ACSC Releases Annual Cyber Threat Report

by | Sep 16, 2021 | Security, Technology

This article is contributed. See the original author and article here.

The Australian Cyber Security Centre (ACSC) has released its annual report on key cyber security threats and trends for the 2020–21 financial year.  
 
The report lists the exploitation of the pandemic environment, the disruption of essential services and critical infrastructure, ransomware, the rapid exploitation of security vulnerabilities, and the compromise of business email  as last year’s most significant threats.   
 
CISA encourages users and administrators to review ACSC’s Annual Cyber Threat Report July 2020 to June 2021 and CISA’s Stop Ransomware webpage for more information. 

Introducing the Windows Server Hybrid Administrator Associate certification

by | Sep 16, 2021 | Technology

This article is contributed. See the original author and article here.

Today at Windows Server Summit, Microsoft announced a new Windows Server Hybrid Administrator Associate certification, a certification that members of the team responsible for this blog have been highly involved in developing.



To obtain this certification you need to pass two exams: AZ 800 (Administering Windows Server Hybrid Core Infrastructure) and AZ 801 (Configuring Windows Server Hybrid Advanced Services). The objectives associated with the exams address knowledge of configuring and administering core and advanced Windows Server roles and features, from AD DS, DNS, DHCP, File, Storage and Compute through to Security, High Availability, DR, Monitoring and Troubleshooting. Both the traditional on-premises elements of these Windows Server roles and features are covered by the exam objectives as well as the interaction of these elements with hybrid cloud technologies.


 


We’ve created two study guides to help you prepare for each exam. In these study guides you will find links to relevant MS Learn modules and learning paths and docs.microsoft.com articles. You can find them here:



https://aka.ms/az-800studyguide (Administering Windows Server Hybrid Core Infrastructure)
https://aka.ms/az-801studyguide (Configuring Windows Server Hybrid Advanced Services)


 


If you just want to get a good overview of the content of each exam, I ran through the contents of each in briefings to Jeff Woolsey from the Windows Server & Azure Stack HCI product team. Each briefing is about 20 minutes in length and watching both should give you a great idea of what each exam and the certification is all about:


 


AZ-800 https://youtu.be/yI8BRar8xJY
AZ-801 https://youtu.be/T-JSpxZp8xk


 


How these exams and the certification came about is directly related this team’s role as Cloud Advocates and our responsibility of advocating to and on behalf of the IT Operations audience. Certification has always been important to us and many of us got our groundings in core Microsoft technologies through preparing to take certification exams.


 


A good number of us first got certified on Windows NT 4 and my first book was a Microsoft Press training kit for the Windows Server 2003 admin exam. When Rick Claus made the first post on this blog introducing the team back in 2018, one of the first comments we got asked us about future Windows Server training and certification. We know the topic is important to you, our audience, because it has regularly come up when presenting to audiences at Ignite or user groups, or on twitter, or in casual conversation at the supermarket.


 


Over the last 18 months Cloud Advocates have worked with World Wide Learning, Marketing, and the Windows Server and Azure Stack HCI product teams to design and develop MS Learn and instructor led training content that covered the fundamental technologies addressed by the AZ 800 and AZ 801 exams. These modules, paths, and courses laid the path for the certification announced today.


 


It’s not a stretch to say that over the last few years cloud technologies have increasingly interacted with the on-premises world. Just as WINS was critical to NT4, AD was critical to Windows 2000, and virtualization critical to Windows Server 2008 and Windows Server 2012, cloud technologies are an important element of today’s on-premises Windows Server deployments.


 


Role based certifications address the tasks that people perform in the course of their jobs. Any new certification around Windows Server not only had to address the core on-premises roles, but also how those roles are extended by technologies hosted in the cloud. Through our regular interactions with our audience we’ve seen time and time again that we’re all living in a hybrid world even if the degree to which we’re living in that world varies from organization to organization.


 


Windows Server 2022 has been designed as to work in hybrid cloud environments, something you see through Windows Admin Center through to extended capabilities made available through Azure Arc and Azure File Sync. The description for each exam indicates that exam candidates should have experience with technologies they are being tested on. Whereas a few years ago the hybrid story wasn’t as comprehensive of compelling, the release of Windows Server 2022 provided an opportunity to return to a certification that attests to how people do and will use the operating system today and into the future.


 


The AZ-800 and AZ-801 exams will go into beta towards the end of 2021. An announcement will be made when the betas are available and we expect that uptake of available seats on the beta will be swift. The exams are likely to RTM early in 2022. By providing you with a lot of information now, we hope you’ll have a good amount of time to get prepared for this brand new certification.

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

by | Sep 16, 2021 | Security, Technology

This article is contributed. See the original author and article here.

Summary

This Joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 8. See the ATT&CK for Enterprise for  referenced threat actor tactics and for techniques.

This joint advisory is the result of analytic efforts between the Federal Bureau of Investigation (FBI), United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) to highlight the cyber threat associated with active exploitation of a newly identified vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus—a self-service password management and single sign-on solution.

CVE-2021-40539, rated critical by the Common Vulnerability Scoring System (CVSS), is an authentication bypass vulnerability affecting representational state transfer (REST) application programming interface (API) URLs that could enable remote code execution. The FBI, CISA, and CGCYBER assess that advanced persistent threat (APT) cyber actors are likely among those exploiting the vulnerability. The exploitation of ManageEngine ADSelfService Plus poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software. Successful exploitation of the vulnerability allows an attacker to place webshells, which enable the adversary to conduct post-exploitation activities, such as compromising administrator credentials, conducting lateral movement, and exfiltrating registry hives and Active Directory files.

Zoho ManageEngine ADSelfService Plus build 6114, which Zoho released on September 6, 2021, fixes CVE-2021-40539. FBI, CISA, and CGCYBER strongly urge users and administrators to update to ADSelfService Plus build 6114. Additionally, FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet.

The FBI, CISA, and CGCYBER have reports of malicious cyber actors using exploits against CVE-2021-40539 to gain access [T1190] to ManageEngine ADSelfService Plus, as early as August 2021. The actors have been observed using various tactics, techniques, and procedures (TTPs), including:

  • Frequently writing webshells [T1505.003] to disk for initial persistence
  • Obfuscating and Deobfuscating/Decoding Files or Information  [T1027 and T1140]
  • Conducting further operations to dump user credentials [T1003]
  • Living off the land by only using signed Windows binaries for follow-on actions [T1218]
  • Adding/deleting user accounts as needed [T1136]
  • Stealing copies of the Active Directory database (NTDS.dit) [T1003.003] or registry hives
  • Using Windows Management Instrumentation (WMI) for remote execution [T1047]
  • Deleting files to remove indicators from the host [T1070.004]
  • Discovering domain accounts with the net Windows command [1087.002]
  • Using Windows utilities to collect and archive files for exfiltration [T1560.001]
  • Using custom symmetric encryption for command and control (C2) [T1573.001]

The FBI, CISA, and CGCYBER are proactively investigating and responding to this malicious cyber activity.

  • FBI is leveraging specially trained cyber squads in each of its 56 field offices and CyWatch, the FBI’s 24/7 operations center and watch floor, which provides around-the-clock support to track incidents and communicate with field offices across the country and partner agencies.
  • CISA offers a range of no-cost cyber hygiene services to help organizations assess, identify, and reduce their exposure to threats. By requesting these services, organizations of any size could find ways to reduce their risk and mitigate attack vectors.
  • CGCYBER has deployable elements that provide cyber capability to marine transportation system critical infrastructure in proactive defense or response to incidents.

Sharing technical and/or qualitative information with the FBI, CISA, and CGCYBER helps empower and amplify our capabilities as federal partners to collect and share intelligence and engage with victims while working to unmask and hold accountable, those conducting malicious cyber activities. See the Contact section below for details.

Click here for a PDF version of this report.

Technical Details

Successful compromise of ManageEngine ADSelfService Plus, via exploitation of CVE-2021-40539, allows the attacker to upload a .zip file containing a JavaServer Pages (JSP) webshell masquerading as an x509 certificate: service.cer. Subsequent requests are then made to different API endpoints to further exploit the victim’s system.

After the initial exploitation, the JSP webshell is accessible at /help/admin-guide/Reports/ReportGenerate.jsp. The attacker then attempts to move laterally using Windows Management Instrumentation (WMI), gain access to a domain controller, dump NTDS.dit and SECURITY/SYSTEM registry hives, and then, from there, continues the compromised access.

Confirming a successful compromise of ManageEngine ADSelfService Plus may be difficult—the attackers run clean-up scripts designed to remove traces of the initial point of compromise and hide any relationship between exploitation of the vulnerability and the webshell.

Targeted Sectors

APT cyber actors have targeted academic institutions, defense contractors, and critical infrastructure entities in multiple industry sectors—including transportation, IT, manufacturing, communications, logistics, and finance. Illicitly obtained access and information may disrupt company operations and subvert U.S. research in multiple sectors.

Indicators of Compromise

Hashes:

068d1b3813489e41116867729504c40019ff2b1fe32aab4716d429780e666324
49a6f77d380512b274baff4f78783f54cb962e2a8a5e238a453058a351fcfbba

File paths:

C:ManageEngineADSelfService Pluswebappsadssphelpadmin-guidereportsReportGenerate.jsp
C:ManageEngineADSelfService Pluswebappsadssphtmlpromotionadap.jsp
C:ManageEngineADSelfService PlusworkCatalinalocalhostROOTorgapachejsphelp
C:ManageEngineADSelfService PlusjrebinSelfSe~1.key (filename varies with an epoch timestamp of creation, extension may vary as well)
C:ManageEngineADSelfService PluswebappsadsspCertificatesSelfService.csr
C:ManageEngineADSelfService Plusbinservice.cer
C:UsersPubliccustom.txt
C:UsersPubliccustom.bat
C:ManageEngineADSelfService PlusworkCatalinalocalhostROOTorgapachejsphelp (including subdirectories and contained files)

Webshell URL Paths:

/help/admin-guide/Reports/ReportGenerate.jsp

/html/promotion/adap.jsp

Check log files located at C:ManageEngineADSelfService Pluslogs for evidence of successful exploitation of the ADSelfService Plus vulnerability:

  • In access* logs:
    • /help/admin-guide/Reports/ReportGenerate.jsp
    • /ServletApi/../RestApi/LogonCustomization
    • /ServletApi/../RestAPI/Connection
  • In serverOut_* logs:
    • Keystore will be created for "admin"
    • The status of keystore creation is Upload!
  • In adslog* logs:
    • Java traceback errors that include references to NullPointerException in addSmartCardConfig or getSmartCardConfig

TTPs:

  • WMI for lateral movement and remote code execution (wmic.exe)
  • Using plaintext credentials acquired from compromised ADSelfService Plus host
  • Using pg_dump.exe to dump ManageEngine databases
  • Dumping NTDS.dit and SECURITY/SYSTEM/NTUSER registry hives
  • Exfiltration through webshells
  • Post-exploitation activity conducted with compromised U.S. infrastructure
  • Deleting specific, filtered log lines

Yara Rules:

rule ReportGenerate_jsp {
   strings:
      $s1 = “decrypt(fpath)”
      $s2 = “decrypt(fcontext)”
      $s3 = “decrypt(commandEnc)”
      $s4 = “upload failed!”
      $s5 = “sevck”
      $s6 = “newid”
   condition:
      filesize < 15KB and 4 of them
}

rule EncryptJSP {
   strings:
      $s1 = “AEScrypt”
      $s2 = “AES/CBC/PKCS5Padding”
      $s3 = “SecretKeySpec”
      $s4 = “FileOutputStream”
      $s5 = “getParameter”
      $s6 = “new ProcessBuilder”
      $s7 = “new BufferedReader”
      $s8 = “readLine()”
   condition:
      filesize < 15KB and 6 of them
}

Mitigations

Organizations that identify any activity related to ManageEngine ADSelfService Plus indicators of compromise within their networks should take action immediately.

Zoho ManageEngine ADSelfService Plus build 6114, which Zoho released on September 6, 2021, fixes CVE-2021-40539. FBI, CISA, and CGCYBER strongly urge users and administrators to update to ADSelfService Plus build 6114. Additionally, FBI, CISA, and CGCYBER strongly urge organizations ensure ADSelfService Plus is not directly accessible from the internet.

Additionally, FBI, CISA, and CGCYBER strongly recommend domain-wide password resets and double Kerberos Ticket Granting Ticket (TGT) password resets if any indication is found that the NTDS.dit file was compromised.

Actions for Affected Organizations

Immediately report as an incident to CISA or the FBI (refer to Contact Information section below) the existence of any of the following:

  • Identification of indicators of compromise as outlined above.
  • Presence of webshell code on compromised ManageEngine ADSelfService Plus servers.
  • Unauthorized access to or use of accounts.
  • Evidence of lateral movement by malicious actors with access to compromised systems.
  • Other indicators of unauthorized access or compromise.

Contact Information

Recipients of this report are encouraged to contribute any additional information that they may have related to this threat.

For any questions related to this report or to report an intrusion and request resources for incident response or technical assistance, please contact:

  • To report suspicious or criminal activity related to information found in this Joint Cybersecurity Advisory, contact your local FBI field office at https://www.fbi.gov/contact-us/field-offices, or the FBI’s 24/7 Cyber Watch (CyWatch) at (855) 292-3937 or by e-mail at CyWatch@fbi.gov. When available, please include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting company or organization; and a designated point of contact.
  • To request incident response resources or technical assistance related to these threats, contact CISA at Central@cisa.gov.
  • To report cyber incidents to the Coast Guard pursuant to 33 CFR Subchapter H, Part 101.305 please contact the USCG National Response Center (NRC) Phone: 1-800-424-8802, email: NRC@uscg.mil.

Revisions

September 16, 2021: Initial Version

This product is provided subject to this Notification and this Privacy & Use policy.

FBI-CISA-CGCYBER Advisory on APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

by | Sep 16, 2021 | Security, Technology

This article is contributed. See the original author and article here.

The Federal Bureau of Investigation (FBI), CISA, and Coast Guard Cyber Command (CGCYBER) have released a Joint Cybersecurity Advisory (CSA) detailing the active exploitation of an authentication bypass vulnerability (CVE-2021-40539) in Zoho ManageEngine ADSelfService Plus—a self-service password management and single sign-on solution. The FBI, CISA, and CGCYBER assess that advanced persistent threat (APT) cyber actors are likely among those exploiting the vulnerability. The exploitation of this vulnerability poses a serious risk to critical infrastructure companies, U.S.-cleared defense contractors, academic institutions, and other entities that use the software.

CISA strongly encourages users and administrators to review Joint FBI-CISA-CGCYBER CSA: APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus and immediately implement the recommended mitigations, which include updating to ManageEngine ADSelfService Plus build 6114.

Office LTSC is now generally available

Office LTSC is now generally available

by | Sep 16, 2021 | Business, Microsoft 365, Technology

This article is contributed. See the original author and article here.

When we look to the future of work, it’s clear it will be built on and powered by the cloud. Microsoft is leading innovations that enable our customers to empower their people to work more collaboratively, effectively, and securely.

The post Office LTSC is now generally available appeared first on Microsoft 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Office LTSC is now generally available

Office LTSC is now generally available

by | Sep 16, 2021 | Business, Microsoft 365, Technology

This article is contributed. See the original author and article here.

When we look to the future of work, it’s clear it will be built on and powered by the cloud. Microsoft is leading innovations that enable our customers to empower their people to work more collaboratively, effectively, and securely.

The post Office LTSC is now generally available appeared first on Microsoft 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Microsoft Releases Security Update for Azure Linux Open Management Infrastructure

by | Sep 16, 2021 | Security, Technology

This article is contributed. See the original author and article here.

(Updated, September 17)

On September 16, 2021, Microsoft released additional guidance on Open Management Infrastructure (OMI) vulnerabilities—CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647—which impact Azure VM Management Extensions. According to Microsoft, “[c]ustomers must update vulnerable extensions for their Cloud and On-Premises deployments as the updates become available…”

CISA encourages organizations to review Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions for more information and to:

  • ensure automatic updates are applied 
  • ensure manual updates are applied, as patches are made available
  • restrict external access to Linux systems that expose OMI ports (TCP 5985, 5986, and 1270)

(Original, September 16)

Microsoft has released an update to address a remote code execution vulnerability—CVE-2021-38647—in Azure Linux Open Management Infrastructure (OMI). An attacker could use this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the Microsoft Security Advisory to apply the necessary update.

The importance of empathy in customer service

The importance of empathy in customer service

by | Sep 16, 2021 | Dynamics 365, Microsoft 365, Technology

This article is contributed. See the original author and article here.

The pandemic has been challenging in many ways. It has impacted nearly every facet of our lives with disruptions in supply chains, millions furloughed, and much more. Despite such, the pandemic was positive in one regardit tested our capacity to come together and innovateand frankly, we soared on so many levels. In a blink of an eye, we united to create solutions to blend the human spirit and technology to deliver resilient solutions to outlast the pandemic. This was never more evident than in customer service.

Together, we transformed into superheroes. Turning our kitchen tables into remote workspaces, sliding into our commuter slippers each morning, and logging in with a few taps on a keyboard. We accepted our instinctual need for human interaction and turned to relationship-building using communication tools like Microsoft Teams to maintain relationships and fight the isolation. We built AI-driven solutions that focus on the human element with conversational chatbots designed to answer questions at any hour of the day. We accelerated transformative changes that were expected to take years to deploy, but through sheer determination, these changes were achieved in a matter of weeks. We reached deep and ascended to new heights with empathy resonating with every word.

Customer service organizations became the epicenter of resilience, moving forward and boldly going where no customer service organization had gone before. We shifted mindsets and conquered the foreboding of implementing change and pivoted in ways we never thought possible. While the changes made were sometimes uncomfortable initially, we quickly adjusted and thrived. Customer service organizations did not combust or implode, but blossomed and prospered.

Customer service organizations overcame pandemic-induced barriers to safety and wellbeing. Maintaining social distancing and protecting employees within a contact center was next to impossible. But in a matter of weeks, agents began logging into their customer service app and resolving customer issues from the safety and comfort of their homes. Not only did cloud-based customer service and omnichannel communication solutions bridge the always-on customer service gap and help keep companies solvent, but agents also continued to strengthen relationships while resolving customer issues, growing call volumes, and less than patient customers.

Customer service managers learned much about themselves and their agents. But more importantly, they learned empathy. They learned to listen more and acknowledge the concerns of their team. Organizations that came out to stand behind their agents and their safety were rewarded with increased loyalty.

During the peak of the crisis, customer service agents became a life ring where both the organization and the customer held on tightly to maintain some sense of normalcy. The degree of empathy shared by the organization was reciprocated by the agent in terms of loyalty and lower turnover. The empathetic agent influenced the customer, creating a reciprocal and symbiotic rapport. Empathy created a domino effect and has now become a critical force in building trust and strengthening relationships with both employees and customers alike.

Empathetic organizations create a dynamic of mutual loyalty and dedication. Managers and agents are inspired and lend extra effort to achieve organizational goals. It’s no surprise that these organizations are more agile and resilient than other organizations in a volatile economic landscape.

In a recent study, empathy in the workplace positively related to job performance, and managers who practice empathetic leadership were viewed as better performers. Empathetic managers have lower turnover and increased productivity. Agents pay this empathy forward by humanizing the connection and personalizing the customer conversation. Empathetic agents are proactive, thinking, and connecting to make sure each interaction supports the customer. By demonstrating empathy, agents have the power to deliver the short-term benefit of resolving an issue and the long-term benefit of building brand loyalty through a two-way emotional connection.

Building empathy

Empathy is a skill and cannot be faked. It’s a mindset, a culture, and the core of a healthy organization. Empathy should be a driving force that envelops all activities inside an organization, whether or not it’s customer-facing. Empathy starts with listening, understanding, and anticipating the needs of another. In customer service, this means putting yourself in the shoes of the customer and seeing the issue from their point of view. Empathy is anticipating what the wants and needs are of the customer at a specific moment within their journey. Then, it is all about delivering on these wants and needs by creating a positive and friction-free experience. Remember, being empathetic doesn’t mean you have to agree with the personit simply means you understand their point of view. And unlike sympathy, in which you may feel sorrow or pity the customer’s situation, empathy reduces the distance between the two parties building upon respect and trust.

Empathy helps agents personalize the interaction, predict customer follow-up questions, and proactively answer them. Empathetic agents can also predict the customer’s response by understanding the customer’s point of view. Empathy has a direct effect on customer satisfaction and loyalty as customer satisfaction and loyalty translate to increased sales. Telling a customer “no” or that what they want will cost more or that the warranty has expired, for example, can be hard enough, but when conveyed with empathy, the agent can build trust and strengthen the relationship despite not being able to resolve the issue to the customer’s liking. When the customer’s point of view is understood, empathetic agents can address and make customers feel heard and respected, which is the first step in resolving issues.

When you don’t understand where the customer is coming from, it’s easy to assume they are overreacting. It’s not easy to be empathetic under these circumstances. To overcome this reach, figure out who your customers are and what your product or service means to them. Identify the age, gender, education, and other attributes so you can bridge the gap and grow more empathetic.

Expressing empathy

Active listening. Listening can be a challenge, especially in a noisy environment. To truly empathize, you must focus on the customer and determine the issue the customer is experiencing. Typically, customer service is contacted during the peak of customer frustration so notice not just what the customer is saying, but how they are saying it. For example, determining the tone and language used during service delivery. Real-time customer sentiment analysis is a must-have tool for agents in identifying slight nuances in the customer’s mood and responding accordingly. This may mean mirroring the tone to help navigate through the problem. It can also mean remaining silent for much of the time so the customer can converse without interruption. Be sure to ask questions to delve deeper into the customer’s issues to avoid misunderstandings. Try to put yourself in the caller’s situation. Listen for subtle cues so you can tell when you’ve achieved a positive customer interaction.

Personalize interactions. When you see the customer’s profile, strive to see the person, not just the summary of their journey. Recognize the issue and validate the customer’s feelings. Respond, restate, and summarize using the same words your customer used. Validate their point of view to encourage additional information. Promote trust, respect, and understanding by asking pertinent questions about what course of action they have already tried. Never assume the customer hasn’t tried to resolve the issue before contacting customer service.

Collect feedback. Want deeper insights into the quality of your service delivery? Ask your customer. Gather feedback directly from your customers via email, SMS, live chat, or social media. Automatically sending customer service surveys following a service interaction can help deepen customer retention. Once the survey is completed, you can share insights across applications. If you spot patterns about customers not feeling heard, respected, or helped to the best of an agent’s ability, you can bridge those gaps.

Better together

COVID-19 has touched us all, but the gift we least expected from this tragedy was learning to empathize with other human beings. Empathy has become a vital ingredient to an organization’s ability to persist, to remain resilient in times of social and economic volatility. From empathetic managers becoming better leaders to the empathetic chain reaction of frontline workers paying it forward, we all benefit by returning dividends of kindness to each other. We don’t have to agree there is a problem, but we can agree that we all deserve respect and understanding of our point of view.

Learn how Dynamics 365 Customer Service can help your organization become more resilient by personalizing the customer experience and cultivating greater empathy toward the customer by better understanding their journey.

The post The importance of empathy in customer service appeared first on Microsoft Dynamics 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Office LTSC is now generally available

New collaborative app from ServiceNow brings employee experiences into the flow of work in Microsoft Teams

by | Sep 16, 2021 | Business, Microsoft 365, Technology

This article is contributed. See the original author and article here.

As the world shifts to hybrid work, people need tools that streamline daily tasks and bring them into the flow of their work. That’s why we’re excited about the Microsoft Teams collaborative apps our partners are delivering to customers.

The post New collaborative app from ServiceNow brings employee experiences into the flow of work in Microsoft Teams appeared first on Microsoft 365 Blog.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.