Experiencing Data Latency issues for Application Insights in East US – 12/04 – Resolved

by | Dec 3, 2021 | Technology

This article is contributed. See the original author and article here.

Final Update: Saturday, 04 December 2021 03:11 UTC

We’ve confirmed that all systems are back to normal with no customer impact as of 12/4, 03:00 UTC. Our logs show the incident started on 12/3, 20:00 UTC and that during this time customers may have experienced delayed or missed Log Search Alerts and Data Latency in East US.
  • Root Cause:  An instance on a dependent backend service became unhealthy, preventing requests from completing.
  • Incident Timeline: 8 Hours – 12/3, 20:00 UTC through 12/4, 03:00 UTC
We understand that customers rely on Application Insights as a critical service and apologize for any impact this incident caused.

-Ian
Initial Update: Saturday, 04 December 2021 02:30 UTC

We are aware of issues within Application Insights and are actively investigating. Some customers may experience delayed or missed Log Search Alerts and Data Latency in East US.
  • Work Around: none
  • Next Update: Before 12/04 05:30 UTC
We are working hard to resolve this issue and apologize for any inconvenience.
-Ian

Avoiding a money mule scam

Avoiding a money mule scam

by | Dec 3, 2021 | Security

This article was originally posted by the FTC. See the original article here.

Scammers are looking for people to help them move stolen money. They visit online dating, job search, and social media sites, create fake stories, and make up reasons to send you money, usually by check or Bitcoin. Then they tell you to send that money to someone else by using gift cards or wire transfers. But they never say the money is stolen, the stories are lies, or — if you sent the money — you might be acting as what law enforcement calls a money mule.

If you help a scammer move stolen money — even if you didn’t know it was stolen — you could get into legal trouble. You’ll be at financial risk, too. If you deposit a scammer’s check, it might clear at first. When it turns out to be a fake check, the bank will want you to repay the full amount. You may be charged fees, and your account may be overdrawn or closed. And using a scammer’s money to buy gift cards and turning over the PIN codes, or sending wire transfers is almost like sending cash. In both cases, the scammer gets the money quickly, and it’s almost impossible to recover.

How can you avoid a money mule scam?

  • Don’t forward money for an online romantic interest who sends you money. That’s always a scam, and a way to get you to move stolen money.
  • Don’t accept a job that asks you to transfer money or packages even if they tell you to send money to a “client” or “supplier.” You may be helping a scammer move stolen money or gift cards.
  • Don’t accept a grant or prize award and forward some of the money. That’s another way to get you to move stolen money.

If you think you might be involved in this scam, stop the payment transaction and stop communicating with the person. Tell your bank, the wire transfer service, or any gift card companies right away. If a scammer has your bank account information, close your account immediately. Then tell the FTC at ReportFraud.ftc.gov.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Tackling Recursion in FHIR Using Blazor Components

Tackling Recursion in FHIR Using Blazor Components

by | Dec 3, 2021 | Technology

This article is contributed. See the original author and article here.

MicrosoftTeams-image.png


Overview


Many FHIR include complex nesting.  For example the Item component of Questionnaire can either be a single item or an array of more items, which can themselves also be arrays of more items, with even more arrays below.  Arrays all the way down!  A previous post (FHIR + Blazor + Recursion = Rendering a Questionnaire ) showed a method to render objects with complex nesting: using Dynamic Fragments.  This article shows an alternative method: using self-referential components.


Why use components?


Components will allow easier reuse than Dynamic Fragment rendered pages.  Imagine a case where we want to both create new and allow updates of complex nested children.  If we use components, we can easily adapt a component for both EDIT and CREATE.  More reuse means less code!


How it’ll work


We’ll create a parent component.  The parent component will render the child component. 


ParentChildComponents.png


Parent Component;


 


 

<span>@Parent.Title</span>
<p>@Parent.Description</p>

@{
   int childNum=1;
}

@foreach(var child in Parent.children){
    Child #@childNum
    ChildComponent child=child />
    childNum++;
}

 


 


AND HERE’s THE MAGIC:


Child Component:


 


 

<span>@Child.Title</span>

@foreach(var child in Child.children){
    <ChildComponent child=child />
}

 


 



The child component will render additional child components.


FHIR Specific Example


Check out the code below from (FHIRBlaze)


Parent Component (QuestionnaireComponent)


 


 

<EditForm Model=Questionnaire OnValidSubmit=Submit>
    <label class="col-sm-2 form-label">Title:</label>
    <InputText @bind-Value=Questionnaire.Title />

    @foreach(var item in Questionnaire.Item)
    {
        <div class="border border-primary rounded-left  rounded-right p-2">
            <div class="row">
                <div class="col-sm-12">@GetHeader(item)</div>
            </div>
            <div class="row">
                <div class="col-sm-11">
                    <ItemDisplay ItemComponent=item/>
                </div>
                <div class="col-sm-1">
                    <button type="button" class="btn btn-primary" @onclick="()=>RemoveItem(item)">
                        <span class="oi oi-trash" />
                    </button>
                </div>
            </div>
        </div>
    }

    <div>
        <ItemTypeComponent ItemSelected="AddItem" />
    </div>   
    <br/>
    <button type="submit">Submit</button>
</EditForm>

 


 


 


Note the ItemDisplay component.


Child Component  ( ItemDisplay )


 


 

<div class="card-body">
        <label class="sr-only" >@GetTitleText(ItemComponent)</label>
        <input type='text' required class='form-control' id='question' placeholder=@GetTitleText(ItemComponent) @bind-value='ItemComponent.Text' >
        <label  class="sr-only">LinkId:</label>
        <input type='text' required class='form-control' placeholder='linkId' @bind-value='ItemComponent.LinkId'>

        @switch (ItemComponent.Type)
        {
            case Questionnaire.QuestionnaireItemType.Group:
                foreach(var groupitem in ItemComponent.Item)
                {
                     <div class="border border-primary rounded-left  rounded-right p-2">
                        <div class="row">
                            <div class="col-sm">@GetHeader(groupitem)</div>
                        </div>
                        <div class="row">
                            <div class="col-sm-11">
                                <ItemDisplay ItemComponent=groupitem/>
                            </div>
                            <div class="col-sm">
                                <button type="button" class="btn btn-primary"  @onclick="()=>ItemComponent.Item.Remove(groupitem)">
                                    <span class="oi oi-trash" />
                                </button>
                            </div>
                        </div>
                    </div>                 
                 }
                 break;
             case Questionnaire.QuestionnaireItemType.Choice:
                 int ansnum= 1;           
                 @foreach (var opt in ItemComponent.AnswerOption)
                 {
                    <div class="row">
                        <form class="form-inline">
                        <div class="col-sm-1">#@ansnum</div>
                        <div class="col-sm-10"><AnswerCoding Coding=(Coding)opt.Value /></div>
                        <div class="col-sm-1"><button type="button" class="btn btn-primary" @onclick="()=>ItemComponent.AnswerOption.Remove(opt)"><span class="oi oi-trash" /></button></div>
                        </form>
                   </div>
                   ansnum++;
                 }
                 <button type="button" @onclick=AddAnswer >Add Choice</button>
                 break;
             default:
                 break;
        }

        @if (ItemComponent.Type.Equals(Questionnaire.QuestionnaireItemType.Group))
        {
            <div>
                <ItemTypeComponent ItemSelected="AddItem" />
            </div>
        }
</div>

 


 


Line 58 is the key line.   This component renders itself!


 


Caveats


With this you should be able to quickly render nested Item after nested Item.  But there are some caveats you should know.


 


#1: Memory Consumption


              As you render each nesting- all those objects are loaded into memory.  If a FHIR has an unknown number of children- each of which could have its own children, you could potentially consume large amounts of memory.  This is a particular problem because you could be rendering on a phone.


Suggested Mitigation: Consider rendering to a max depth and a max number of children.  Render “see more” type links to allow the user to see remaining children


#2: Display Clipping


              The standard approach is to indent children.  But if you have 5 levels of nesting and the app is rendered on mobile than your 5th level children may show up in a single character column.  If you render 100 levels of nested children, your final level may not render at all.


UIClipping.png


Suggested Mitigation:  Consider an alternative to displaying all children.  For example- consider using collapsible sections to show children.


#3: Labeling Problems


              If you’re allowing Edit of a component with complex nesting it may be difficult for a user to remember which level of children, they are in. For example, imagine the following are rendered as cards: Parent 1: Child 1: Child 2: Child 3: Child 4: Child 5.


Suggested Mitigation:  Consider using borders and labeling to help users determine which child is currently selected       

CISA and FBI Release Alert on Active Exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

by | Dec 2, 2021 | Security, Technology

This article is contributed. See the original author and article here.

CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory identifying active exploitation of a vulnerability—CVE-2021-44077—in Zoho ManageEngine ServiceDesk Plus. CVE-2021-44077 is an unauthenticated remote code execution vulnerability that affects all ServiceDesk Plus versions up to, and including, version 11305. 

This vulnerability was addressed by the update released by Zoho on September 16, 2021 for ServiceDesk Plus versions 11306 and above. If left unpatched, successful exploitation of the vulnerability allows an attacker to upload executable files and place webshells that enable post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files. Zoho has set up a security response plan center that provides additional details, a downloadable tool that can be run on potentially affected systems, and a remediation guide.

CISA encourages organizations to review the joint Cybersecurity Advisory and apply the recommended mitigations immediately.

Mozilla Releases Security Updates for Network Security Services

by | Dec 2, 2021 | Security, Technology

This article is contributed. See the original author and article here.

Mozilla has released security updates to address a vulnerability in Network Security Services (NSS).  An attacker could exploit this vulnerability to take control of an affected system.  

CISA encourages users and administrators to review the Mozilla Security Advisory for NSS and apply the necessary update. 

The clock is ticking for open enrollment at Medicare.gov and Healthcare.gov

The clock is ticking for open enrollment at Medicare.gov and Healthcare.gov

by | Dec 2, 2021 | Security

This article was originally posted by the FTC. See the original article here.

Medicare

The Medicare Open Enrollment deadline of December 7, 2021 is fast approaching. If you’re on Medicare, now is the time to review your health and prescription drug coverage and compare it with other plans to make sure you have a plan that best meets your needs for 2022. Coverage changes take effect January 1, 2022.

You can get help comparing Medicare plans from your local State Health Insurance Assistance Program (SHIP), available in each U.S. state, territory, and the District of Columbia.

Private insurance companies administer, market, and sell Medicare Advantage (MA, Part C) and Medicare Prescription Drug Plans (Part D), so it’s important to understand your rights and some of the limits on marketing. That way you’ll be prepared if an insurance broker or agent tries to enroll you in a Medicare plan that isn’t right for you. To learn more, read Avoid marketing scams during 2022 Medicare Open Enrollment.

Healthcare Marketplace

Open enrollment for 2022 health plans in the Healthcare Marketplace continues through January 15, 2022, but if you want your coverage to start January 1, 2022, you need to enroll by December 15, 2021. If you enroll between December 16, 2021 and January 15, 2022, your coverage will start on February 1, 2022.

Make sure any plan you’re considering actually gives you the coverage you seek. Dishonest companies sometimes market medical discount plans or health plans with limited insurance benefits, as comprehensive health insurance. And sometimes they just lie about the “health plans” they offer. To learn more, read This open season, is that really the health insurance you’re looking for?

If you spot a scam, report it to the FTC at ReportFraud.ftc.gov. The more we hear from you, the more we can help fight scams. If the scam is Medicare related, report it at 1-800-MEDICARE.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus

by | Dec 2, 2021 | Security, Technology

This article is contributed. See the original author and article here.

Summary

This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise framework for referenced threat actor techniques and for mitigations.

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to highlight the cyber threat associated with active exploitation of a newly identified vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus—IT help desk software with asset management.

CVE-2021-44077, which Zoho rated critical, is an unauthenticated remote code execution (RCE) vulnerability affecting all ServiceDesk Plus versions up to, and including, version 11305. This vulnerability was addressed by the update released by Zoho on September 16, 2021 for ServiceDesk Plus versions 11306 and above. The FBI and CISA assess that advanced persistent threat (APT) cyber actors are among those exploiting the vulnerability. Successful exploitation of the vulnerability allows an attacker to upload executable files and place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files. 

The Zoho update that patched this vulnerability was released on September 16, 2021, along with a security advisory. Additionally, an email advisory was sent to all ServiceDesk Plus customers with additional information. Zoho released a subsequent security advisory on November 22, 2021, and advised customers to patch immediately.

The FBI and CISA are aware of reports of malicious cyber actors likely using exploits against CVE-2021-44077 to gain access [T1190] to ManageEngine ServiceDesk Plus, as early as late October 2021. The actors have been observed using various tactics, techniques and procedures (TTPs), including:

  • Writing webshells [T1505.003] to disk for initial persistence
  • Obfuscating and Deobfuscating/Decoding Files or Information [T1027 and T1140]
  • Conducting further operations to dump user credentials [T1003]
  • Living off the land by only using signed Windows binaries for follow-on actions [T1218]
  • Adding/deleting user accounts as needed [T1136]
  • Stealing copies of the Active Directory database (NTDS.dit) [T1003.003] or registry hives
  • Using Windows Management Instrumentation (WMI) for remote execution [T1047]
  • Deleting files to remove indicators from the host [T1070.004]
  • Discovering domain accounts with the net Windows command [T1087.002]
  • Using Windows utilities to collect and archive files for exfiltration [T1560.001]
  • Using custom symmetric encryption for command and control (C2) [T1573.001]

The FBI and CISA are proactively investigating this malicious cyber activity:

  • The FBI leverages specially trained cyber squads in each of its 56 field offices and CyWatch, the FBI’s 24/7 operations center and watch floor, which provides around-the-clock support to track incidents and communicate with field offices across the country and partner agencies. 
  • CISA offers a range of no-cost cyber hygiene services to help organizations assess, identify, and reduce their exposure to threats. By requesting these services, organizations of any size could find ways to reduce their risk and mitigate attack vectors. 

Sharing technical and/or qualitative information with the FBI and CISA helps empower and amplify our capabilities as federal partners to collect and share intelligence and engage with victims, while working to unmask and hold accountable those conducting malicious cyber activities.

A STIX file will be provided when available.

For a downloadable pdf of this CSA, click here

Technical Details

Compromise of the affected systems involves exploitation of CVE-2021-44077 in ServiceDesk Plus, allowing the attacker to:

  1. Achieve an unrestricted file upload through a POST request to the ServiceDesk REST API URL and upload an executable file, C:ManageEngineServicedeskbinmsiexec.exe, with a SHA256 hash of ecd8c9967b0127a12d6db61964a82970ee5d38f82618d5db4d8eddbb3b5726b7. This executable file serves as a dropper and contains an embedded, encoded Godzilla JAR file.
  2. Gain execution for the dropper through a second POST request to a different REST API URL, which will then decode the embedded Godzilla JAR file and drop it to the filepath C:ManageEngineServiceDesklibtomcattomcat-postgres.jar with a SHA256 hash of 67ee552d7c1d46885b91628c603f24b66a9755858e098748f7e7862a71baa015.

Confirming a successful compromise of ManageEngine ServiceDesk Plus may be difficult—the attackers are known to run clean-up scripts designed to remove traces of the initial point of compromise and hide any relationship between exploitation of the vulnerability and the webshell.

Targeted Industries 

APT cyber actors have targeted Critical Infrastructure Sector industries, including the healthcare, financial services, electronics and IT consulting industries.

Indicators of Compromise 

Hashes

Webshell:

67ee552d7c1d46885b91628c603f24b66a9755858e098748f7e7862a71baa015
068D1B3813489E41116867729504C40019FF2B1FE32AAB4716D429780E666324
759bd8bd7a71a903a26ac8d5914e5b0093b96de61bf5085592be6cc96880e088
262cf67af22d37b5af2dc71d07a00ef02dc74f71380c72875ae1b29a3a5aa23d
a44a5e8e65266611d5845d88b43c9e4a9d84fe074fd18f48b50fb837fa6e429d
ce310ab611895db1767877bd1f635ee3c4350d6e17ea28f8d100313f62b87382
75574959bbdad4b4ac7b16906cd8f1fd855d2a7df8e63905ab18540e2d6f1600
5475aec3b9837b514367c89d8362a9d524bfa02e75b85b401025588839a40bcb

Dropper:

ecd8c9967b0127a12d6db61964a82970ee5d38f82618d5db4d8eddbb3b5726b7

Implant:

009d23d85c1933715c3edcccb46438690a66eebbcccb690a7b27c9483ad9d0ac 
083bdabbb87f01477f9cf61e78d19123b8099d04c93ef7ad4beb19f4a228589a
342e85a97212bb833803e06621170c67f6620f08cc220cf2d8d44dff7f4b1fa3

NGLite Backdoor:

805b92787ca7833eef5e61e2df1310e4b6544955e812e60b5f834f904623fd9f
3da8d1bfb8192f43cf5d9247035aa4445381d2d26bed981662e3db34824c71fd
5b8c307c424e777972c0fa1322844d4d04e9eb200fe9532644888c4b6386d755
3f868ac52916ebb6f6186ac20b20903f63bc8e9c460e2418f2b032a207d8f21d
342a6d21984559accbc54077db2abf61fd9c3939a4b09705f736231cbc7836ae
7e4038e18b5104683d2a33650d8c02a6a89badf30ca9174576bf0aff08c03e72

KDC Sponge:

3c90df0e02cc9b1cf1a86f9d7e6f777366c5748bd3cf4070b49460b48b4d4090
b4162f039172dcb85ca4b85c99dd77beb70743ffd2e6f9e0ba78531945577665
e391c2d3e8e4860e061f69b894cf2b1ba578a3e91de610410e7e9fa87c07304c

Malicious IIS Module:

bec067a0601a978229d291c82c35a41cd48c6fca1a3c650056521b01d15a72da

Renamed WinRAR:

d0c3d7003b7f5b4a3bd74a41709cfecfabea1f94b47e1162142de76aa7a063c7

Renamed csvde:

7d2780cd9acc516b6817e9a51b8e2889f2dec455295ac6e6d65a6191abadebff

Network Indicators

POST requests sent to the following URLs:

/RestAPI/ImportTechnicians?step=1

Domains:

seed.nkn[.]org

Note: the domain seed.nkn[.]org is a New Kind of Network (NKN) domain that provides legitimate peer to peer networking services utilizing blockchain technology for decentralization. It is possible to have false positive hits in a corporate network environment and it should be considered suspicious to see any software-initiated contacts to this domain or any subdomain.

Log File Analysis

  • Check serverOut*.txt log files under C:ManageEngineServiceDesklogs for suspicious log entries matching the following format:
    • [<time>]|[<date>]|[com.adventnet.servicedesk.setup.action.ImportTechniciansAction]|[INFO]|[62]: fileName is : msiexec.exe]

Filepaths

C:ManageEngineServiceDeskbinmsiexec.exe
C:ManageEngineServiceDesklibtomcattomcat-postgres.jar
C:WindowsTempScriptModule.dll
C:ManageEngineServiceDeskbinScriptModule.dll
C:Windowssystem32ME_ADAudit.exe
c:Users[username]AppDataRoamingADManagerME_ADManager.exe
%ALLUSERPROFILE%MicrosoftWindowsCachessystem.dat
C:ProgramDataMicrosoftCryptoRSAkey.dat
c:windowstempccc.exe

Tactics, Techniques, and Procedures

  • Using WMI for lateral movement and remote code execution (in particular, wmic.exe)
  • Using plaintext credentials for lateral movement
  • Using pg_dump.exe to dump ManageEngine databases
  • Dumping NTDS.dit and SECURITY/SYSTEM/NTUSER registry hives
  • Active credential harvesting through LSASS (KDC Sponge)
  • Exfiltrating through webshells
  • Conducting exploitation activity often through other compromised U.S. infrastructure
  • Dropping multiple webshells and/or implants to maintain persistence
  • Using renamed versions of WinRAR, csvde, and other legitimate third-party tools for reconnaissance and exfiltration

Yara Rules

rule ReportGenerate_jsp {
   strings:
      $s1 = “decrypt(fpath)”
      $s2 = “decrypt(fcontext)”
      $s3 = “decrypt(commandEnc)”
      $s4 = “upload failed!”
      $s5 = “sevck”
      $s6 = “newid”
   condition:
      filesize < 15KB and 4 of them
}

rule EncryptJSP {
   strings:
      $s1 = “AEScrypt”
      $s2 = “AES/CBC/PKCS5Padding”
      $s3 = “SecretKeySpec”
      $s4 = “FileOutputStream”
      $s5 = “getParameter”
      $s6 = “new ProcessBuilder”
      $s7 = “new BufferedReader”
      $s8 = “readLine()”
   condition:
      filesize < 15KB and 6 of them
}

rule ZimbraImplant {
    strings:
        $u1 = “User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36”
        $u2 = “Content-Type: application/soap+xml; charset=UTF-8”
        $u3 = “/service/soap”
        $u4 = “Good Luck :::)”
        $s1 = “zimBR”
        $s2 = “log10”
        $s3 = “mymain”
        $s4 = “urn:zimbraAccount”
        $s5 = “/service/upload?fmt=extended,raw”
        $s6 = “<query>(in:”inbox” or in:”junk”) is:unread</query>”
    condition:
        (uint16(0) == 0x5A4D and uint32(uint32(0x3C)) == 0x00004550) and filesize < 2MB and 1 of ($u*) and 3 of ($s*)
}

rule GodzillaDropper {
    strings:
        $s1 = “UEsDBAoAAAAAAI8UXFM” // base64 encoded PK/ZIP header
        $s2 = “../lib/tomcat/tomcat-postgres.jar”
        $s3 = “RunAsManager.exe”
        $s4 = “ServiceDesk”
        $s5 = “C:Userspwndocumentsvisual studio 2015Projectspayloaddll”
        $s6 = “CreateMutexA”
        $s7 = “cplusplus_me”
    condition:
        (uint16(0) == 0x5A4D and uint32(uint32(0x3C)) == 0x00004550) and filesize < 350KB and 4 of them
}

rule GodzillaJAR {
    strings:
        $s1 = “org/apache/tomcat/SSLFilter.class”
        $s2 = “META-INF/services/javax.servlet.ServletContainerInitializer”
        $s3 = “org/apache/tomcat/MainFilterInitializer.class”
    condition:
        uint32(0) == 0x04034B50 and filesize < 50KB and all of them
}

rule APT_NGLite {
    strings:
        $s1 = “/mnt/hgfs/CrossC2-2.2”
        $s2 = “WHATswrongwithU”
        $s3 = “//seed.nkn.org:”
        $s4 = “Preylistener”
        $s5 = “preyid”
        $s6 = “Www-Authenticate”
    condition:
        (uint16(0) == 0x5A4D and uint32(uint32(0x3C)) == 0x00004550) and filesize < 15MB and 4 of them
}

rule KDCSponge {
    strings:
        $k1 = “kdcsvc.dll”
        $k2 = “kdccli.dll”
        $k3 = “kdcsvs.dll”
        $f1 = “KerbHashPasswordEx3”
        $f2 = “KerbFreeKey”
        $f3 = “KdcVerifyEncryptedTimeStamp”
        $s1 = “download//symbols//%S//%S//%S” wide
        $s2 = “KDC Service”
        $s3 = “system.dat”
    condition:
        (uint16(0) == 0x5A4D and uint32(uint32(0x3C)) == 0x00004550) and filesize < 1MB and 1 of ($k*) and 1 of ($f*) and 1 of ($s*)

Mitigations

Compromise Mitigations

Organizations that identify any activity related to ManageEngine ServiceDesk Plus indicators of compromise within their networks should take action immediately. 

Zoho ManageEngine ServiceDesk Plus build 11306, or higher, fixes CVE-2021-44077. ManageEngine initially released a patch for this vulnerability on September 16, 2021. A subsequent security advisory was released on November 22, 2021, and advised customers to patch immediately. Additional information can be found in the Zoho security advisory released on November 22, 2021.

In addition, Zoho has set up a security response plan center that provides additional details, a downloadable tool that can be run on potentially affected systems, and a remediation guide.

FBI and CISA also strongly recommend domain-wide password resets and double Kerberos TGT password resets if any indication is found that the NTDS.dit file was compromised. 

Note: Implementing these password resets should not be taken as a comprehensive mitigation in response to this threat; additional steps may be necessary to regain administrative control of your network. Refer to your specific products mitigation guidance for details. 

Actions for Affected Organizations

Immediately report as an incident to CISA or the FBI (refer to Contact information section below) the existence of any of the following:

  • Identification of indicators of compromise as outlined above.
  • Presence of webshell code on compromised ServiceDesk Plus servers.
  • Unauthorized access to or use of accounts.
  • Evidence of lateral movement by malicious actors with access to compromised systems.
  • Other indicators of unauthorized access or compromise.

Contact Information

Recipients of this report are encouraged to contribute any additional information that they may have related to this threat. 

For any questions related to this report or to report an intrusion and request resources for incident response or technical assistance, please contact:

Revisions

December 2, 2021: Initial version

This product is provided subject to this Notification and this Privacy & Use policy.

NSA and CISA Release Part III of Guidance on Securing 5G Cloud Infrastructures

by | Dec 2, 2021 | Security, Technology

This article is contributed. See the original author and article here.

CISA has announced the joint National Security Agency (NSA) and CISA publication of the third of a four-part series, Security Guidance for 5G Cloud Infrastructures. Part III: Data Protection examines security during all phases of the data lifecycle—in transit, in use, and at rest. The guidance focuses on protecting the confidentiality, integrity, and availability of data within a 5G cloud infrastructure to protect sensitive information from unauthorized access. This series is being published under the Enduring Security Framework (ESF), a public-private cross-sector working group led by NSA and CISA.

CISA has also released a set of four 5G educational videos to enhance the awareness and importance of the safe and secure development and deployment of 5G infrastructure. 

CISA encourages 5G providers, integrators, and network operators to review the guidance and consider the recommendations. See CISA’s 5G Security and Resilience webpage for more information. 

Azure Marketplace new offers – Volume 177

Azure Marketplace new offers – Volume 177

by | Dec 2, 2021 | Technology

This article is contributed. See the original author and article here.











We continue to expand the Azure Marketplace ecosystem. For this volume, 115 new offers successfully met the onboarding criteria and went live. See details of the new offers below:





























































































































































































































































































































































































































Get it now in our marketplace
Accelario DataOps Platform for MySQL databases.png

Accelario DataOps Platform for MySQL Databases: Accelario DataOps Platform for MySQL Databases accelerates and automates self-service provisioning and data refreshes from on-premises to the cloud and vice versa with minimal downtime. Speed up your go-to-market and application delivery without sacrificing performance.
Accelario DataOps Platform for PostgreSQL database.png

Accelario DataOps Platform for PostgreSQL Databases: Accelerate your application development and cloud migration with Accelario DataOps Platform for PostgreSQL Databases. This self-service platform streamlines database copy and speeds up DevOps pipelines. Reduce wait time for any type of test data to minutes. 
ARGOS CSPM - Contextual Cloud Security Monitoring.png

ARGOS – Contextual Cloud Security Monitoring: Get a precise picture of your cloud security posture with ARGOS’ end-to-end security service. Tools like resource graphs and exploitability checks enable real-time detection and remediation so you can focus on securely deploying applications with speed and efficiency.
Bugzilla Issue Tracker.png

Bugzilla Issue Tracker: Bugzilla Issue Tracker on Ubuntu Server 20.04 is an open-source bug tracking solution that enables users to stay connected with their clients or employees while keeping track of outstanding bugs and issues throughout the software development life cycle.
Cloud Membership Management System.png

Cloud Membership Management System: Caloudi’s AI-powered cloud membership management platform helps consolidate and manage all information related to your retail customer on a single platform. Personalize your client’s shopping experience with targeted messaging and promotions.
DesktopReady for MSP.png

DesktopReady for MSP: DesktopReady for MSP is a Microsoft Azure Virtual Desktop automation platform that enables managed service providers to deliver Windows 10 desktops on Azure. Set up your modern workspace for improved agility and ongoing cost savings.
EcoVadis Sustainability Ratings.png

EcoVadis Sustainability Ratings: Integrate sustainability in your procurement policy, processes, and tools with EcoVadis Sustainability Ratings. This scalable SaaS solution helps screen and assess suppliers’ sustainability performance. This offer is for existing EcoVadis customers only.
MediaValet Digital Asset Management.png

MediaValet Digital Asset Management: This secure, cost-effective digital asset management platform seamlessly integrates with your existing tools and allows marketing teams to create, organize, and distribute high-value digital assets across teams, departments, and partners. 
Metabase on Debian.png

Metabase on Debian: Powered by Niles partners, Metabase is a business intelligence and data visualization tool with SQL capabilities. It offers a simple graphical interface to power in-application analytics without writing any SQL.
Prescript EMR.png

Prescript EMR: Prescript EMR is an integrated healthcare platform for optimizing patient care in both urban and rural settings. Powered by a clinical management system it offers a single portal for administering appointments, electronic medical records (EMR), billing, and more.
Procore Sharepoint Integration.png

Procore SharePoint IntegrationSyncEzy’s offering allows you to access Procore photos and documents within Microsoft SharePoint and discuss site documents with your construction crew from a central cloud location. Access work files within Microsoft Teams and more.
QuerySurge.png

QuerySurge: Continuously detect data issues in your delivery pipeline with this automated data testing solution from RTTS. QuerySurge optimizes your critical data by integrating Microsoft Power BI analytics in your DataOps pipeline and improves ROI.
Revenue Cycle Management.png

Revenue Cycle Management: Inforich’s solution leverages AI, automation, and analytics to streamline the insurance and clinical aspects of healthcare by linking administrative, insurance, and other financial information with the patient’s treatment plan.
Scheduling as a Service.png

Scheduling as a Service: This employee management scheduling software creates custom scheduling templates using AI to optimize resources and workforce requirements. Improve your field services and control costs by assigning employees based on total labor expense.
Seascape for Notes.png

Seascape for Notes: Seascape for Notes is an archiving solution for Lotus Notes (HCL Notes and Domino). It enables administrators to archive entire Notes applications, mail files, and other custom databases using a streamlined archiving process.
ShiftLeft CORE.png

ShiftLeft CORE: ShiftLeft CORE uses rapid, repeatable static application security testing to help developers fix 91% of new vulnerabilities within the code they are working on in two discovery sprints. Release secure code at scale with this easy-to-use SaaS platform.
Symend.png

Symend: Symend’s relationship-based approach uses behavioral science and analytics to empower customers to resolve past due bills before they reach collections. Determine which strategies will empathetically help customers while lowering your operating costs.
Vitals KPI Management for Healthcare.png

Vitals KPI Management for Healthcare: Vitals KPIM uses artificial intelligence and analytics to improve healthcare services by creating success metrics that align patient satisfaction, business processes and team collaboration. This solution is only available in Chinese.
WhiteSource Open Source Security Management.png

WhiteSource Open Source Security Management: WhiteSource Open Source Security Management offers an agile open source security and license compliance management solution that makes it easy to develop secure software without compromising speed or agility.

Go further with workshops, proofs of concept, and implementations
AKS Container Platform Build-16-Week Implementation.png

AKS Container Platform Build: 16-Week Implementation: In this engagement, BlakYaks will implement a secure and scalable Microsoft Azure Kubernetes Service (AKS) platform built with code for hosting container workloads at scale on Microsoft Azure. 
AKS Container Platform Design- 8-Week Implementation.png

AKS Container Platform Design: 8-Week Implementation: Utilizing enterprise-grade designs, patterns, and operational frameworks, BlakYaks will provide a comprehensive design engagement for a secure and compliant Microsoft Azure Kubernetes Service platform.
Azure IoT Jumpstart Kit- 1-Day Implementation Workshop .png

Azure IoT Jumpstart Kit: 1-Day Implementation Workshop: ACP IT Solutions will help connect your industrial sensors, machines, and production processes with Azure IoT using cost-effective, ready-made retrofitting product bundles. This offer is only available in German.
Azure Managed Services-12-Month Implementation.png

Azure Managed Services: 12-Month ImplementationCoreBTS’ custom Microsoft Azure managed service will help cost-optimize your business processes by enabling your teams to focus on strategic tasks rather than day-to-day operations.
Azure Migration- 4-Week Implementation.png

Azure Migration: 4-Week ImplementationIn this collaborative engagement, MNP Digital will seamlessly migrate your servers to Microsoft Azure to optimize your cloud usage and ensure a sustainable foundation, structure, governance, and security for your digital transformation.
Azure Purview Foundations- 3-Week Implementation.png

Azure Purview Foundations: 3-Week Implementation: Coretek will help you create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage with Azure Purview Foundations.
Azure Real-Time IoT Data Analytics- 20-Day Proof of Concept.png

Azure Real-Time IoT Data Analytics: 20-Day Proof of Concept: ScienceSoft’s proof of concept is designed to help companies get real-time visibility into operational processes and enable intelligent automation using Azure IoT Hub, Azure Stream Analytics and Microsoft Power BI.


Azure Sentinel Onboarding- 2-Week Proof of Concept.png

Azure Sentinel Onboarding: 2-Week Proof of Concept: Enhance your organization’s threat detection and response capabilities in this proof of concept. The experts from Stripe OLT Consulting will help your organization modernize its security operation by onboarding Microsoft Azure Sentinel into your own tenant.
ECF Data Azure Sentinel- 2-Day Workshop.png

Azure Sentinel: 2-Day Workshop: In this workshop you will partner with ECF Data to modernize your security operation and capture threat intelligence using Microsoft Azure Sentinel and move your organization’s defenses from a reactive state to a proactive one.
Azure Services‎- 1-Week Implementation.png

Azure Services‎: 1-Week Implementation: Manapro Consultants will demonstrate how Microsoft Azure services can transform your applications and lower operational costs as you lay the foundations for your cloud migration journey. This offer is available only in Spanish.
Azure Site Recovery and Backup- 3-Week Proof of Concept.png

Azure Site Recovery and Backup: 3-Week Proof of Concept: Using your existing on-premises and/or cloud servers, Insight will guide you through the concepts of cloud backup and disaster recovery and configure a working prototype. Learn how Azure Site Recovery can simplify and reduce the cost of your disaster recovery solution.
Azure Site Reliability Engineering (Managed Service)- 12-Month Implementation.png

Azure Site Reliability Engineering (Managed Service): 12-Month Implementation: BlakYaks will create and implement a custom managed service for all your Microsoft Azure hosted platforms to keep them up-to-date and aligned to your strategic requirements. Cost-optimize your business processes and site reliability engineering operations.
Windows Virtual Desktop on Azure- 2-Week Proof of Concept.png

Azure Virtual Desktop: 2-Week Proof of Concept: Insight’s proof of concept will give you the foundational knowledge to configure a secure, scalable, virtual desktop infrastructure using Microsoft Azure Virtual Desktop. Empower your employees with a flexible work environment.
Azure Virtual Desktop- 5-Week Implementation.png

Azure Virtual Desktop: 5-Week Implementation: Is your organization struggling with transitioning to remote work? 3Cloud will deliver an Azure Virtual Desktop deployment tailored to meet your operational and security needs. You’ll learn about various deployment scenarios and how to enable remote work for your organization.
Azure Virtual Desktop & Windows 365 Managed Services.png

Azure Virtual Desktop & Windows 365 Managed Services: The experts from Cubesys will develop a virtualized desktop strategy that includes a roadmap and cost-benefit analysis for an enterprise-wide implementation of Microsoft Azure Virtual Desktop and Windows 365. Learn how you can access your desktop and apps from anywhere.
Backup as a Service- 12-Month Implementation.png

Backup as a Service: 12-Month Implementation: Using Microsoft Azure and Commvault, Databarracks’ implementation will proactively resolve any security issues and help your organization monitor, manage, and restore backups so your critical data is always protected.
Cloud-Native Consulting- 2-Week Implementation.png

Cloud-Native Consulting: 2-Week Implementation: Alerant engineers will develop a wholistic understanding of your business needs before creating a roadmap to discover, plan, and develop cloud-native solutions to speed up your enterprise’s digital transformation.


Data Innovation Studio- 2-Week Workshop.png

Data Innovation Studio: 2-Week WorkshopIn this innovation workshop, the experts from Data#3 will help your organization further its analytics and AI capabilities by delivering a tailored roadmap using a modern data platform reference architecture for Azure services.
Data Lake for Mortgage Servicing- 4-Week Implementation.png

Data Lake for Mortgage Servicing: 4-Week Implementation: Invati will simplify and reduce loan servicing costs and improve business insights by mapping your team’s mortgage data sources to a single point of access using Azure Data Lake and Azure Synapse Analytics.
Data Quality & MDM - 4-Week Proof of Concept.png

Data Quality & MDM: 4-Week Proof of Concept: Using machine learning models built on Microsoft Azure components, the experts at Tredence will improve your data by removing duplicates and inconsistent records. Access reliable data for better business insights.
Data Security Protection- 4-Week Workshop.png

Data Security Protection: 4-Week Workshop: Freedom Systems will help you understand your business’s security requirements and leverage Microsoft Enterprise Mobility and Security platform to protect and secure your organization. 
DevOps Assessment-1-Day Workshop.png DevOps Assessment: 1-Day Workshop: Xpirit will leverage their expertise in DevOps and help roll out tooling and methodology as they facilitate your organization’s transition to the cloud. Companies in highly regulated sectors such as defense and finance will benefit from this offer.
Digital Twin Smart Spaces- 3-Month Proof of Concept.png

Digital Twin Smart Spaces: 3-Month Proof of Concept: T-Systems MMS will identify, optimize, or sublet unused space by tracking the digital version of available physical workspaces in real-time via its Smart Spaces platform using battery-less sensors and Azure IoT services.
Disaster Recovery as a Service with Azure-12-Month Implementation.png

Disaster Recovery as a Service with Azure Site Recovery: 12-Month Implementation: Databarracks’ 24/7/365 service is compatible with both Windows and Linux Operating Systems and uses cloud-native solutions like Azure Backup and Azure Site Recovery (ASR) to implement a simple, secure, and cost-effective disaster recovery solution.
Disaster Recovery as a Service- 12-Month Implementation.png

Disaster Recovery as a Service with Zerto: 12-Month Implementation: Databarracks will replicate your on-premises or cloud servers using Zerto Virtual Manager into a Zerto Cloud Appliance hosted in Microsoft Azure. At the point of recovery, Zerto uses Azure queues and Azure virtual machine scale sets to accelerate recovery.
Education diagnostic system- 5-Day Implementation.png

Education Diagnostic System: 5-Day Implementation: In this implementation SiES IT will help set up an appraisal platform to assess the value and quality of educational institutions using Microsoft Azure services. This offer is only available in Russian.
Identity Cleanse- 5-Day Workshop.png

Identity Cleanse: 5-Day Workshop: The experts from ITC Secure will consolidate and reconcile all sources of user and account information to assess your environment and improve the security of your ecosystem using Microsoft Azure Active Directory.
Intelligent Hybrid Cloud Platform Hosting Solution- 3-Week Implementation.png

Intelligent Hybrid Cloud Platform Hosting Solution: 3-Week Implementation: In this offer, Acer AEB will provide a consistent multi-cloud and on-premises management platform with the successful implementation of Azure Stack HCI (hyperconverged infrastructure) architecture and its integration with Azure Arc. This offer is only available in Chinese.
Linux to Azure Migration- 16-Day Workshop.png

Linux to Azure Migration: 16-Day Workshop: SVA consultants will help your organization analyze its existing Linux infrastructure and develop a roadmap and business case to move your servers and applications to Microsoft Azure using Microsoft’s Cloud Adoption Framework (CAF). This offer is only available in German.
Microsoft Azure Migration & Deployment- 3-Month Implementation.png

Microsoft Azure Migration & Deployment: 3-Month Implementation: In this offer, Insight’s specialists will guide you through the adoption and migration of Microsoft Azure and ensure your deployment process is tailored to your organization’s exact business goals and needs.
Migrate to Azure- 15-Day Deployment.png

Migrate to Azure: 15-Day Deployment: Learn how Nebulan’s iterative approach using the Microsoft Cloud Adoption Framework can cost-effectively migrate your top 10 workloads, including Windows and SQL Server, to Microsoft Azure. This offer is only available in Spanish.
Migrate to Azure- 5-Week Implementation.png

Migrate to Azure: 5-Week Implementation: In this offer, Xavor will implement a low-risk, data-driven Microsoft Azure cloud migration solution tailored to your organization’s unique needs. Ensure business continuity and improve performance with governance, automation, and control of multi-cloud environments.
ML Ops Framework Setup- 12-Week Implementation.png

ML Ops Framework Setup: 12-Week Implementation: Tredence’s automated industrialized machine learning operations platform will help you generate higher ROI on your data science investments and offer clear and robust analytical insights with minimal manual effort using Microsoft Azure DevOps.
Modern Data Warehouse- 4-Week Proof of Concept.png

Modern Data Warehouse: 4-Week Proof of Concept: In this proof of concept, devoteam will demonstrate how its solution built on Azure Data Lake, Azure Analytics, and Azure Synapse can transform and modernize your legacy data landscape. 
Modernize with Azure Kubernetes Service- 5-Day Workshop.png

Modernize with Azure Kubernetes Service: 5-Day Workshop: The experts at SVA will lead a hand-on workshop to demonstrate how Azure Kubernetes Service (AKS) can provide an agile developer environment in Microsoft Azure while reducing costs and administrative overhead. This offer is only available in German.
Secure OnMesh- 8-Week Proof of Concept.png

Secure OnMesh: 8-Week Proof of Concept: Make security an intrinsic part of your digital fabric with Logicalis’ Secure OnMesh solution. In this engagement you will learn how Secure OnMesh leverages Microsoft Azure Sentinel to protect your entire digital ecosystem with AI-enabled threat hunting capabilities.
Truveta Data Migration- 3-Month Service.png

Truveta Data Migration: 3-Month ServiceTegria’s service helps healthcare organizations build scalable data pipelines from the cloud to the Truveta healthcare data platform using Microsoft Azure tools like Data Factory and Databricks. Truveta anonymizes and maps patient data and automates file creation.
Windows to Azure Migration- 16-Day Workshop.png

Windows Server to Azure Migration: 16-Day Workshop: SVA will identify and prioritize all your assets located on-prem Windows server environment and help move them to Microsoft Azure using a Cloud Adoption Framework-aligned approach. This offer is only available in German.

Contact our partners

AccessGov

AI and Data Projects: 2-Hour Briefing

Azure Analytics: 5-Day Assessment

Azure Cloud Adoption: 2-Week Assessment

Azure Cloud: 4-Week Assessment

Azure Container Platform Security: 6-Week Assessment

Azure Migration: 3-Day Assessment

Azure Migration Readiness: 2-Week Assessment

Azure Session: 2-Hour Initial Assessment

Azure Virtual Desktop Services

C-Track Comprehensive Court Case Management Solution

Cisco Integrated System for Microsoft Azure Stack

Cloudera Data Platform 7.2.x Runtimes

CloudXR Introductory Offer – Windows Server 2019

Cryptographic Risk Assessment

Cyber Care – Managed SAP Connector for Azure Sentinel

Cybersecurity: 1-Week Assessment



Data Estate Assessment: 2-Week Assessment

DataNeuron: Automated Learning Platform
Data Science & AI: 1-Week Assessment

Digia Cloud Cost Management Reporting

DLO Starter

e4Integrate

eMission Cloud View: 10-Week Assessment

eZuite Cloud ERP

HPC Cluster – CPU Based Cluster on SUSE Enterprise Linux 15.3 HPC

iEduERP

iFIX Intelligent Service Automation

impress.ai

Intelligent Document Processor



iPILOT Teams Direct Routing

IQ3 Cloud – Azure Managed Cloud

Journey to Cloud: 1-Hour Briefing

KIVU Expense

KPN Outbound Email Security Solution

Logicworks Managed Services for Azure

Loopr Data Labelling

Mammography Intelligent Assessment

MIND’s SAP on Azure: 1-Day Briefing

Minimum Viable Cloud: 6-Week Assessment

MT Cloud Control Volumes

Networking Services for Cloud: 1-Hour Briefing

OneDrop

Oracle Database

Orbital Insight Defense and Intelligence

PwC Promo and Assortment Management Tool (RGS)

Qlik Forts

Quality Management Software System

SailPoint Sentinel Integration

Sarus Private Learning

Scale by indigo.ai

Sentiment Analysis (Call Centre) by BiTQ

SINVAD

Thunder Threat Protection System Virtual Appliance for DDoS Protection

Urbana IoT Platform

Versa SASE in vWAN

Wipro Smart Asset Twin

Unlock hidden insights in your Finance and Operations data with data lake integration

Unlock hidden insights in your Finance and Operations data with data lake integration

by | Dec 2, 2021 | Dynamics 365, Microsoft 365, Technology

This article is contributed. See the original author and article here.

You chose Dynamics 365 for your enterprise to improve visibility and to transform your business with insights. Is it a challenge to provide timely insights? Does it take too much effort to build and maintain complex data pipelines?

If your solution includes using a data lake, you can now simplify data pipelines to unlock the insights hidden in that data by connecting your Finance and Operations apps environment with a data lake. With general availability of the Export to Data Lake feature in Finance and Operations apps, data from your Dynamics 365 environment is readily available in Azure Data Lake.

Data lakes are optimized for big data analytics. With a replica of your Dynamics 365 data in the data lake, you can use Microsoft Power BI to create rich operational reports and analytics. Your data engineers can use Spark and other big data technologies to reshape data or to apply machine learning models. Or you can work with a data lake the same way that you work with data in a SQL database. Serverless SQL pool endpoints in Azure Synapse Analytics conveniently lets you query big data in the lake with Transact-SQL (T-SQL).

Why limit yourself to business data? You can ingest legacy data from previous systems as well as data from machines and sensors at a fraction of the cost incurred when storing data in a SQL data warehouse. You can easily mash-up business data with signals from sensors and machines using Azure Synapse Analytics. You can merge signals from the factory floor with production schedules, or you can merge web logs from e-commerce sites with invoices and inventory movement.

Can’t wait to try this feature? Here are the steps you need to follow.

Install the Export to Data Lake feature

The Export to Data Lake feature is an optional add-in included with your subscription to Dynamics 365. This feature is generally available in certain Azure regions: United States, Canada, United Kingdom, Europe, South East Asia, East Asia, Australia, India, and Japan. If your Finance and Operations apps environment is in any of those regions, you can enable this feature in your environment. If your environment isn’t in one of the listed regions, complete the survey and let us know. We will make this feature available in more regions in the future.

To begin to use this feature, your system administrator must first connect your Finance and Operations apps environment with an Azure Data Lake and provide consent to export and use the data.

To install the Export to Data Lake feature, first launch the Microsoft Dynamics Lifecycle Services portal and select the specific environment where you want to enable this feature. When you choose the Export to Data Lake add-in, you also need to provide the location of your data lake. If you have not created a data lake, you can create one in your Azure subscription by following the steps in Install Export to Azure Data Lake add-in.

Choose data to export to a data lake

After the add-in installation is complete, you and your power users can launch the environment for a Finance and Operations app and choose data to be exported to a data lake. You can choose from standard or customized tables and entities. When you choose an entity, the system chooses all the underlying tables that make up the entity, so there is no need to choose tables one by one.

Once you choose data, the system makes an initial copy of the data in the lake. If you chose a large table, the initial copy might take a few minutes. You can see the progress on screen. After the initial full copy is done, the system shows that the table is in a running state. At this point, all the changes occurring in the Finance and Operations apps are updated in the lake.

That’s all there is to it. The system keeps the data fresh, and your users can consume data in the data lake. You can see the status of the exports, including the last refreshed time on the screen.

Work with data in the lake

You’ll find that the data is organized into a rich folder structure within the data lake. Data is sorted by the application area, and then by module. There’s a further breakdown by table type. This rich folder structure makes it easy to organize and secure your data in the lake.

Within each data folder are CSV files that contain the data. The files are updated in place as finance and operations data is modified. In addition, the folders contain metadata that is structured based on the Common Data Model metadata system. This makes it easy for the data to be consumed by Azure Synapse, Power BI, and third-party tools.

If you would like to use T-SQL to work with data in Azure Data Lake, as if you are reading data from a SQL database, you might want to use the CDMUtil tool, available from GitHub. This tool can create an Azure Synapse database. You can query the Synapse database using T-SQL, Spark, or Synapse pipelines as if you are reading from a SQL database.

You can make the data lake into your big data warehouse by bringing data from many different sources. You can use SQL or Spark to combine the data. You can also create pipelines with complex transforms. And then, you can create Power BI reports right within Azure Synapse. Simply choose the database and create a Power BI dataset in one step. Your users can open this dataset in Power BI and create rich reports.

Next steps

Read an Export to Azure Data Lake overview to learn more about the Export to Data Lake feature.

For step-by-step instructions on how to install the Export to Data Lake add-in,see Install Export to Data Lake add-in.

We are excited to release this feature to general availability. You can also join the preview Yammer group to stay in touch with the product team as we continue to improve this feature.

The post Unlock hidden insights in your Finance and Operations data with data lake integration appeared first on Microsoft Dynamics 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.