Microsoft: A Leader in hybrid work solutions across 22 analyst reports

Microsoft: A Leader in hybrid work solutions across 22 analyst reports

This article is contributed. See the original author and article here.

The last two years have proven that every organization needs a digital fabric that connects the entire organization—from the boardroom to the frontline, and from internal teams to customers and partners. No company is better positioned to help organizations meet the demands of hybrid work than Microsoft. As the future of work unfolds, industry analysts…

The post Microsoft: A Leader in hybrid work solutions across 22 analyst reports appeared first on Microsoft 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Dynamics 365 Sales release wave 1: Simplifying the things that matter

Dynamics 365 Sales release wave 1: Simplifying the things that matter

This article is contributed. See the original author and article here.

Selling isn’t easy. If you were to take five minutes to ask a salesperson what makes selling so challenging, you’d quickly find that you don’t have nearly enough time to cover it all.

One thing is constant for sellerstime is in short supply. In a day, sellers are managing leads, tracking performance metrics, and collaborating with team members scattered far and wide, while at the same, delivering a blend of digital and personalized experiences to customers throughout their journey. Consequently, sellers need their data to work for them and ensure they can focus on their highest priorities.

That’s why for the Dynamics 365 Sales 2022 release wave 1, we are focused on streamlining the seller experience by elevating collaboration tools even more and expanding intelligence capabilities so that every seller can make faster use of their data, reclaim their time, and be more productive with customers.

Our approach targets three areas to improve the sales team’s experiences and empower them to achieve even more than before:

  • Guide sellers with intelligence
  • Make collaboration even easier
  • Thrive with more productive tools

Let’s take a closer look at what’s in store for sellers in the weeks and months ahead.

Guide sellers with intelligence

What if we told you that sellers could take some of the guesswork out of their day-to-day workflows? With this release wave, we’re rolling out updates to guide sellers to connect with the right customers, capture interactions to help sellers focus on winning deals, and provide comprehensive insights into their pipelines and improve the predictability of revenue forecasts.

Guide sellers with predictive analytics and automation. Over the coming months, features for Sales Accelerator will become available thereby enabling sellers (using sales enterprise or premium) to have a single workspace to help them close more deals. New capabilities include enhanced worklist features to prioritize your work, new AI-based models to improve data quality, streamlined sequences creation, and activity management, including sequence templates based on industry best practices. These features will help guide sellers on how to prioritize and connect with the right customer, assist them on executing consistently though out the customer journey, and give them the ability to choose the right engagement plan for their prospects and customers.

graphical user interface, text, application

Capture every interaction with Conversation Intelligence. Get the right insight, at the right time and at the right place with Conversation Intelligence. Sellers will now be able to capture every customer interaction and get real-time business insights on the platform or channel of their choice. They will get real-time content suggestions while on calls and insights to learn how call performance affects call outcomes. These capabilities are in preview now and will be released to general availability in September 2022.

Predictive pipeline scoring. Available now in general availability, sellers can now assign scoring attributes per sales stage and see the number of days since the deal has moved, and quickly understand how the stagnation impacts the score of the deal. This helps sellers determine the right next step to take to move the deal forward.

Enhanced forecasting. Provide sales teams with predictability to their revenue forecasts, and a workspace that provides comprehensive views and insights into their sales pipeline. Now in general availability, sales teams can streamline forecasting workflows by setting the default view. Now teams can quickly access sales projections, freeing up time to focus on customers.

Make collaboration even easier

Let’s face itthese days to sell well you need a hyperconnected team. From customer relationship management (CRM) to email to messaging apps, sales teams rely on a lot of tools to get their jobs done. That’s why we focused on enhancing the connection between Dynamics 365 Sales and Microsoft Teams to ensure teams can collaborate more easily and be more productive.

Tighter Teams experience. Sales teams will now be able to easily associate Teams meetings with Dynamics 365 Sales records allowing for even more productive meetings. Sales teams can capture notes and tasks, as well as quickly access and update records, right within the Teams interface. This feature will become generally available beginning in September.

a screenshot of a computer screen

Embedded Teams chat in Dynamics 365. Now sellers can stay within their CRM workflow while collaborating with their stakeholders with the Teams-embedded chat experience to ensure context remains front and center.

Thrive with more productive tools

Finally, sellers are now enabled to better keep their finger on the pulse of customer relationships and introduce automation into their sales processes that didn’t exist before.

Rich messaging with Dynamics data. Not all sales conversations initiate from Dynamics. Users need a way to bring business context into conversations when and where they are initiated. We now enable sellers to share and interact with Dynamics 365 Sales records directly in the Teams message.

graphical user interface, application, Teams

Discover hidden accounts and contacts. With predictive relationship intelligence, sales teams can query their entire network based on interactions gleaned from Dynamics 365 Sales and Exchange to uncover hidden relationships, obtain introductions, and accelerate opportunities.

Simplify day-to-day sales activities. With the built-in Sales Hub app, sellers can get their ideal selling experience. Sales Hub is designed to simplify your day-to-day sales activities providing sellers vital information in one place, unblocking them to focus on key activities and tasks that require attention.

Learn more

These are just a few features we’re rolling out for Dynamics 365 release wave 1. To go deeper into our newest features for Dynamics 365 Sales, click on the links to these online documentation and video resources.

If you are not yet a Dynamics 365 Sales customer, check out our Dynamics 365 Sales webpage where you can take a guided tour or get a free 30-day trial.

The post Dynamics 365 Sales release wave 1: Simplifying the things that matter appeared first on Microsoft Dynamics 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Meet Riny van Eekelen, Excel Forum Contributor

Meet Riny van Eekelen, Excel Forum Contributor

This article is contributed. See the original author and article here.

The Excel Tech Community forum is where anyone can ask questions and get answers about Excel. The incredible forum contributors are the superheroes always ready to help others tackle their toughest Excel challenges. Today, we’d like you to meet Riny van Eekelen.


 


Riny van EekelenRiny van Eekelen


 


Riny grew up in The Netherlands and always knew that he would become an accountant, even from a young age. He would follow through with this dream and eventually work his way up to become the CFO for several companies in The Netherlands.


 


In 2011, he started his own consulting business after moving to Sweden with his family. Riny was able to use his skills in many facets, often acting as the “man in the middle, translating the needs of the accountants to the IT people who didn’t understand accounting very well, and vice versa.”


 


Riny’s first encounter with Excel was in 1989 while working for an audit firm. His first experience with Excel was while using a PC, but he later switched over to a MacBook Pro and became well versed in both. The two features he has learned the most from the Excel Tech Community are Power Query and Power Pivot. These are instrumental to his work today and he was able to refine his skills and learn greatly from those within the Community.


 


In Riny’s own words, “I ended up at the Microsoft Tech Community because I was looking for an answer to an Excel problem of my own, and then I found myself answering the questions of others. That proved addictive. Others commented on/improved my answers, and I learned a lot from that. It’s both fun and rewarding to work on issues and find solutions to problems that I could never imagine existed. It feels very rewarding to be helping others and at the same time getting better at Excel myself.”


 


Thank you, Riny, for your continued contribution to our Excel community!

Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

This article is contributed. See the original author and article here.

Actions for administrators to take today:
• Do not expose management interfaces to the internet.
• Enforce multi-factor authentication.
• Consider using CISA’s Cyber Hygiene Services.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation of CVE-2022-1388. This recently disclosed vulnerability in certain versions of F5 Networks, Inc., (F5) BIG-IP enables an unauthenticated actor to gain control of affected systems via the management port or self-IP addresses. F5 released a patch for CVE-2022-1388 on May 4, 2022, and proof of concept (POC) exploits have since been publicly released, enabling less sophisticated actors to exploit the vulnerability. Due to previous exploitation of F5 BIG-IP vulnerabilities, CISA and MS-ISAC assess unpatched F5 BIG-IP devices are an attractive target; organizations that have not applied the patch are vulnerable to actors taking control of their systems.

According to public reporting, there is active exploitation of this vulnerability, and CISA and MS-ISAC expect to see widespread exploitation of unpatched F5 BIG-IP devices (mostly with publicly exposed management ports or self IPs) in both government and private sector networks. CISA and MS-ISAC strongly urge users and administrators to remain aware of the ramifications of exploitation and use the recommendations in this CSA—including upgrading their software to fixed versions—to help secure their organization’s systems against malicious cyber operations. Additionally, CISA and MS-ISAC strongly encourage administrators to deploy the signatures included in this CSA to help determine whether their systems have been compromised. CISA and MS-ISAC especially encourage organizations who did not patch immediately or whose F5 BIG-IP device management interface has been exposed to the internet to assume compromise and hunt for malicious activity using the detection signatures in this CSA. If potential compromise is detected, organizations should apply the incident response recommendations included in this CSA.

Download the PDF version of this report (pdf, 500kb).

CVE-2022-1388 is a critical iControl REST authentication bypass vulnerability affecting the following versions of F5 BIG-IP:[1]

  • 16.1.x versions prior to 16.1.2.2 
  • 15.1.x versions prior to 15.1.5.1 
  • 14.1.x versions prior to 14.1.4.6 
  • 13.1.x versions prior to 13.1.5 
  • All 12.1.x and 11.6.x versions

An unauthenticated actor with network access to the BIG-IP system through the management port or self IP addresses could exploit the vulnerability to execute arbitrary system commands, create or delete files, or disable services. F5 released a patch for CVE-2022-1388 for all affected versions—except 12.1.x and 11.6.x versions—on May 4, 2022 (12.1.x and 11.6.x versions are end of life [EOL], and F5 has stated they will not release patches).[2]

POC exploits for this vulnerability have been publicly released, and on May 11, 2022, CISA added this vulnerability its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Due to the POCs and ease of exploitation, CISA and MS-ISAC expect to see widespread exploitation of unpatched F5 BIG-IP devices in government and private networks. 

Dection Methods

CISA recommends administrators, especially of organizations who did not immediately patch, to:

  • See the F5 Security Advisory K23605346 for indicators of compromise. 
  • See the F5 guidance K11438344 if you suspect a compromise. 
  • Deploy the following CISA-created Snort signature:

alert tcp any any -> any $HTTP_PORTS (msg:”BIG-IP F5 iControl:HTTP POST URI ‘/mgmt./tm/util/bash’ and content data ‘command’ and ‘utilCmdArgs’:CVE-2022-1388”; sid:1; rev:1; flow:established,to_server; flowbits:isnotset,bigip20221388.tagged; content:”POST”; http_method; content:”/mgmt/tm/util/bash”; http_uri; content:”command”; http_client_body; content:”utilCmdArgs”; http_client_body; flowbits:set,bigip20221388.tagged; tag:session,10,packets; reference:cve-2022-1388; reference:url,github.com/alt3kx/CVE-2022-1388_PoC; priority:2; metadata:service http;)

Additional resources to detect possible exploitation or compromise are identified below:

  • Emerging Threats suricata signatures. Note: CISA and MS-ISAC have verified these signatures are successful in detection of both inbound exploitation attempts (SID: 2036546) as well as post exploitation, indicating code execution (SID: 2036547).
    • SID 2036546

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:”ET EXPLOIT F5 BIG-IP iControl REST Authentication Bypass (CVE 2022-1388) M1″; flow:established,to_server; content:”POST”; http_method; content:”/mgmt/tm/util/bash”; http_uri; fast_pattern; content:”Authorization|3a 20|Basic YWRtaW46″; http_header; content:”command”; http_client_body; content:”run”; http_client_body; distance:0; content:”utilCmdArgs”; http_client_body; distance:0; http_connection; content:”x-F5-Auth-Token”; nocase; http_header_names; content:!”Referer”; content:”X-F5-Auth-Token”; flowbits:set,ET.F5AuthBypass; reference:cve,2022-1388; classtype:trojan-activity; sid:2036546; rev:2; metadata:attack_target Web_Server, created_at 2022_05_09, deployment Perimeter, deployment SSLDecrypt, former_category EXPLOIT, performance_impact Low, signature_severity Major, updated_at 2022_05_09;

  • SID SID 2036547

alert http $HOME_NET any -> any any (msg:”ET EXPLOIT F5 BIG-IP iControl REST Authentication Bypass Server Response (CVE 2022-1388)”; flow:established,to_client; flowbits:isset,ET.F5AuthBypass; content:”200″; http_stat_code; file_data; content:”kind”; content:”tm|3a|util|3a|bash|3a|runstate”; fast_pattern; distance:0; content:”command”; distance:0; content:”run”; distance:0; content:”utilCmdArgs”; distance:0; content:”commandResult”; distance:0; reference:cve,2022-1388; classtype:trojan-activity; sid:2036547; rev:1; metadata:attack_target Web_Server, created_at 2022_05_09, deployment Perimeter, deployment SSLDecrypt, former_category EXPLOIT, performance_impact Low, signature_severity Major, updated_at 2022_05_09;)

Incident Response 

If an organization’s IT security personnel discover system compromise, CISA and MS-ISAC recommend they:

  1. Quarantine or take offline potentially affected hosts.
  2. Reimage compromised hosts.
  3. Provision new account credentials.
  4. Limit access to the management interface to the fullest extent possible.
  5. Collect and review artifacts such as running processes/services, unusual authentications, and recent network connections.
  6. Report the compromise to CISA via CISA’s 24/7 Operations Center (report@cisa.gov or 888-282-0870). State, local, tribal, or territorial government entities can also report to MS-ISAC (SOC@cisecurity.org or 866-787-4722).

See the joint CSA from the cybersecurity authorities of Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity for additional guidance on hunting or investigating a network, and for common mistakes in incident handling. CISA and MS-ISAC also encourage government network administrators to see CISA’s Federal Government Cybersecurity Incident and Vulnerability Response Playbooks. Although tailored to federal civilian branch agencies, these playbooks provide operational procedures for planning and conducting cybersecurity incident and vulnerability response activities and detail steps for both incident and vulnerability response. 

CISA and MS-ISAC recommend organizations:

  • Upgrade F5 BIG-IP software to fixed versions; organizations using versions 12.1.x and 11.6.x should upgrade to supported versions. 
  • If unable to immediately patch, implement F5’s temporary workarounds:
    • Block iControl REST access through the self IP address.
    • Block iControl REST access through the management interface.
    • Modify the BIG-IP httpd configuration. 

See F5 Security Advisory K23605346 for more information on how to implement the above workarounds. 

CISA and MS-ISAC also recommend organizations apply the following best practices to reduce risk of compromise:

  • Maintain and test an incident response plan.
  • Ensure your organization has a vulnerability program in place and that it prioritizes patch management and vulnerability scanning. Note: CISA’s Cyber Hygiene Services (CyHy) are free to all SLTT organizations and public and private sector critical infrastructure organizations: https://www.cisa.gov/cyber-hygiene-services.
  • Properly configure and secure internet-facing network devices.
    • Do not expose management interfaces to the internet.
    • Disable unused or unnecessary network ports and protocols.
    • Disable/remove unused network services and devices.
  • Adopt zero-trust principles and architecture, including:
    • Micro-segmenting networks and functions to limit or block lateral movements.
    • Enforcing multifactor authentication (MFA) for all users and VPN connections.
    • Restricting access to trusted devices and users on the networks.