close

Azure SQL

Azure SQL

Microsoft Open Source CodeQL Used in Solarigate (SolarWinds Attack) Investigation

Security-Threat-Microsoft-630×420 (1)

Microsoft has recently finished its investigation into the ongoing Solarigate malware attack that targeted the SolarWinds app Orion. Following the completion of that investigation, the company has made the CodeQL queries it used open source and available to everyone.

If you’re unfamiliar with CodeQL, it is a code analysis engine that creates a database around the model that is compiling code. This database can be queried for analysis and inspection. Microsoft used CodeQL when investigating the Solarigate malware to allow scalable analysis of the code.

The results of the investigation shows that Microsoft customer data was not compromised by the attacks, although code file across Azure and other services were.

For the investigation, Microsoft built custom CodeQL databases across numerous Solarigate builds. They were compiled into an aggregate database to allow for queries across the system. This approach allowed Microsoft to start finding malicious activity at code-level within hours.

Microsoft points out customers who use their open CodeQL should know discovering the same patterns does not mean they have been compromised. Furthermore, the company says any bad actor who changes their code enough will remain undetected in the parameters of the CodeQL.

In its description, Microsoft explains how the syntactic and semantic approach of the CodeQL helps discover Solarigate attacks:

“By combining these two approaches, the queries are able to detect scenarios where the malicious actor changed techniques but used similar syntax, or changed syntax but employed similar techniques. Because it’s possible that the malicious actor could change both syntax and techniques, CodeQL was but one part of our larger investigative effort.”

SolarWinds Attacks

SolarWinds related attacks have infected 18,000 organizations, including government agencies. In December, the Cybersecurity and Infrastructure Security Agency (CISA) debuted a PowerShell tool to help Microsoft 365 customers mitigate Solarigate. Microsoft had recently confirmed stolen Azure/Microsoft 365 credentials and access tokens were a part of the breach.

You can read more about the investigation and open source using Microsoft’s CodeQL queries is available here.

Tip of the day:

Hard drives are getting faster and more affordable every day, but unfortunately, their moving parts will always make them loud and mean their power draw isn’t insignificant. This can be a particular issue for those with laptops, leading many to wonder how to turn off a hard disk after it reaches an idle state.

Source Winbuzzer

read more
Azure SQL

Microsoft Brings Azure Quantum to Public Preview

Azure-Quantum-Partners-Microsoft-560×420

Microsoft’s efforts to make quantum computing usable in the real work saw the company launch Azure Quantum in private preview at Ignite 2019. At Build 2020 last year, the company moved the platform to limited preview. This week, Azure Quantum is taking another step to wide release by moving to public preview.

With the new platform, Microsoft is beginning to mainstream quantum computing. Azure Quantum is a full-stack, open cloud ecosystem that focuses on bringing the benefits of quantum computing to more users.

To do so, it’s works with partners like 1Qbit, Honeywell, IonQ, and QCI for hardware and software integrations. Though quantum computers aren’t ready for day-to-day use, developers can use quantum programming language Q# and the Quantum Development Kit (QDK) to test algorithms on both simulators and quantum hardware.

In this week’s announcements, Microsoft points out how important ongoing development will be:

“The unified Azure Quantum ecosystem will accelerate your R&D with access to diverse quantum software and hardware solutions, a network of leading quantum researchers and developers, a robust resource library, and flexible self-service or tailored development programs for customers and systems integrators,” Krysta Svore, the General Manager of Microsoft Quantum says.

Available Now

Of course, none of this is viable in a regular PC. Quantum computers require large, elaborate designs and temperatures of close to absolute zero.

Azure Quantum features a new Quantum Intermediate Representation (QIR), which is Microsoft’s own open-source user interface based on LLVM. Here customers can tap into quantum computing solutions from a range of Microsoft partners.

“The transition to Public Preview of Azure Quantum is a key milestone for quantum computing and our ecosystem. This continues the momentum we saw last year, which includes selection for the National Quantum Initiative Quantum Research Centers, the addition of new Azure Quantum partners, and hardware advances in scaling control circuitry for qubits,” Svore adds.

Organizations that have the ability to compute in quantum can check out Microsoft Azure Quantum at this website. Pricing details for the platform are available here.

Tip of the day:

The Windows default font these days is Segoe UI, a fairly simple and no-nonsense typeface that’s used across many of Microsoft’s products. However, though some like this subdued style, others look to change Windows font to something with a bit more personality.

Thankfully, Microsoft does let you change Windows fonts, but it doesn’t make it particularly easy. I our tutorial we show you how to change system font in Windows 10, or restore it again if you don’t like the changes.

Source Winbuzzer

read more
Azure SQL

China’s Quantum Computing Breakthrough Raises Questions Regarding Security

quantum-comptuer-microsoft-696×392

Microsoft is one of the leaders in quantum computing development, achieving some significant breakthroughs in the push beyond super computers. However, there are many other research projects outside of Microsoft in the same field. In China, researchers have achieved a breakthrough by claiming quantum supremacy.

This essentially means evidence quantum computing will outperform supercomputers. As ThreatPost reports, this advancement brings plenty of security concerns surrounding quantum computers.

If quantum is so powerful, what will the threats that target these systems be capable of?

A team from the University of Science and Technology of China confirmed in Science they developed a system called Jiuzhang that can complete a calculation in minutes that a supercomputer would take 10,000 years to solve. It’s the groups quantum supremacy achievement, following Google’s own supremacy breakthrough in 2019.

Threat

Speaking to ThreatPost, Tim Hollebeek, industry, and standards technical strategist with DigiCert, said the tech is still developing but the potential is clear:

“While such quantum computers are not a threat to encryption today, they do remind us that the day is coming when that will no longer be true.”

“It is important that security professionals start planning for the transition to post-quantum cryptography, as such transitions take many years to plan and implement. The Chinese result probably does not materially change predictions of how soon that will be, but leading organizations still expect it to come within the next 10 years or so. So, it is important to start preparing now.”

One obvious early protection against the misuse of quantum computing tech would be with standards and regulations. That will obviously come, but so far there is no guidance from the National Institute for Standards and Technology (NIST). Finalized standards are likely to arrive in 2022.

Source Vanguard

read more
Azure SQL

Microsoft SQL Hit by Crypto Mining Malware Perpetrated by New Hacking Group

SQL-Server-Microsoft-600×282

Microsoft SQL Servers (MSSQL) has been the target of a new malware gang in recent months. According to security researchers, the group has found success hacking servers and installing crypto miners on victim systems.

Tencent Security points out thousands of Microsoft SQL servers have been compromised. Researchers from the security division of the Chinese tech giant says it calls the previously unknown hacking group MrbMiner. This is in reference to a domain the group uses in some malware attacks.

MrbMiner has been able to spread the botnet by finding Microsoft SQL servers online and hitting them with brute-force attacks. This method consists of bombarding admin accounts with passwords in the hope some servers have weak passwords.

Considering the rate of infection, the method is working. When the bad actors access a server, they can enter a system to download an assm.exe file. With this file, they can create a boot persistence tool that allows backdoor entry into the account.

With access available, attackers can finalize the malware to download a mining app to mine the Monero (XMR) cryptocurrency. The mining tool functions by compromising the resources of local servers to mine and send coins to the hackers.

Attacks

Tencent Security points out infections have been observed on MSSQL servers, by the MrbMiner malware was also found on Linux servers and ARM systems. Looking at the Linux variant of the malware, the company found a Monero wallet.

While these attacks are obviously problematic, there are a couple of things hosts of MSSQL users can do. Firstly, ensuring the server is protected by a legitimately strong password will like thwart any attacks from MrbMiner. To check if a system is compromised, scan the server for Default/@fg125kjnhn987 backdoor account. If this is found, full network audits are necessary to stop the infection.

Source Winbuzzer

read more
Azure SQL

Microsoft Launches Host Integration Server 2020 IBM Integration Services

Microsoft-Logo-Wikipedia-1-696×503

Microsoft has this week announced its Host Integration Server 2020 (HIS 2020) is now available. This feature allows Microsoft services and products to connect with IBM mainframes. Included in the package is support for services like Windows Server 2019, SQL Server 2019, and Visual Studio 2019.

By leveraging Host Integration Server, organizations can use these Microsoft services to tap into IBM tools such as IBM z/OS 2.3, IBM i 7.3, IBM CICS 5.4, IBM MQ 9.1, and IBM DB2 for various platforms.

If you want to check out all the integrated services, check out Microsoft’s document here.

HIS is not a new Microsoft solution, but it has not received a new version since HIS 2016. In a blog post, Microsoft explains exactly what HIS can provide to customers:

“Microsoft Host Integration Server (HIS) technologies and tools enable enterprise organizations to integrate existing IBM host systems, programs, messages and data with new Microsoft server applications.

“HIS allows IT administrators to securely and efficiently connect new systems to existing systems using industry-standard High Performance Routing (HPR) and Transmission Control Protocol (TCP) over Internet Protocol (IP). This reduces operating expenses and total cost of ownership while supporting existing and new computing workloads.”

Availability

HIS 2020 is available from the Microsoft Evaluation Center. Here you can also update from HIS 2016 to HIS 2020 through a migration tool that Microsoft has made available. It is worth noting users running 32-bit or 64-bit installations will need to use different MSI packages.

Microsoft points out HIS 2020 only supports 64-bit machines.

Source Winbuzzer

read more
Azure SQL

Microsoft Launches General Availability of SQL Management Studio 18.5

SQL-Server-Background-Microsoft-696×392

SQL Management Studio 18.5 is now generally available, five months after the software’s last major update. It comes with a variety of features, improvements, and bug fixes, and pushes the build number to 15.0.1.18330.0.

General SSMS has seen some useful additions, including the ability to add ‘Notebook’ as a destination for the Generate Scripts wizard and comma-separated lists from the SQL Assessment API.

In addition, data classification has received support for sensitivity rank, and there have been two improvements to the Hyperscale side of things. For one, missing Azure additions are now present in Dac wizards, with specific support for Hyperscale. Users can also utilize ‘Import Data-Tier Application’ in SQL Azure Hyperscale”.

IS and AS Improvements

Microsoft emphasizes that these are only the most interesting changes, and the full release notes are indeed massive. However, it did take the time to highlight improvements in IS and AS:

IS

  • “Support executing SSIS Package from file system in MI Agent Job.
  • Made user-friendly improvements in configuring Azure-enabled DTExec to invoke SSIS package executions on Azure-SSIS Integration Run-time.
  • Support connecting Azure-SSIS integration run-time and managing or executing SSIS packages in package stores.
  • Support migrating on-premise SSIS agent jobs to ADF pipelines and triggers.
  • Made an improvement for the user experience of exporting SSIS projects from SSISDB. Compared with the old Export, which loaded and upgraded packages in the SSIS project, the new version independent Export won’t load and upgrade packages in the SSIS project. Instead, it keeps packages in the projects as they are in SSISDB except changing protection level to EncryptSensitiveWithUserKey.

AS

  • Added support for PowerBI endpoint in AS,  matching functionality of asazure.
  • Profiler: added support for AS Trace Definition 15.1.”

On top of all this, there have been bug fixes and minor adjustments across all areas, from the Object Explorer and SQL Agent to Data classification and auditing. The company is now listening for feedback for its next version, which is likely to have an equally long wait given the current pandemic.

Source Winbuzzer

read more
Azure SQL

Judge Temporarily Halts Microsoft’s Work on JEDI Cloud Contract at Amazon’s Request

Pentagon-Wiki-Commons-768×439

Things are starting to heat up in the war over the Pentagon’s JEDI cloud contract. After an injunction request by Amazon, Microsoft’s work on the $10 billion deal has been temporarily suspended.

The development follows complaints from the retail giant that the contract was awarded to Microsoft unfairly. It alleges that Donald Trump showed a clear and public bias against CEO Jeff Bezos, and highlights a report that he told his defense secretary to ‘screw’ AWS.

Last week, Amazon upped the publicity by calling on the president to testify, claiming that he has unique knowledge surrounding how far his influence in the contract extended. The documents surrounding its recent injunction request are closed off, but a public notice was posted with the confirmation of suspension.
Though Amazon has been awarded the injunction, it comes with a catch. It will have to create a security fund of $42 million. Should the court later find that the action is improper, it will have to pay that out to Microsoft in damages.
In response to the announcement, Microsoft said it was disappointed by the delay but that it believes it will ultimately be able to continue its work.
A Defense Department spokesperson said, “the actions taken in this litigation have unnecessarily delayed implementing DoD’s modernization strategy and deprived our warfighters of a set of capabilities they urgently need.”
Meanwhile, some surprised legal experts say it’s unusual to halt work on the contract unless they see some merit in the case. Whatever the outcome, this will have caused quite the upset for Microsoft’s workers, who suddenly find everything in question.

Source Winbuzzer

read more
Azure App ServiceAzure NetworkAzure SQLMicrosoft Teams

Ericsson Teams with Microsoft Azure to Power ‘next-Generation’ Connected Cars

microsoft-connected-vehicle-platform-official-768×432

Ericsson plans to build its Connected Vehicle Cloud on Microsoft’s Connected Vehicle Platform. Though similar in name, the two are distinctly different, Microsoft offering backbone elements like infrastructure, AI, navigation tech, and IoT Edge, while Ericsson provides a branded service.

The Swedish 5G and IoT provider says its Connected Vehicle Cloud connects more than 4 million vehicles across 180 countries worldwide. That’s 10% of the connected vehicle market, now linked with the Azure cloud.

“Together with Ericsson, we intend to simplify the development of connected vehicle services to help car makers focus on their customers’ needs and accelerate the delivery of unique, tailor-made driving experiences,” said Peggy Johnson, executive vice president, business development, Microsoft.

Shared Partners

Integrating the two services will let Ericsson enable global offerings like fleet management and over the air software updates in a cheaper and faster way. This is on top of its current implementation, which Ericsson says offloads the complexity for vehicle manufacturers by providing 24/7 operations and lifecycle management for connected vehicles.

Volvo already has a deal with both Microsoft and Ericsson. It made the deal with Microsoft back in 2017 and signed a 5-year contract with Ericsson more recently. As ZDNet’s Mary Jo Foley points out, Volkswagen acquired Volvo’s connected car unit in late 2018 and has its own strategic partnership with Microsoft. As such, integration of the two connected vehicle solutions will provide significant value for their customers.

“Our integrated solutions will help automotive manufacturers accelerate their global connected vehicle solutions and offer a better experience for drivers and passengers,” said Ericsson’s Åsa Tamsons, Senior Vice President and Head of Business Area Technologies & New Businesses. “This is an exciting new offering with great benefits for the automotive industry, leveraging Ericsson and Microsoft’s technology leadership in connectivity and cloud.”

source – Windbuzzer

read more
Azure SQL

Microsoft Details SQL Server 2019 Machine Learning Improvements

SQL-Server-Microsoft-893×420

Microsoft has this week expanded on the details for its SQL Server 2019 platform. Specifically, the company has discussed the machine learning tools in the database management system. Furthermore, Microsoft also talks about the benefits provided by Big Data Clusters.

SQL Server 2019 brings support for Machine Learning Services and failover clusters. Microsoft says this boosts reliability and makes model generation more efficient.

In terms of model training, SQL Server now offers partition-based modelling. With this introduction, users can train multiple small models through partitioned data. Previously, users were limited to training whole models.

An ability to train multiple small models means users can have greater granularity by breaking data into individual categories without needing to split data.

Elsewhere in its post, Microsoft talks about improvements made to R and Python support on SQL Server 2019. Both languages are popular amongst SQL users. In terms of Python, the language is integrated with the database engines.

“Integration of Python with the SQL server database engine enables you to perform advanced machine learning tasks close to the data rather than moving it around. Insights generated from the Python runtime can be accessed by production applications using standard SQL Server data access methods.”

SQL Server 2019

Microsoft announced the general availability of SQL Server 2019 at Ignite in November. Big Data clusters are arguably the stand out feature in SQL Server 2019. This is a solution for scaling data virtualization build on the Kuberenetes (K8s) container. Elsewhere in the new release, Microsoft has added always-on to SQL Server.

source- Windbuzzer

read more