Azure Marketplace new offers – August 17, 2022

Azure Marketplace new offers – August 17, 2022

by | Aug 17, 2022 | Technology

This article is contributed. See the original author and article here.

We continue to expand the Azure Marketplace ecosystem. For this volume, 113 new offers successfully met the onboarding criteria and went live. See details of the new offers below:


 



















































































































































































































































































































































































































Get it now in our marketplace
AskforCloud logo.png Airflow on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Airflow on Ubuntu Server 20.04 LTS. Airflow is an open-source platform for programmatically authoring, scheduling, and monitoring workflows. Airflow pipelines are defined in Python, which allows for dynamic pipeline generation.
AskforCloud logo.png

Cassandra on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Cassandra on Ubuntu Server 18.04 LTS. Apache Cassandra is an open-source NoSQL distributed database trusted by thousands of companies for scalability and high availability. Cassandra enables developers to dynamically scale their databases with no downtime.
AskforCloud logo.png

Cassandra on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Cassandra on Ubuntu Server 20.04 LTS. Apache Cassandra is an open-source NoSQL distributed database trusted by thousands of companies for scalability and high availability. Cassandra enables developers to dynamically scale their databases with no downtime.
AskforCloud logo.png

Cassandra on Ubuntu Server 22.04 LTS: This offer from AskforCloud provides Cassandra on Ubuntu Server 22.04 LTS. Apache Cassandra is an open-source NoSQL distributed database trusted by thousands of companies for scalability and high availability. Cassandra enables developers to dynamically scale their databases with no downtime.
DecisionRules.png

DecisionRules: DecisionRules, a lightweight and blazingly fast business rules engine, streamlines workflows and helps organizations digitalize their day-to-day decision-making processes. DecisionRules is available as a privately managed cloud or as an on-premises deployment.
AskforCloud logo.png

Dolphin on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Dolphin on Ubuntu Server 18.04 LTS. Dolphin, an open-source platform for building social networks, is designed to be easy to use and customize. 
AskforCloud logo.png

Dolphin on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Dolphin on Ubuntu Server 20.04 LTS. Dolphin, an open-source platform for building social networks, is designed to be easy to use and customize.
AskforCloud logo.png

Dotclear on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Dotclear on Ubuntu Server 18.04 LTS. Dotclear is an open-source web-publishing tool written in PHP. Its flexible template system allows you to customize your Dotclear demo without having PHP knowledge, and its comment system has built-in anti spam protection.
AskforCloud logo.png

Dotclear on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Dotclear on Ubuntu Server 20.04 LTS. Dotclear is an open-source web-publishing tool written in PHP. Its flexible template system allows you to customize your Dotclear demo without having PHP knowledge, and its comment system has built-in anti spam protection.
AskforCloud logo.png

Dotclear on Ubuntu Server 22.04 LTS: This offer from AskforCloud provides Dotclear on Ubuntu Server 22.04 LTS. Dotclear is an open-source web-publishing tool written in PHP. Its flexible template system allows you to customize your Dotclear demo without having PHP knowledge, and its comment system has built-in anti spam protection.
AskforCloud logo.png

e107 on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides e107 on Ubuntu Server 18.04 LTS. e107 is an open-source content management system powered by PHP, MySQL, and Twitter Bootstrap. Its intuitive interface gives users complete control of their website and digital assets even if they have no knowledge of HTML or JavaScript.
AskforCloud logo.png

e107 on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides e107 on Ubuntu Server 20.04 LTS. e107 is an open-source content management system powered by PHP, MySQL, and Twitter Bootstrap. Its intuitive interface gives users complete control of their website and digital assets even if they have no knowledge of HTML or JavaScript.
AskforCloud logo.png

e107 on Ubuntu Server 22.04 LTS: This offer from AskforCloud provides e107 on Ubuntu Server 22.04 LTS. e107 is an open-source content management system powered by PHP, MySQL, and Twitter Bootstrap. Its intuitive interface gives users complete control of their website and digital assets even if they have no knowledge of HTML or JavaScript.
AskforCloud logo.png

Exponent CMS on Ubuntu 18.04 LTS: This offer from AskforCloud provides Exponent CMS on Ubuntu 18.04 LTS. Exponent CMS is an open-source content management system based on PHP and the Exponent framework. With Exponent, users can easily create and manage dynamic websites without directly coding web pages or managing site navigation.
AskforCloud logo.png

Hadoop on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Hadoop on Ubuntu Server 20.04 LTS. Apache’s Hadoop framework transparently supports data motion and reliability for applications. Hadoop implements the computational paradigm MapReduce, dividing an app into fragments, each of which may be executed or re-executed on any node in a cluster.
AskforCloud logo.png

Kafka on Debian 10: This offer from AskforCloud provides Kafka on Debian 10. Apache’s Kafka, an open-source distributed event store and streaming platform, is used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.
AskforCloud logo.png

Kafka on Debian 11: This offer from AskforCloud provides Kafka on Debian 11. Apache’s Kafka, an open-source distributed event store and streaming platform, is used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.
AskforCloud logo.png

Kafka on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Kafka on Ubuntu Server 18.04 LTS. Apache’s Kafka, an open-source distributed event store and streaming platform, is used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.
AskforCloud logo.png

Kafka on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Kafka on Ubuntu Server 20.04 LTS. Apache’s Kafka, an open-source distributed event store and streaming platform, is used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.
AskforCloud logo.png

Kafka on Ubuntu Server 22.04 LTS: This offer from AskforCloud provides Kafka on Ubuntu Server 22.04 LTS. Apache’s Kafka, an open-source distributed event store and streaming platform, is used by thousands of companies for high-performance data pipelines, streaming analytics, data integration, and mission-critical applications.
Apps4Rent logo.png

Kubernetes on Ubuntu: This offer from Apps4Rent provides Kubernetes on Ubuntu. Kubernetes is a portable and extensible open-source platform for managing containerized workloads.
Kubernetes grants you a framework to resiliently run distributed systems. It offers scaling, failover, deployment patterns, and more.
Apps4Rent logo.png

LAMP on Ubuntu 20.04: This offer from Apps4Rent provides a LAMP stack on Ubuntu 20.04. The LAMP stack includes Apache HTTP Server, the MySQL relational database management system, the PHP programming language, and a Linux operating system. Engineers use the stack to develop and deploy high-performance web apps in a Linux environment.
AskforCloud logo.png

Laravel Framework on Ubuntu Server 20.04 LTS: This offer from AskforCloud provides Laravel on Ubuntu Server 20.04 LTS. Laravel is a PHP framework with expressive, elegant syntax. The framework is robust and incredibly scalable, so it can grow with your project.
AskforCloud logo.png

Laravel on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Laravel on Ubuntu Server 18.04 LTS. Laravel is a PHP framework with expressive, elegant syntax. The framework is robust and incredibly scalable, so it can grow with your project.
LightWAN.png

LightWAN vCPE: The LightWAN network access device LightWAN vCPE provides customers with cloud interconnection and access to acceleration services. LightWAN is based on SDN and WAN acceleration technology and can swiftly connect branches, datacenters, and cloud services to LightWAN POP nodes. This app is available only in Chinese.
AskforCloud logo.png

Mattermost on Ubuntu 18.04 LTS: This offer from AskforCloud provides Mattermost on Ubuntu 18.04 LTS. Mattermost is an open-source collaboration platform. Bring together team messaging, task and project management, and workflow orchestration so you can deliver high-quality software.
AskforCloud logo.png

Mattermost on Ubuntu 20.04 LTS: This offer from AskforCloud provides Mattermost on Ubuntu 20.04 LTS. Mattermost is an open-source collaboration platform. Bring together team messaging, task and project management, and workflow orchestration so you can deliver high-quality software.
AskforCloud logo.png

Mattermost on Ubuntu 22.04 LTS: This offer from AskforCloud provides Mattermost on Ubuntu 22.04 LTS. Mattermost is an open-source collaboration platform. Bring together team messaging, task and project management, and workflow orchestration so you can deliver high-quality software.
OutSystems Standard Edition.png

OutSystems Standard Edition: Quickly create and update web and mobile applications with OutSystems, a modern platform for developing, delivering, and evolving compelling apps that drive innovation at the pace that business requires. OutSystems features visual development tools and automation powered by AI.
AskforCloud logo.png

Piwigo on Ubuntu 22.04 LTS: This offer from AskforCloud provides Piwigo on Ubuntu 22.04 LTS. Piwigo is open-source photo management software designed for organizations, teams, and individuals. Easily organize and share your photos on the web with Piwigo.
AskforCloud logo.png

Pydio on Ubuntu Server 18.04 LTS: This offer from AskforCloud provides Pydio on Ubuntu Server 18.04 LTS. Pydio is open-source file-sharing and synchronization software that allows you to access and securely share large amounts of data from a central location.
AskforCloud logo.png

Pydio on Ubuntu Server 20.04 LTS: Easily access and share large amounts of data from a central location with this offer from AskforCloud, which provides Pydio on Ubuntu Server 20.04 LTS. Paris-based Pydio is a leader in the self-hosted enterprise document sharing and collaboration market.
ServicePilot SaaS.png

ServicePilot SaaS: ServicePilot allows you to collect, monitor, and analyze historical data across your on-premises and Microsoft Azure environments. Proactively identify underperforming servers and applications before they impact users and customers.
Tanium logo.png

Tanium Cloud: Turbocharge your security team’s capabilities with Tanium. Delivered as a fully managed cloud-based service, with zero infrastructure requirements, Tanium offers complete visibility over all endpoints so you can quickly manage, secure, and protect your network at scale.
Tanium logo.png

Tanium Cloud Package Management Service (TCPMS): This global service optimizes the Tanium linear-chain architecture for customers and remote workers. It creates efficiencies in software distribution across all endpoints by eliminating database bloat and connection overload across your on-premises, cloud, and hybrid environments.
UCMC NetCM.png

UCMC NetCM: GBM’s open-source configuration management platform powered by Ansible eliminates repetitive tasks by automating workflows for firewalls, endpoints, and switches, and it makes your network operations more efficient and productive.
VisionDocs.png

VisionDocs: This solution from Mint Management Technologies extracts information from PDFs, images, and scans and makes it searchable on applications like Microsoft Teams and SharePoint. Match invoices to vendors and enrich document scans or facial comparisons. 
AskforCloud logo.png ZooKeeper on Ubuntu Server 20.04 LTS: AskforCloud’s offer provides ZooKeeper on Ubuntu Server 20.04 LTS. Apache ZooKeeper is an open-source server for highly reliable distributed coordination of cloud applications.

Go further with workshops, proofs of concept, and implementations
Agile Data Engineering Sprints.png

Agile Data Engineering Sprints: 2-Week Implementation: Customer-centric experts from Appsfactory will apply the agile methodology to support the design, implementation, and testing of your data engineering tasks using Microsoft Azure Cognitive Services, Microsoft Power Platform, and custom solutions powered by Azure Machine Learning Studio.
Cognizant 1Sustainability Accelerator.png

Cognizant 1Sustainability Accelerator: 4-Week Implementation: Accelerate and automate your sustainability initiatives with solution, which Cognizant will implemented on Microsoft Azure. 1Sustainability integrates with Microsoft Cloud for Sustainability (MCfS) for seamless cross-department data collection and energy consumption management.
Customer Explorer Analytics.png

Customer Explorer Analytics: 6-Week Implementation: Learn how to drive growth and improve customer experience with Tredence’s offering. Optimize your marketing campaign build cycle with a custom web app for creating and exporting customer segments using Azure Databricks, Azure Monitor, and Azure Data Lake Storage.
Data Science Modernization.png

Data Science Modernization: 6-Week Implementation: Get useful insights and best-practice recommendations from Tallan as you prepare to modernize your legacy data science system. Tallan’s experts will help migrate your workloads to Microsoft Azure while creating a robust governance and security process.
DevOps as a Service.png

DevOps as a Service: 2-Day Workshop: The experts from Transition Technologies PSC will lay the foundation for innovation and growth by introducing you to the agile and integrated framework of Microsoft Azure DevOps. Walk away with a solid strategy to transform your ecosystem.
Disaster Recovery as a Service.png

Disaster Recovery as a Service: 10-Day Implementation: TM Systems’ offering will protect your business-critical applications and data through the design and implementation of backup and disaster recovery using Azure Site Recovery. Keep your business running and proactively resolve any outage issues.
Enterprise Modern Data Science Platform.png

Enterprise Modern Data Science Platform: 4-Month Implementation: Ensure the success of your data science projects by simplifying data engineering workloads and reducing production time with Tallan’s enterprise-scale Modern Data Science Platform (MDSP) on Microsoft Azure.
Machine Learning Operations.png

Machine Learning Operations: 2-Month Implementation: Using Microsoft Azure DevOps best practices along with automated retraining and continuous monitoring of your machine learning and statistical models, Tallan will help maximize the return on your data science investment.
Difenda logo.png

Microsoft Defender for Endpoint: 2-Week Design and Implementation: Difenda’s Microsoft-certified technical experts will tailor your Microsoft Defender for Endpoint configuration and implementation so you can maximize your security investment with a unified and robust service across your environment.
Migrate workloads to Azure.png

Migrate Workloads to Azure and SQL Server: 3-Week Implementation: Prime DB will provide a cost-effective, interactive experience for your team to safely identify risks and gaps before deploying workloads to Microsoft Azure, Microsoft SQL Server, Microsoft 365, and more. This service is available only in Portuguese.
Zero Trust Security.png Zero Trust Security: 3-Day Workshop: In this workshop, Oxford Computer Group will help your organization explore and customize a Zero Trust security solution built on Microsoft 365. Simplify security management and provide ongoing protection for your users and resources.

Contact our partners
2OS Deep No-Code (No-Code + AI)

5-2 Cloud-Native Migration and App Modernization: 2-Hour Briefing

Alepo SDM

AntWorks CMR+

Automated Teams for Educators

Azure Application Modernization: 1-Day Briefing
Azure App Modernization: 4-Week Assessment

Azure Business Insights and AI: 2-Hour Briefing

Azure Cloud-Native Design: 1-Week Assessment

Azure Foundation Workshop and Implementation

BDO Managed Compliance Services

BDO Managed Detection and Response

BDO OT/IoT Managed Services

Bell IoT Starter Kit

Bloomberg DataParser

Boomi Runtime Quickstarts

Boost 360

Canary Speech

Cloud Readiness: 2-Week Assessment

Customer Explorer Analytics SaaS Offering

Doc Reader: Intelligent Document Processing for Finance

Dopplr

eACASync

EdGraph Data Management and Analytics Platform

Environment Education 4.0

FSI Strategies: Managed Services for Microsoft 365

Fuze DataParser

Genpact Cora Intelligent Data Orchestration

Global Directory for Microsoft Teams

IBM OpenPages with Watson

letsbloom Secure Cloud PaaS

Liquid Cyber Security SOC Onboarding

LivePerson DataParser

Managed Rancher by Hossted

Minecraft Room

MishiPay Scan, Pay & Go

Optical Quality Assurance in Production: 3-Month Proof of Concept

Paradim

PwC Intelligent Risk Monitoring Tool (Subscription)

Quip DataParser

Redox Healthcare Integration

Refinitiv DataParser

Retail & Distribution Data and AI for Azure Synapse: 2-Week Assessment

Sincro Marketplace

Sincro VMS

Slack DataParser

Smart Reports

Symphony DataParser

Thomson Reuters Case Tracking

Thomson Reuters ID Risk Analytics

Ubuntu Minimal 20.04 LTS

Ubuntu Minimal 22.04 LTS

Unica Managed Detection & Response

Using Azure Synapse in Industrial and Energy Markets: 2-Week Assessment

Veeam Backup for Microsoft Azure: 2-Hour Briefing

WAMS ManagedCare

Webex DataParser

Yammer DataParser

Yubikey 5 NFC Security Key

Zapote Logistics

ZenCRM Linea Business Advanced Edition

ZenCRM Linea Business Full Edition

ZenCRM Linea Business Pro Edition
Zoom DataParser

Sysmon v14.0, AccessEnum v1.34, and Coreinfo v3.53

by | Aug 16, 2022 | Technology

This article is contributed. See the original author and article here.


Sysmon v14.0


This major update to Sysmon, an advanced host monitoring tool, adds a new event type, FileBlockExecutable that prevents processes from creating executable files in specified locations. It also includes several performance improvements and bug fixes.

 

AccessEnum v1.34


AccessEnum, a tool for enumerating file system and registry permissions, now supports paths longer than MAX_PATH characters.

 

Coreinfo v3.53


This update to Coreinfo, a utility that reports system CPU, memory and cache topology and information, now handles NUMA nodes with more than 64 processors.

 

Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

by | Aug 16, 2022 | Security, Technology

This article is contributed. See the original author and article here.

Actions for ZCS administrators to take today to mitigate malicious cyber activity:
• Patch all systems and prioritize patching known exploited vulnerabilities.
• Deploy detection signatures and hunt for indicators of compromise (IOCs).
• If ZCS was compromised, remediate malicious activity.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are publishing this joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple Common Vulnerabilities and Exposures (CVEs) against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email platform. CVEs currently being exploited against ZCS include: 

  • CVE-2022-24682 
  • CVE-2022-27924 
  • CVE-2022-27925 chained with CVE-2022-37042 
  • CVE-2022-30333

Cyber threat actors may be targeting unpatched ZCS instances in both government and private sector networks. CISA and the MS-ISAC strongly urge users and administrators to apply the guidance in the Recommendations section of this CSA to help secure their organization’s systems against malicious cyber activity. CISA and the MS-ISAC encourage organizations who did not immediately update their ZCS instances upon patch release, or whose ZCS instances were exposed to the internet, to assume compromise and hunt for malicious activity using the third-party detection signatures in the Detection Methods section of this CSA. Organizations that detect potential compromise should apply the steps in the Incident Response section of this CSA.

Download the PDF version of this report: pdf, 355 kb

CVE-2022-27924

CVE-2022-27924 is a high-severity vulnerability enabling an unauthenticated malicious actor to inject arbitrary memcache commands into a targeted ZCS instance and cause an overwrite of arbitrary cached entries. The actor can then steal ZCS email account credentials in cleartext form without any user interaction. With valid email account credentials in an organization not enforcing multifactor authentication (MFA), a malicious actor can use spear phishing, social engineering, and business email compromise (BEC) attacks against the compromised organization. Additionally, malicious actors could use the valid account credentials to open webshells and maintain persistent access.

On March 11, 2022, researchers from SonarSource announced the discovery of this ZCS vulnerability. Zimbra issued fixes for releases 8.8.15 and 9.0 on May 10, 2022. In June 2022, SonarSource publicly released proof-of-concept (POC) exploits for this vulnerability.[1][2] Based on evidence of active exploitation, CISA added this vulnerability to the Known Exploited Vulnerabilities Catalog on August 4, 2022. Due to the POC and ease of exploitation, CISA and the MS-ISAC expect to see widespread exploitation of unpatched ZCS instances in government and private networks.

CVE-2022-27925 and CVE-2022-37042

CVE-2022-27925 is a high severity vulnerability in ZCS releases 8.8.15 and 9.0 that have mboximport functionality to receive a ZIP archive and extract files from it. An authenticated user has the ability to upload arbitrary files to the system thereby leading to directory traversal.[3] On August 10, 2022, researchers from Volexity reported widespread exploitation—against over 1,000 ZCS instances—of CVE-2022-27925 in conjunction with CVE-2022-37042.[4] CISA added both CVEs to the Known Exploited Vulnerabilities Catalog on August 11, 2022. 

CVE-2022-37042 is an authentication bypass vulnerability that affects ZCS releases 8.8.15 and 9.0. CVE-2022-37042 could allow an unauthenticated malicious actor access to a vulnerable ZCS instance. According to Zimbra, CVE-2022-37042 is found in the MailboxImportServlet function.[5][6] Zimbra issued fixes in late July 2022.

CVE-2022-30333

CVE-2022-30333 is a high-severity directory traversal vulnerability in RARLAB UnRAR on Linux and UNIX allowing a malicious actor to write to files during an extract (unpack) operation. A malicious actor can exploit CVE-2022-30333 against a ZCS server by sending an email with a malicious RAR file. Upon email receipt, the ZCS server would automatically extract the RAR file to check for spam or malware.[7] Any ZCS instance with unrar installed is vulnerable to CVE-2022-30333.

Researchers from SonarSource shared details about this vulnerability in June 2022.[8] Zimbra made configuration changes to use the 7zip program instead of unrar.[9] CISA added CVE-2022-3033 to the Known Exploited Vulnerabilities Catalog on August 9, 2022. Based on industry reporting, a malicious cyber actor is selling a cross-site scripting (XSS) exploit kit for the ZCS vulnerability to CVE 2022 30333. A Metasploit module is also available that creates a RAR file that can be emailed to a ZCS server to exploit CVE-2022-30333.[10]

CVE-2022-24682

CVE-2022-24682 is a medium-severity vulnerability that impacts ZCS webmail clients running releases before 8.8.15 patch 30 (update 1), which contain a cross-site scripting (XSS) vulnerability allowing malicious actors to steal session cookie files. Researchers from Volexity shared this vulnerability on February 3, 2022[11], and Zimbra issued a fix on February 4, 2022.[12] CISA added this vulnerability to the Known Exploited Vulnerabilities Catalog on February 25, 2022. 

DETECTION METHODS

Note: CISA and the MS-ISAC will update this section with additional IOCs and signatures as further information becomes available. 
CISA recommends administrators, especially at organizations that did not immediately update their ZCS instances upon patch release, to hunt for malicious activity using the following third-party detection signatures:

  • Hunt for IOCs including:
    • 207.148.76[.]235 – a Cobalt Strike command and control (C2) domain
  • Deploy third-party YARA rules to detect malicious activity:

CISA and the MS-ISAC recommend organizations upgrade to the latest ZCS releases as noted on Zimbra Security – News & Alerts and Zimbra Security Advisories.

See Volexity’s Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925 for mitigation steps.

Additionally, CISA and the MS-ISAC recommend organizations apply the following best practices to reduce risk of compromise:

  • Maintain and test an incident response plan.
  • Ensure your organization has a vulnerability management program in place and that it prioritizes patch management and vulnerability scanning of known exploited vulnerabilities. Note: CISA’s Cyber Hygiene Services (CyHy) are free to all state, local, tribal, and territorial (SLTT) organizations, as well as public and private sector critical infrastructure organizations: cisa.gov/cyber-hygiene-services
  • Properly configure and secure internet-facing network devices.
    • Do not expose management interfaces to the internet.
    • Disable unused or unnecessary network ports and protocols.
    • Disable/remove unused network services and devices.
  • Adopt zero-trust principles and architecture, including:
    • Micro-segmenting networks and functions to limit or block lateral movements.
    • Enforcing phishing-resistant multifactor authentication (MFA) for all users and VPN connections.
    • Restricting access to trusted devices and users on the networks.

INCIDENT RESPONSE

If an organization’s system has been compromised by active or recently active threat actors in their environment, CISA and the MS-ISAC recommend the following initial steps:

  1. Collect and review artifacts, such as running processes/services, unusual authentications, and recent network connections.
  2. Quarantine or take offline potentially affected hosts.
  3. Reimage compromised hosts.
  4. Provision new account credentials.
  5. Report the compromise to CISA via CISA’s 24/7 Operations Center (report@cisa.gov or 888-282-0870). SLTT government entities can also report to the MS-ISAC (SOC@cisecurity.org or 866-787-4722).

See the joint CSA from the cybersecurity authorities of Australia, Canada, New Zealand, the United Kingdom, and the United States on Technical Approaches to Uncovering and Remediating Malicious Activity for additional guidance on hunting or investigating a network, and for common mistakes in incident handling. CISA and the MS-ISAC also encourage government network administrators to see CISA’s Federal Government Cybersecurity Incident and Vulnerability Response Playbooks. Although tailored to federal civilian branch agencies, these playbooks provide operational procedures for planning and conducting cybersecurity incident and vulnerability response activities and detail steps for both incident and vulnerability response. 

ACKNOWLEDGEMENTS

CISA and the MS-ISAC would like to thank Volexity and Secureworks for their contributions to this advisory.

DISCLAIMER

The information in this report is being provided “as is” for informational purposes only. CISA and the MS-ISAC do not provide any warranties of any kind regarding this information. CISA and the MS-ISAC do not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring.

The AI-powered contact center, part 2: Achieve superior self-service voice support

The AI-powered contact center, part 2: Achieve superior self-service voice support

by | Aug 16, 2022 | Dynamics 365, Microsoft 365, Technology

This article is contributed. See the original author and article here.

Many people still prefer to pick up the phone when they want to access customer service. Many others find that the phone is a vital last resort when they fail to get answers in digital channels. Regardless of why people call a contact center, it is essential that the experience is fast, simple, and satisfying.

In the first article in the series, we talked about how the Microsoft Digital Contact Center Platform is an open, extensible, and collaborative platform for delivering seamless, omnichannel customer engagement at scale. In this article, we’ll look at how the Microsoft Digital Contact Center Platform brings together Nuance and Microsoft innovations to help organizations engage customers efficiently and effectively in the voice channelfrom the moment they reach the interactive voice response (IVR) system.

Reimagining the voice channel

Most IVRs make customers navigate a maze of menu options and listen to irrelevant messages because they lack the intelligence to resolve inquiries themselves. They frustrate customers, who have learned to keep pressing ‘0’ or shout “agent!” to reach a human agent who has no knowledge of what happened during the IVR session. That forces the customer to restart their search for a satisfactory resolution. These can be frustratingeven infuriatingcustomer experiences, which can damage brand loyalty.

With a conversational IVR, however, callers can explain their needs in their own words and get answers to questions in a few seconds.

Conversational IVRs use natural language understanding (NLU) to interpret what callers want to accomplish and resolve their issues in a fast, satisfying self-service experience. Of course, some interactions will require a live agent (like complex queries, sensitive issues, or high-value transactions), so AI-powered IVRs route those calls to an available agent with the right skill set.

The best conversational IVRs can recognize thousands of complex instances of customer intent from customers’ natural spoken words, tone, and patterns; dramatically improving the customer experience. For example, when the health insurance company Humana replaced its legacy system with a conversational IVR, its Net Promoter Score (NPS) rose by 80 percent.

Making customer experiences better

Modern IVR solutions give callers intelligent, seamless, conversational self-service experiences that lead to faster resolutions, increased customer satisfaction, and lower service costs.

The most advanced IVR systems can improve customer experiences in many ways. They can offer callers the option to shift to digital experiences such as a virtual assistant or live chat to get faster servicewhile maintaining context throughout the engagement. They can also integrate with call-back management systems, so when wait times are long, the IVR gives customers the option to be called back rather than waiting in line.

On the Microsoft Digital Contact Center Platform, conversational IVRs can create even more value for customersand for organizationsby uniting Microsoft and Nuance innovations. When the IVR escalates an engagement to a live agent, it can hand over the full context of the conversation. The agent desktop can also pull in a unified view of the customer, including previous interactions, purchase history, and more. Agents feel empowered to quickly address queries and issues, increasing their productivity, while the customer feels understood and valued.

Intelligent routing means happier, more loyal agents

Conversational IVRs can handle most routine inquiries and even more complex interactions, increasing call containment and minimizing transfers to agents. When transfers are needed, agents have a clear view of the context of incoming calls and can serve customers more effectively. And because agents are no longer handling routine interactions, they can apply their skills to higher-value, more rewarding engagements, which in turn increases agent experience and loyalty.

For example, at a major global telco, a conversational IVR successfully handles more than 70 percent of the 4 million calls it receives each month, reducing the strain on the organization’s live agents.

On the Microsoft Digital Contact Center Platform, IVRs use intelligent routing to further increase the ability of agents to resolve most incoming calls successfully and swiftly. The real-time data and context from the IVR enhance call handling by intelligently routing callers to the live agent best suited to help, while providing them with the information needed to provide rapid, reliable resolution. That leads to higher customer and agent satisfaction as well as a significant reduction in contact center costs.

Faster, more secure interactions

One of the most valuable developments in modern IVR technology is the addition of biometric authentication. Voice biometrics technology in Nuance Gatekeeper can accurately identify customers (and fraudsters) based on more than 1,000 characteristics of their “voiceprint” using only half a second of their natural speech.

Authenticating callers using voice biometrics increases security (because PINs and passwords can be easily bought or stolen) and eliminates the need for agents to spend time on lengthy, often tedious knowledge-based authentication processes. It also enables deeper level of personalization. By seamlessly authenticating a caller in the IVR with voice biometrics, a conversational IVR can use existing data sources to understand the caller’s relationship with the brand, past history, and other data points to personalize the experience. One of the world’s largest asset managers uses passive voice biometrics to authenticate 79 percent of customers as they speak with its conversational IVR. By automating the caller authentication process, the contact center reduced the average handle time for each call by 82 seconds because agents no longer have to begin every interaction by verifying the caller’s identity.

Intelligent IVR applications for every need

The Microsoft Digital Contact Center Platform makes it easy to build an enterprise-grade, secure, conversational voicebot or FAQ application for the IVR that can handle everything from straightforward queries to complex interactions. What’s more, these applications will be purpose-built to meet specific requirements and business goals.

Organizations can build DIY voicebots in Nuance Mix (more on that in our next article) or call on the expertise of Nuance’s professional services teams, speech scientists, data scientists, and conversational design specialists. And as the Microsoft Digital Contact Center Platform continues to evolve, organizations will be able to build voicebots with Microsoft Power Virtual Agents, then enhance and evolve those bots with Nuance Mix.

Defining the future of voice support together

By bringing together Nuance Conversational IVR and Mix, Microsoft Power Virtual Agents, and Microsoft Dynamics 365 Customer Service, along with Microsoft Azure Communications Services and Azure Cognitive Services, organizations now have a single platform to create innovative customer and agent experiences.

For example, organizations can build bespoke, enterprise-grade applications using highly intelligent call routing capabilities in Dynamics 365; or create smart, personalized, empathetic, and natural IVR and bot applications with Azure Cognitive Services. It is now possible to turn those innovative “what if?” customer service ideas into reality. And, of course, it is all possible while protecting your current investments thanks to backwards compatibility and a clear, disruption-free migration path to any future solutions.

Next steps

Next time, we will dive deeper into how Nuance MixNuance’s conversational AI tooling platformcomplements Microsoft Power Virtual Agents. Until then, learn more about the Microsoft Digital Contact Center Platform and how to create engaging, personalized digital experiences.

The post The AI-powered contact center, part 2: Achieve superior self-service voice support appeared first on Microsoft Dynamics 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Azure Maps Authentication the right way

Azure Maps Authentication the right way

by | Aug 15, 2022 | Technology

This article is contributed. See the original author and article here.


One of the requirements when building a business application is that only authenticated users can access it. So how do you use Azure Maps in combination with authentication and authorization? When you are reading our Azure Maps docs, you find that we support many different authentication scenarios, which makes it hard for some developers to implement. This blogpost will focus on the most requested scenario for Azure Maps: Have a .NET web application with an embedded Azure Maps web control where only authenticated users can see the website and use the map. Follow me step by step.


 



In this article, we make use of .NET 6.0 and the C# programming language, download, and install the latest version of .NET from https://dot.net/.


 


To make it easier to edit source code, we also recommend installing Visual Studio Code, which is a lightweight but powerful source code editor from Microsoft https://code.visualstudio.com/.


 


Before you can use Azure Maps, you need to sign up for a free Azure subscription, what you can do here https://azure.microsoft.com/free.


And as last, install the Azure Command-Line Interface (CLI) tools. Read here How to install the Azure CLI.


 



First, we start with a basic .NET web application and Azure Maps. No authentication yet, that will come in the next paragraph. This first step will use an Azure Maps Key (a ‘shared Key authentication’ or subscription key) that should not be used in production. An Azure Maps Key has complete control over your Azure Maps resource. In the next paragraph, we will remove this key and replace this with managed identities for Azure resources.


 


We start by creating a folder and adding a new web application to it, and we then open the newly created web application in Visual Studio Code. Start PowerShell (or any other terminal) and enter the following commands:


 

mkdir AzureMapsDemo
cd .AzureMapsDemo
dotnet new mvc
code .

 


 


Next, we need to add the Azure Maps web control to the Home view, open the file Views/Home/index.cshtml, and replace all the content with:



@{
    ViewData["Title"] = "Home Page";
}

<div class="text-center">
    <h1 class="display-4">Azure Maps</h1>
    <p>Learn about <a href="https://docs.microsoft.com/azure/azure-maps/">building Azure Maps apps with ASP.NET Core</a>.</p>
</div>

<div id="myMap" style="width:100%;min-width:290px;height:600px;"></div>

@section Scripts
{
    <link rel="stylesheet" href="https://atlas.microsoft.com/sdk/javascript/mapcontrol/2/atlas.min.css" />
    https://atlas.microsoft.com/sdk/javascript/mapcontrol/2/atlas.min.js

    <script>
        var map;

        // Initialize a map instance.
        map = new atlas.Map('myMap', {
            center: [-122.33, 47.6],
            zoom: 12,
            style: 'satellite_road_labels',
            view: 'Auto',

            // Add authentication details for connecting to Azure Maps.
            authOptions: {
                authType: 'subscriptionKey',
                subscriptionKey: '[YOUR_AZURE_MAPS_KEY]'
            }
        });

        // Wait until the map resources are ready.
        map.events.add('ready', function() {
            // Add your post map load code here.
        });
    </script>
}

As you can see, we need a subscription key for Azure Maps before starting the web application and using the map. In the next step, we are creating an Azure resource group and adding a new Azure Maps Account. Then we extract the Azure Maps Primary Key from this Azure Maps Account, which we use in our Home view.

 



1.1 Login into your Azure subscription and save the Azure subscription Id, we need this for later.



az login

 



1.2 (Optional) Select the subscription where you would like to create the Azure Maps Account.


 

az account set --subscription "<your subscription>"

 


 


1.3 Create a resource group, and change the name and the location for your needs.


 

az group create -l westeurope -n rg-azuremaps

 


 


1.4 Create the Azure Maps Account, and accept the terms and conditions. Save the uniqueId for later.


 

az maps account create -n map-azuremaps -g rg-azuremaps -s "G2" --kind "Gen2"

 


 


1.5 Now we can extract the Azure Maps Primary Key and add it to the Home view in our web application.


 

az maps account keys list -n map-azuremaps -g rg-azuremaps

 


 


1.6 Replace the [YOUR_AZURE_MAPS_KEY] in the file Views/Home/index.cshtml with the Azure Maps Primary Key we just listed in step 1.5.


 


1.7 Now we can run and test our AzureMapsDemo web application.




dotnet run​

 


azure_maps_key.png



In this paragraph, we are removing the ‘shared Key authentication’ (the Azure Maps subscription key) and replacing this with a more secure and production ready managed identities for Azure Maps.


 



Managed identities for Azure resources provide Azure services with an automatically managed application-based security principal that can authenticate with Azure AD. With Azure role-based access control (Azure RBAC), the managed identity security principal can be authorized to access Azure Maps services.



This means that the web application can request a short-lived token to get access to Azure Maps from Azure Active Directory (AAD). Because this is managed, we do not need to know any passwords or create users. However, to get this token back to the client (the Azure Maps Web Controls runs in the users’ browser), we need to create a simple token proxy API in our web application to forward this token.


We start by creating an Azure Web App where our web application will be hosted and running. This Azure Web App then needs to have rights to get a token for Azure Maps, which we will forward using the token proxy API we create in the below steps.


 


2.1 Create an app service plan and web app, and change the unique name and the location for your needs.

az appservice plan create -g rg-azuremaps -n plan-azuremaps -l westeurope

az webapp create -g rg-azuremaps -p plan-azuremaps -n web-azuremaps -r "dotnet:6"



 



2.2 Next, we create a system-assigned identity for this web app. When finished, we are presented with the principalId, we need this in the next step. To make it simple, you can see the system-assigned identity as an account Azure manages.

az webapp identity assign -n web-azuremaps -g rg-azuremaps



 



2.3 Now that we have the principalId (use this in the below command) for this system-assigned identity, we can assign the role (what can this system-assigned identity do and access). In this step, we assign the role of Azure Maps Data Reader to this system-assigned identity, which means that this system-assigned identity can only read and not modify or delete data from your Azure Maps account. You already see this is way more secure than the plain Azure Maps key, which has all the rights to do everything. We also need the [YOUR_AZURE_SUBSCRIPTION_ID] from the first step.

az role assignment create --assignee "[PRINCIPAL_ID]" --role "Azure Maps Data Reader" --scope "/subscriptions/[YOUR_AZURE_SUBSCRIPTION_ID]/resourceGroups/rg-azuremaps/providers/Microsoft.Maps/accounts/map-azuremaps"



 




Hint to get your Azure subscription Id use the following command: az account subscription list



2.4 To get the access token from Azure Active Directory (AAD) back to the client (the web browser), we will create a simple proxy API forwarding this access token. We start by creating an API controller in our web application and adding the GetAzureMapsToken() method.


 


2.5 First, we must add the Azure Identity NuGet package to our web application.

dotnet add package Azure.Identity



 



2.6 Next, we create a new ApiController.cs file under the folder Controllers. This new ApiController.cs file will have a method GetAzureMapsToken() that is acting like a proxy for our access token. Read here more about Controllers in a MVC web application.

using Azure.Core;
using Azure.Identity;
using Microsoft.AspNetCore.Mvc;

namespace AzureMapsDemo.Controllers;

public class ApiController : Controller
{
    private static readonly DefaultAzureCredential tokenProvider = new();

    public async Task<IActionResult> GetAzureMapsToken()
    {
        var accessToken = await tokenProvider.GetTokenAsync(
            new TokenRequestContext(new[] { "https://atlas.microsoft.com/.default" })
        );

        return new OkObjectResult(accessToken.Token);
    }
}



 

2.7 Now that we have our token API proxy, we only need to change the authentication options for the Azure Maps Web Control. Replace in the file Views/Home/index.cshtml the authOptions with the following:


// Add authentication details for connecting to Azure Maps.
authOptions: {
    // Use Azure Active Directory authentication.
    authType: 'anonymous',
    // Your Azure Maps client id for accessing your Azure Maps account.
    clientId: '[YOUR_AZUREMAPS_CLIENT_ID]',
    getToken: function(resolve, reject, map) {
        // URL to your authentication service that retrieves
        // an Azure Active Directory Token.
        var tokenServiceUrl = "/api/GetAzureMapsToken";

        fetch(tokenServiceUrl).then(r => r.text()).then(token => resolve(token));
    }
}



 

managed_identity.png

 



2.8 We also need to update the clientId we saved when we created the Azure Maps account. (Optional) To get the Azure Maps Client Id again, use the value of uniqueId from:




az maps account show -n map-azuremaps -g rg-azuremaps




 


2.9 Now we can build and deploy our web application that uses managed identities for Azure Maps. We first build and create a release package.

dotnet publish --configuration Release

Compress-Archive -Path binReleasenet6.0publish* -DestinationPath release1.zip



 



2.10 Then we publish our release package to the Azure Web App.

az webapp deployment source config-zip -g rg-azuremaps -n web-azuremaps --src release1.zip



 

2.11 Open a web browser and navigate to the https://web-azuremaps.azurewebsites.net/ where the web-azuremaps subdomain is your unique name when creating the Azure Web App. The application looks like this:



 


demo.png


2.12. (Optional) We can also navigate to the token proxy API https://web-azuremaps.azurewebsites.net/api/GetAzureMapsToken, copy the token, and past this in the https://jwt.ms/ tool to decode and inspect the token.


 



The web application we built in the last paragraph uses managed identities, and the Azure Maps Web Control uses the access token. Unfortunately, the web application and token proxy API are still accessible to everybody. Therefore, in this paragraph, we are adding the Azure Active Directory (AAD) Authentication to the web application and the token proxy API, so that only authenticated users can view the web application and use the Azure Maps Web Control in a secure way.


 


3.1 We start by registering an application in the Azure Active Directory, and we need this application registration later to give access to the web application and token proxy API.

az ad app create --display-name "Azure Maps Demo App" --web-redirect-uris https://web-azuremaps.azurewebsites.net/signin-oidc --enable-access-token-issuance true --enable-id-token-issuance true --sign-in-audience AzureADMyOrg



 



3.2 We need to add four Identity and Authentication NuGet packages to our web application.

dotnet add package Microsoft.Identity.Web
dotnet add package Microsoft.Identity.Web.UI
dotnet add package Microsoft.AspNetCore.Authentication.JwtBearer
dotnet add package Microsoft.AspNetCore.Authentication.OpenIdConnect



 



3.3 Next, we need to add the [Authorize] attribute to every controller in our web application. Below is our token API proxy controller as an example. Do not forget to do this also for the Home controller!

using Azure.Core;
using Azure.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Authorization;

namespace AzureMapsDemo.Controllers;

[Authorize]
public class ApiController : Controller
{



 



3.4 In the program startup file Program.cs we need to add the Authentication and Authentication logic. Replace all the default code in the Program.cs file with the following:

using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.Authorization;
using Microsoft.Identity.Web;
using Microsoft.Identity.Web.UI;

var builder = WebApplication.CreateBuilder(args);

// Add services to the container.
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
    .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"));

builder.Services.AddAuthorization(options =>
{
    options.FallbackPolicy = options.DefaultPolicy;
});

builder.Services.AddControllersWithViews(options =>
{
    var policy = new AuthorizationPolicyBuilder()
        .RequireAuthenticatedUser()
        .Build();
    options.Filters.Add(new AuthorizeFilter(policy));
});
builder.Services.AddRazorPages()
    .AddMicrosoftIdentityUI();

var app = builder.Build();

// Configure the HTTP request pipeline.
if (!app.Environment.IsDevelopment())
{
    app.UseExceptionHandler("/Home/Error");
    // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
    app.UseHsts();
}

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseAuthentication();
app.UseAuthorization();

app.MapControllerRoute(
    name: "default",
    pattern: "{controller=Home}/{action=Index}/{id?}");
app.MapRazorPages();
app.MapControllers();

app.Run();



 



3.5 The last step before redeploying our secure web application is to add the details from our registered application in the Azure Active Directory into the configuration file. Open the appsettings.json file and replace this with:

{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "Domain": "[PUBLISHER_DOMAIN]",
    "TenantId": "[AAD_TENANT_ID]",
    "ClientId": "[APP_ID]",
    "CallbackPath": "/signin-oidc"
  },
  "Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft.AspNetCore": "Warning"
    }
  },
  "AllowedHosts": "*"
}



 

azure_active_directory.png

 

3.6 Replace the [PUBLISHER_DOMAIN] and [APP_ID] with the values we saved in step 1 when we registered the application. Your Azure Active Directory Tenant ID [AAD_TENANT_ID], you can get with the following command:





az account tenant list


 



3.7 Now we can build and deploy our web application that uses Azure Active Directory to login. We first build and create a release package.

dotnet publish --configuration Release

Compress-Archive -Path binReleasenet6.0publish* -DestinationPath release2.zip



 



3.8 Then we publish our release package to the Azure Web App.

az webapp deployment source config-zip -g rg-azuremaps -n web-azuremaps --src release2.zip



 



3.9 Open a web browser and navigate to the https://web-azuremaps.azurewebsites.net/ where the web-azuremaps subdomain is your unique name when creating the Azure Web App. You are now prompted to log in with your work or school account (AAD) and give permissions.


login_permissions.png


3.10 A recommended last step is to disable the use of the Azure Maps Key authentication.

az maps account update -n map-azuremaps -g rg-azuremaps --disable-local-auth true -s "G2"



 




When we have done all the steps in this step-by-step article, you have a protected web application in combination with Azure Maps that uses of Azure Active Directory, Azure role-based access control (Azure RBAC), and Azure Maps tokens. I recommend that you read our Authentication best practices and Azure Maps documentation. As an example, the Azure Maps Samples website uses most of the steps described in this article. Happy coding.




Azure Data Factory Changing Default Pipeline Activity Timeout

Azure Data Factory Changing Default Pipeline Activity Timeout

by | Aug 12, 2022 | Technology

This article is contributed. See the original author and article here.

Hey ADF fans! Here is a quick note on an important update that we will be making to ADF …


 


In Azure Data Factory and Azure Synapse Analytics, the default timeout for new pipeline activities is 7 days for most activities:


 


MarkKromer_0-1660351369670.png


 


In a few weeks, we are going to change that default for new activities in your pipelines to 12 hours before the activity will timeout. This change is in direct response to your feedback. We gathered feedback across channels directly from the ADF product, customer interviews, and on social media.


 


It became very clear that the default timeout of 7 days was too long and far outside of the most common activity execution times we observed and heard from you. Keep in mind that you should adjust the timeout on long-running processes (i.e. large copy activity and data flow jobs) to a higher value if needed.


 


When this change is deployed to ADF and Synapse pipelines, we will include banners and notifications in your browser UI to indicate this is the new default value for timeouts so that you are aware it has been implemented.


 


As always, a big Thank You for using ADF and for sharing your ideas and feedback on ADF. It helps us tremendously in the product team at Microsoft Azure to make ADF and Synapse the best products for data engineers!


 


 

Released: Microsoft.Data.SqlClient 3.1.1

by | Aug 12, 2022 | Technology

This article is contributed. See the original author and article here.

We have released an update to Microsoft.Data.SqlClient 3.1, version 3.1.1. The update addresses several issues that are important to our customers.


 


Updates in Microsoft.Data.SqlClient 3.1.1 include:


 


Fixed



  • Fixed null SqlBinary as rowversion. #1700

  • Fixed Kerberos authentication failure when using .NET 6. #1696

  • Fixed NullReferenceException during Azure Active Directory authentication. #1695

  • Removed union overlay design and use reflection in SqlTypeWorkarounds. #1699


To get the new package, add a NuGet reference to Microsoft.Data.SqlClient in your application.


 


For the list of changes in Microsoft.Data.SqlClient 3.1.1, you can also see the Release Notes.


 


If you encounter any issues or have any feedback, head over to the SqlClient GitHub repository and submit an issue.


 


David Engel