****.info/pasuuy/xqeilinooyesejou.oew
{0575F553-1277-FB0F-AF67-EB649EE04B39} https://sumb*******on.info/gbzycb.kiz
gposiiobhkwz https://gu*****me.net/uyuvmueie.hui
{EAABDEAC-2258-1340-6375-5D5C1B7CEA7F} https://refr*******r711.info/3WIfUntot.1Mb
zsayuuec https://gu*****me.net/dexaeuioiexpyva.dil
njibqhcq https://supe********709.info/aodoweuvmnamugu.fux
{22D36F35-F5C2-29D3-1CF1-C51AC19564A4} https://pr*****.info/ppaorpbafeualuwfx/hix.ayk
qeubpmnu https://gu*****me.net/ddssaizauuaxvt.cup
adeuuelv https://supe********709.info/tpneevqlqziee.okn
{0B44027E-7514-5EC6-CE79-26EB87434AEF} https://sy*****.info/huauroxaxhlvyyhp/xho.eqx
{5A29AFD9-63FD-9F5E-F249-5EC1F2238023} https://refr*******r711rb.info/s28ZXoDH4.78y
{C5C1D86D-44BB-8EAA-5CDC-26B37F92E411} https://fa*****r.com/rbvelfbflyvf.rws

Many of the URLs listed were in use for an extended period. However, the MSI packages hosted at each URL are frequently changed or updated. In addition, every few days more domains are generated to host more payloads. After a few months of monitoring, we were able to identify around 200 unique Dexphot domains.

Conclusion: Dynamic, comprehensive protection against increasingly complex everyday threats

Dexphot is not the type of attack that generates mainstream media attention; it’s one of the countless malware campaigns that are active at any given time. Its goal is a very common one in cybercriminal circles — to install a coin miner that silently steals computer resources and generates revenue for the attackers — yet Dexphot exemplifies the level of complexity and rate of evolution of even everyday threats, intent on evading protections and motivated to fly under the radar for the prospect of profit.

To combat threats, several next-generation protection engines in Microsoft Defender Advanced Threat Protection’s antivirus component detect and stop malicious techniques at multiple points along the attack chain. For Dexphot, machine learning-based detections in the cloud recognize and block the DLLs loaded by rundll32.exe, stopping the attack chain in its early stages. Memory scans detect and terminate the loading of malicious code hidden by process hollowing — including the monitoring processes that attempt to update the malware code and re-infect the machine via PowerShell commands.

Behavioral blocking and containment capabilities are especially effective in defeating Dexphot’s fileless techniques, detection evasion, and persistence mechanisms, including the periodic and boot-time attempts to update the malware via scheduled tasks. As mentioned, given the complexity of the attack chain and of Dexphot’s persistence methods, we released a remediation solution that prevents re-infection by removing artifacts.

Microsoft Defender ATP solutions for Dexphot attack

The detection, blocking, and remediation of Dexphot on endpoints are exposed in Microsoft Defender Security Center, where Microsoft Defender ATP’s rich capabilities like endpoint detection and response, automated investigation and remediation, and others enable security operations teams to investigate and remediate attacks in enterprise environments. With these capabilities, Microsoft Defender ATP provides comprehensive protection against Dexphot and the countless other complex and evolving threats that we face every day.

Sample indicators of compromise (IoCs)

Installer (SHA-256):
72acaf9ff8a43c68416884a3fff3b23e749b4bb8fb39e16f9976643360ed391f

MSI files (SHA-256):
22beffb61cbdc2e0c3eefaf068b498b63a193b239500dab25d03790c467379e3
65eac7f9b67ff69cefed288f563b4d77917c94c410c6c6c4e4390db66305ca2a
ba9467e0d63ba65bf10650a3c8d36cd292b3f846983032a44a835e5966bc7e88

Loader DLLs  (SHA-256):
537d7fe3b426827e40bbdd1d127ddb59effe1e9b3c160804df8922f92e0b366e
504cc403e0b83233f8d20c0c86b0611facc040b868964b4afbda3214a2c8e1c5
aa5c56fe01af091f07c56ac7cbd240948ea6482b6146e0d3848d450977dff152

Hazel Kim

Microsoft Defender ATP Research Team


Talk to us

Questions, concerns, or insights on this story? Join discussions at the Microsoft Defender ATP community.

Read all Microsoft security intelligence blog posts.

Follow us on Twitter @MsftSecIntel.

Go to Original Article
Author: Steve Clarke

For Sale – Ryzen 5 3600X, RTX 2060, 16GB RAM, 2.5TB Storage, Arctic Cooler & fans, warranty

For sale is my Gaming PC. Built early August this year with all new parts from Amazon and the like. Everything has warranty – from the balance of 1 year right up to 10 years for the fans. Have kept all the boxes, manuals, spare cabling etc. Happy to help with any warranty claims in the future, although how practical that would be I’m not sure but the offer is there. Will not split.

Simple reason for sale – I’ve caught the build bug and want to start from scratch again!

Case – NZXT H500 Mid tower ATX, Black with Blue bar, tempered glass side panel.
MOBO – MSI B450 PRO-VDH-PLUS M-ATX, running BIOS AGESA 1.0.0.4 (Beta). No WiFi/Bluetooth but there is a spare PCIe slot. I use a Powerline adapter.
CPU – AMD Ryzen 5 3600X (6 cores, 12 threads) plus unused stock cooler (Wraith Spire) – 3.8GHz/4.4GHz Boost.
Cooler – Arctic Freezer 34 eSports Duo, black with white fans, fitted using Arctic MX-4 thermal compound.
RAM – Corsair Vengeance LPX 16GB (2x8GB) DDR4 3200MHz C16 – Black.
PSU – Corsair TX550W 80+ Gold, semi-modular, black.
Storage (boot) – Crucial P1 512GB SSD NVMe PCIe M.2 SSD (located below GPU)
Storage (games) – Seagate Barracuda 3.5″ 2TB 7200rpm (located in the PSU shroud)
GPU – ZOTAC Geforce RTX 2060 – twin fans but not the “Twin fan” model if that makes sense, unless it is the same thing and I’ve misunderstood
Rear/Top exhaust fans (black/white) – 1 x 120mm Arctic F12 PWM PST + 1 x 120mm Arctic F12 PMW, replacing the stock 1x120mm NZXT exhaust fan (black), which I’ll also include.
Front intake fans (black/white) – 1 x 140mm Arctic F14 PWM PST + 1 x 140mm Arctic F14 PMW. Excellent air flow.
Lighting – 1 x non addressable RGB (12V) light strip magnetically fitted inside case roof. Use Mystic Light to change solid colour/effect – subtle and effective. Can easily be moved around the case or removed entirely. Subtle and effective – Im not into the RGB thing.
OS – Windows 10 Pro 64bit v1909. This is registered to me so I’d need to fully reset and install a clean, deactivated copy.

I have deliberately disabled (via BIOS) all boosting options – specifically MSI’s Game Boost and AMD’s Precision Boost 2/PBO, never overclocked.

Bearing this in mind and that I run at 1440p/144Hz at Very High/Ultra detail, I get well over 60FPS on anything eg. Doom 2016 @200FPS, Gears 5 @80-100FPS, BeamNG.drive @100+fps, latest COD MW @70-100FPS. Idles at <35dB and 35degrees, boots up in under 25 seconds. Absolutely no issues - would make a perfect PC for the gamer in your life, especially with Christmas approaching

Collection only – too much hassle/risk using a courier. Happy to demo but I’d then need time to fully reset.

Happy to answer any questions.

Go to Original Article
Author:

For Sale – 13″ MacBook Pro with Touch Bar (2019) – 128 GB SSD, Space Grey

Hi Guy’s,

For sale I have a 2019 13″ Macbook Pro with the Currys 3 year warranty (which includes accidental damage etc). Specification as found here: APPLE 13″ MacBook Pro with Touch Bar (2019) – 128 GB SSD, Space Grey

Initially purchased for my partner and her job at a local school. However out of the blue (and after 11 years) they have actually provided her with a pretty decent windows alternative which she is happy to use.

It’s only 8/9 weeks old. Hasn’t had much use at all. Approx 8 charge cycles (forgot to check before resetting sorry). But it really hasn’t been touched a great deal at all. It’s boxed and essentially looks ‘as new’ with not a mark or blemish.

In total we paid £1450 for the package including a trade in, plus the 3 year warranty as mentioned above. A great little machine that I have thought about keeping but it would only collect dust as I personally use Windows / Android. So thought I would offer it up here first.

Any questions, please feel free to ask away. Many thanks…

Go to Original Article
Author:

Guarding the shop: Rewind backup protects e-commerce data

It’s the most wonderful time of the year for e-commerce … that is, until your site goes down and customers can’t shop anymore.

That’s where Rewind backup comes in.

Rewind provides backup for e-commerce sites hosted on Shopify and BigCommerce.

“Most people don’t know they need a backup,” Rewind CEO Mike Potter said.

For example, an e-commerce business that uses Shopify and deletes a product or blog post is not covered just because it’s in the cloud. Similar to cloud-based applications such as Microsoft Office 365 and Salesforce, the provider protects its infrastructure, but not always your data.

However, in Office 365, for example, users have a place for deleted items that they can access if they delete an email by mistake. That’s not the case in a lot of e-commerce platforms where “there is no trash bin,” Potter said.

Potter, who is also a founder of Ottawa-based Rewind, said he’s lost data before, so he understands the pain. Launched four years ago, Rewind had one customer lose everything right before Christmas but restored the store to a safe point in time from before the incident.

As a way to bring the backup issue to the forefront, this holiday season Rewind is offering a free version of its data protection software. Rewind: One-Time enables retailers to conduct a free one-time backup of up to 10,000 products and related data in their online stores. The Rewind backup offer is available for BigCommerce and Shopify merchants.

After an incident, Rewind: One-Time users can restore their data to the time they installed the product.

There needs to be a way for everyone to have protection in this holiday season.
Mike PotterCEO, Rewind

The one-time backup for BigCommerce includes product, brand, category, option set and option data, while the Shopify backup includes products, product images, custom collections and smart collections. The backups are stored indefinitely in the Rewind Vault, which is hosted in various Amazon regions. Data is encrypted in transit and at rest.

It’s the first time Rewind has offered this one-time backup.

“There needs to be a way for everyone to have protection in this holiday season,” Potter said.

A jump forward with Rewind backup

For Crossrope, an online jump rope seller and workout provider based in Raleigh, N.C., “it’s the biggest season of the year,” said digital marketing specialist Andy Lam.

“To have Rewind as a tool for backing up, it just gives us peace of mind,” Lam said.

Before adopting Rewind, one afternoon at the end of a workday, Crossrope made a change to its theme code that broke the site. Customers couldn’t add items to their carts and the company lost out on orders and revenue in the process.

The company had a manual backup saved from 30 days prior and spent a lot of time trying to restore the site manually.

“That kickstarted trying to find a better solution,” Lam said.

Crossrope heard from BigCommerce, its e-commerce platform of choice, about Rewind backup. It was the first backup company that Crossrope contacted.

“Because they were a full-fledged cloud backup tool, it was a no-brainer,” Lam said.

Now if there are any incorrect changes like the previous incident, Crossrope can “rewind” to a known good point in time, in just a couple of clicks. The company has been using Rewind backup for about four months and hasn’t had a major incident. Rewind performs daily backups for Crossrope, which Lam said is enough.

Screenshot of Rewind backup
Rewind backup enables merchants to restore their stores to a safe point in time.

“Now we feel safe,” Lam said. “I know they’re covering a lot of bases for us.”

While Rewind can restore the code in a couple of clicks, Lam said he is hoping the backup vendor can speed up product restoration.

A Rewind recap

Though e-commerce data loss can result from malicious acts and third-party integrations, human error is a common cause.

“We’ve seen everything,” Potter said. (Think of a cat jumping on a keyboard.) “You don’t get any warnings you’re going to have a disaster.”

Rewind claims more than 10,000 small and medium-sized enterprises as customers.

If they want backups more recent than the one-time protection, Rewind: One-Time users can upgrade to one of the paid options during the holiday season or beyond. Pricing ranges from $9 to $299 per month, depending on the size of the store and the number of orders. Many customers perform a daily Rewind backup, Potter said.

The Rewind: One-Time offer is available through Dec. 31, 2019. Customers who use it will have access to that backup indefinitely.

Rewind also provides backup for Mailchimp email marketing and QuickBooks Online accounting data.

Go to Original Article
Author:

For Sale – Apple MacBook Pro 15” 2.9 GHz Intel Core i9, 32GB 2400 MHz DDR4, Radeon Pro 560X 4GB, 1TB SSD. Screen water damage :(

I bought this last year – October 08 2108 at Apple Bluwater at a retail cost of £3689. I’m upgrading as I need more internal storage. I use it regularly, switching between my desktop machine and the laptop. It all works perfectly – with one flaw – the screen (see below).

The bad news is that the screen has water damage when I got caught in the rain and my laptop bag leaked. Despite a careful drying out process, there are spots on the screen which refuse to go away. It looks much worse on light screens than on dark (see attached pics) but doesn’t affect the performance at all. It doesn’t bother me and I often use an external screen anyway when I’m doing my heavy graphics work or use my desktop iMac. This was a couple of months ago and I’ve been using it every day since then. I’ve had repair quotes of about £580 but didn’t want to be without my machine for any length of time so didn’t bother.

You are welcome to test the machine to check it out and it all comes with the original box and power adaptor. I can also provide proof of purchase as well if necessary. Allowing for the water damage, I’m after £2150. Similar perfect machines seem to be around the £3000 mark so there is a saving even if you decided to get the screen fixed.

I haven’t ordered my new machine yet but just wanted to test the water first with this before committing to buy the new machine. If a deal is agreed, you may need to wait a few days for my new machine to arrive.

I would prefer collection as the buyer can then check the machine fully to be confident in his / her purchase.

Go to Original Article
Author:

For Sale – Dell XPS 9333

For sale my 4 year old dell xps. I have recently switched to a mac so selling this now as its still got plenty life left in it.
The battery was recently replaced and its also had an upgrade to 256 samsung evo ssd.
Its in perfect working condition. The screen has no marks or scratches on it.
the only bit of of damage is on the top left corner on the outside which happened when it was nearly new. It doesnt effect its functioning at all.

Specs are as follows:
Intel core i5
8 GB RAM
Screen: 13.3-inch 1920 x 1080 with 10-finger touch support
Ports: 2 USB 3.0 (both with charging), mini DisplayPort, headphone/mic jack
Connectivity: Intel dual-band 802.11ac Wi-Fi, Bluetooth 4.0
Webcam: HD widescreen camera with dual microphone array
Weight: 3.03 pounds

Go to Original Article
Author:

For Sale – Apple MacBook Pro 15” 2.9 GHz Intel Core i9, 32GB 2400 MHz DDR4, Radeon Pro 560X 4GB, 1TB SSD. Screen water damage :(

I bought this last year – October 08 2108 at Apple Bluwater at a retail cost of £3689. I’m upgrading as I need more internal storage. I use it regularly, switching between my desktop machine and the laptop. It all works perfectly – with one flaw – the screen (see below).

The bad news is that the screen has water damage when I got caught in the rain and my laptop bag leaked. Despite a careful drying out process, there are spots on the screen which refuse to go away. It looks much worse on light screens than on dark (see attached pics) but doesn’t affect the performance at all. It doesn’t bother me and I often use an external screen anyway when I’m doing my heavy graphics work or use my desktop iMac. This was a couple of months ago and I’ve been using it every day since then. I’ve had repair quotes of about £580 but didn’t want to be without my machine for any length of time so didn’t bother.

You are welcome to test the machine to check it out and it all comes with the original box and power adaptor. I can also provide proof of purchase as well if necessary. Allowing for the water damage, I’m after £2150. Similar perfect machines seem to be around the £3000 mark so there is a saving even if you decided to get the screen fixed.

I haven’t ordered my new machine yet but just wanted to test the water first with this before committing to buy the new machine. If a deal is agreed, you may need to wait a few days for my new machine to arrive.

I would prefer collection as the buyer can then check the machine fully to be confident in his / her purchase.

Go to Original Article
Author:

For Sale – Dell XPS 9333

For sale my 4 year old dell xps. I have recently switched to a mac so selling this now as its still got plenty life left in it.
The battery was recently replaced and its also had an upgrade to 256 samsung evo ssd.
Its in perfect working condition. The screen has no marks or scratches on it.
the only bit of of damage is on the top left corner on the outside which happened when it was nearly new. It doesnt effect its functioning at all.

Specs are as follows:
Intel core i5
8 GB RAM
Screen: 13.3-inch 1920 x 1080 with 10-finger touch support
Ports: 2 USB 3.0 (both with charging), mini DisplayPort, headphone/mic jack
Connectivity: Intel dual-band 802.11ac Wi-Fi, Bluetooth 4.0
Webcam: HD widescreen camera with dual microphone array
Weight: 3.03 pounds

Go to Original Article
Author:

Tallying the momentous growth and continued expansion of Dynamics 365 and the Power Platform – The Official Microsoft Blog

We’ve seen incredible growth of Dynamics 365 and the Power Platform just in the past year. This momentum is driving a massive investment in people and breakthrough technologies that will empower organizations to transform in the next decade.

We have allocated hundreds of millions of dollars in our business cloud that power business transformation across markets and industries and help organizations solve difficult problems.

This fiscal year we are also heavily investing in the people that bring Dynamics 365 and the Power Platform to life — a rapidly growing global network of experts, from engineers and researchers to sales and marketing professionals. Side-by-side with our incredible partner community, the people that power innovation at Microsoft will fuel transformational experiences for our customers into the next decade.

Accelerating innovation across industries

In every industry, I hear about the struggle to transform from a reactive to proactive organization that can respond to changes in the market, customer needs, and even within their own business. When I talk to customers who have rolled out Dynamics 365 and the Power Platform, the conversation shifts to the breakthrough outcomes they’ve achieved, often in very short time frames.

Customers talk about our unique ability to connect data holistically across departments and teams — with AI-powered insights to drive better outcomes. Let me share a few examples.

This year we’ve focused on a new vision for retail that unifies back office, in-store and digital experiences. One of Washington state’s founding wineries — Ste. Michelle Wine Estates — is onboarding Dynamics 365 Commerce to bridge physical and digital channels, streamline operations with cloud intelligence and continue building brand loyalty with hyper-personalized customer experiences.

When I talk to manufacturers, we often zero in on ways to bring more efficiency to the factory floor and supply chain. Again, it’s our ability to harness data from physical and digital worlds, reason over it with AI-infused insights, that opens doors to new possibilities. For example, Majans, the Australian-based snackfood company, is creating the factory of the future with the help of Microsoft Dynamics 365 Supply Chain Management, Power BI and Azure IoT Hub — bringing Internet of Things (IoT) intelligence to every step in the supply chain, from quality control on the production floor to key performance indicators to track future investments. When everyone relies on a single source of truth about production, inventory and sales performance, decisions employees make drive the same outcome — all made possible on our connected business cloud.

These connected experiences extend to emerging technologies that bridge digital and physical worlds, such as our investment in mixed reality. We’re working with companies like PACCAR — manufacturer of premium trucks — to improve manufacturing productivity and employee training using Dynamics 365 Guides and HoloLens 2, as well as Siemens to enable technicians to service its eHighway — an electrified freight transport system — by completing service steps with hands-free efficiency using HoloLens and two-way communication and documentation in Dynamics 365 Field Service.

For many of our customers, the journey to Dynamics 365 and the Power Platform started with a need for more personalized customer experiences. Our customer data platform (CDP) featuring Dynamics 365 Customer Insights, is helping Tivoli Gardens — one of the world’s longest-running amusement parks — personalize guest experiences across every touchpoint — on the website, at the hotel and in the park.  Marston’s has onboarded Dynamics 365 Sales and Customer Insights to unify guest data and infuse personalized experiences across its 1,500-plus pubs across the U.K.

The value of Dynamics 365 is compounded when coupled with the Power Platform. In late 2019, there are over 3 million monthly active developers on the Power Platform, from non-technical “citizen developers” to Microsoft partners developing world-class, customized apps. In the last year, we’ve seen a 700% growth in Power Apps production apps and a 300% growth in monthly active users. All of those users generate a ton of data, with more than 25 billion Power Automate steps run each day and 25 million data models hosted in the Power BI service.

The impact of the Power Platform is shared in the stories our customers share with us. TruGreen, one of the largest lawn care companies in the U.S., onboarded Dynamics 365 Customer Insights and the Microsoft Power Platform to provide more proactive and predictive services to customers, freeing employees to spend more time on higher value tasks and complex customer issue resolution. And the American Red Cross is leveraging Power Platform integration with Teams to improve disaster response times.

From the Fortune 500 companies below to the thousands of small and medium sized businesses, city and state governments, schools and colleges and nonprofit organizations — Dynamics 365 and the Microsoft Cloud are driving transformative success delivering on business outcomes.

24 business logos of Microsoft partners

Partnering to drive customer success

We can’t talk about growth and momentum of Dynamics 365 and Power Platform without spotlighting our partner community — from ISVs to System Integrators that are the lifeblood of driving scale for our business. We launched new programs, such as the new ISV Connect Program, to help partners get Dynamics 365 and Power Apps solutions to market faster.

Want to empower the next generation of connected cloud business? Join our team!

The incredible momentum of Dynamics 365 and Power Platform means our team is growing, too. In markets around the globe, we’re looking for people who want to make a difference and take their career to the next level by helping global organizations digitally transform on Microsoft Dynamics 365 and the Power Platform. If you’re interested in joining our rapidly growing team, we’re hiring across a wealth of disciplines, from engineering to technical sales, in markets across the globe. Visit careers.microsoft.com to explore business applications specialist career opportunities.

Tags: , ,

Go to Original Article
Author: Microsoft News Center