close

Azure SQL

Azure SQL

Microsoft SQL Hit by Crypto Mining Malware Perpetrated by New Hacking Group

SQL-Server-Microsoft-600×282

Microsoft SQL Servers (MSSQL) has been the target of a new malware gang in recent months. According to security researchers, the group has found success hacking servers and installing crypto miners on victim systems.

Tencent Security points out thousands of Microsoft SQL servers have been compromised. Researchers from the security division of the Chinese tech giant says it calls the previously unknown hacking group MrbMiner. This is in reference to a domain the group uses in some malware attacks.

MrbMiner has been able to spread the botnet by finding Microsoft SQL servers online and hitting them with brute-force attacks. This method consists of bombarding admin accounts with passwords in the hope some servers have weak passwords.

Considering the rate of infection, the method is working. When the bad actors access a server, they can enter a system to download an assm.exe file. With this file, they can create a boot persistence tool that allows backdoor entry into the account.

With access available, attackers can finalize the malware to download a mining app to mine the Monero (XMR) cryptocurrency. The mining tool functions by compromising the resources of local servers to mine and send coins to the hackers.

Attacks

Tencent Security points out infections have been observed on MSSQL servers, by the MrbMiner malware was also found on Linux servers and ARM systems. Looking at the Linux variant of the malware, the company found a Monero wallet.

While these attacks are obviously problematic, there are a couple of things hosts of MSSQL users can do. Firstly, ensuring the server is protected by a legitimately strong password will like thwart any attacks from MrbMiner. To check if a system is compromised, scan the server for Default/@fg125kjnhn987 backdoor account. If this is found, full network audits are necessary to stop the infection.

Source Winbuzzer

read more
Azure SQL

Microsoft Launches Host Integration Server 2020 IBM Integration Services

Microsoft-Logo-Wikipedia-1-696×503

Microsoft has this week announced its Host Integration Server 2020 (HIS 2020) is now available. This feature allows Microsoft services and products to connect with IBM mainframes. Included in the package is support for services like Windows Server 2019, SQL Server 2019, and Visual Studio 2019.

By leveraging Host Integration Server, organizations can use these Microsoft services to tap into IBM tools such as IBM z/OS 2.3, IBM i 7.3, IBM CICS 5.4, IBM MQ 9.1, and IBM DB2 for various platforms.

If you want to check out all the integrated services, check out Microsoft’s document here.

HIS is not a new Microsoft solution, but it has not received a new version since HIS 2016. In a blog post, Microsoft explains exactly what HIS can provide to customers:

“Microsoft Host Integration Server (HIS) technologies and tools enable enterprise organizations to integrate existing IBM host systems, programs, messages and data with new Microsoft server applications.

“HIS allows IT administrators to securely and efficiently connect new systems to existing systems using industry-standard High Performance Routing (HPR) and Transmission Control Protocol (TCP) over Internet Protocol (IP). This reduces operating expenses and total cost of ownership while supporting existing and new computing workloads.”

Availability

HIS 2020 is available from the Microsoft Evaluation Center. Here you can also update from HIS 2016 to HIS 2020 through a migration tool that Microsoft has made available. It is worth noting users running 32-bit or 64-bit installations will need to use different MSI packages.

Microsoft points out HIS 2020 only supports 64-bit machines.

Source Winbuzzer

read more
Azure SQL

Microsoft Launches General Availability of SQL Management Studio 18.5

SQL-Server-Background-Microsoft-696×392

SQL Management Studio 18.5 is now generally available, five months after the software’s last major update. It comes with a variety of features, improvements, and bug fixes, and pushes the build number to 15.0.1.18330.0.

General SSMS has seen some useful additions, including the ability to add ‘Notebook’ as a destination for the Generate Scripts wizard and comma-separated lists from the SQL Assessment API.

In addition, data classification has received support for sensitivity rank, and there have been two improvements to the Hyperscale side of things. For one, missing Azure additions are now present in Dac wizards, with specific support for Hyperscale. Users can also utilize ‘Import Data-Tier Application’ in SQL Azure Hyperscale”.

IS and AS Improvements

Microsoft emphasizes that these are only the most interesting changes, and the full release notes are indeed massive. However, it did take the time to highlight improvements in IS and AS:

IS

  • “Support executing SSIS Package from file system in MI Agent Job.
  • Made user-friendly improvements in configuring Azure-enabled DTExec to invoke SSIS package executions on Azure-SSIS Integration Run-time.
  • Support connecting Azure-SSIS integration run-time and managing or executing SSIS packages in package stores.
  • Support migrating on-premise SSIS agent jobs to ADF pipelines and triggers.
  • Made an improvement for the user experience of exporting SSIS projects from SSISDB. Compared with the old Export, which loaded and upgraded packages in the SSIS project, the new version independent Export won’t load and upgrade packages in the SSIS project. Instead, it keeps packages in the projects as they are in SSISDB except changing protection level to EncryptSensitiveWithUserKey.

AS

  • Added support for PowerBI endpoint in AS,  matching functionality of asazure.
  • Profiler: added support for AS Trace Definition 15.1.”

On top of all this, there have been bug fixes and minor adjustments across all areas, from the Object Explorer and SQL Agent to Data classification and auditing. The company is now listening for feedback for its next version, which is likely to have an equally long wait given the current pandemic.

Source Winbuzzer

read more
Azure SQL

Judge Temporarily Halts Microsoft’s Work on JEDI Cloud Contract at Amazon’s Request

Pentagon-Wiki-Commons-768×439

Things are starting to heat up in the war over the Pentagon’s JEDI cloud contract. After an injunction request by Amazon, Microsoft’s work on the $10 billion deal has been temporarily suspended.

The development follows complaints from the retail giant that the contract was awarded to Microsoft unfairly. It alleges that Donald Trump showed a clear and public bias against CEO Jeff Bezos, and highlights a report that he told his defense secretary to ‘screw’ AWS.

Last week, Amazon upped the publicity by calling on the president to testify, claiming that he has unique knowledge surrounding how far his influence in the contract extended. The documents surrounding its recent injunction request are closed off, but a public notice was posted with the confirmation of suspension.
Though Amazon has been awarded the injunction, it comes with a catch. It will have to create a security fund of $42 million. Should the court later find that the action is improper, it will have to pay that out to Microsoft in damages.
In response to the announcement, Microsoft said it was disappointed by the delay but that it believes it will ultimately be able to continue its work.
A Defense Department spokesperson said, “the actions taken in this litigation have unnecessarily delayed implementing DoD’s modernization strategy and deprived our warfighters of a set of capabilities they urgently need.”
Meanwhile, some surprised legal experts say it’s unusual to halt work on the contract unless they see some merit in the case. Whatever the outcome, this will have caused quite the upset for Microsoft’s workers, who suddenly find everything in question.

Source Winbuzzer

read more
Azure App ServiceAzure NetworkAzure SQLMicrosoft Teams

Ericsson Teams with Microsoft Azure to Power ‘next-Generation’ Connected Cars

microsoft-connected-vehicle-platform-official-768×432

Ericsson plans to build its Connected Vehicle Cloud on Microsoft’s Connected Vehicle Platform. Though similar in name, the two are distinctly different, Microsoft offering backbone elements like infrastructure, AI, navigation tech, and IoT Edge, while Ericsson provides a branded service.

The Swedish 5G and IoT provider says its Connected Vehicle Cloud connects more than 4 million vehicles across 180 countries worldwide. That’s 10% of the connected vehicle market, now linked with the Azure cloud.

“Together with Ericsson, we intend to simplify the development of connected vehicle services to help car makers focus on their customers’ needs and accelerate the delivery of unique, tailor-made driving experiences,” said Peggy Johnson, executive vice president, business development, Microsoft.

Shared Partners

Integrating the two services will let Ericsson enable global offerings like fleet management and over the air software updates in a cheaper and faster way. This is on top of its current implementation, which Ericsson says offloads the complexity for vehicle manufacturers by providing 24/7 operations and lifecycle management for connected vehicles.

Volvo already has a deal with both Microsoft and Ericsson. It made the deal with Microsoft back in 2017 and signed a 5-year contract with Ericsson more recently. As ZDNet’s Mary Jo Foley points out, Volkswagen acquired Volvo’s connected car unit in late 2018 and has its own strategic partnership with Microsoft. As such, integration of the two connected vehicle solutions will provide significant value for their customers.

“Our integrated solutions will help automotive manufacturers accelerate their global connected vehicle solutions and offer a better experience for drivers and passengers,” said Ericsson’s Åsa Tamsons, Senior Vice President and Head of Business Area Technologies & New Businesses. “This is an exciting new offering with great benefits for the automotive industry, leveraging Ericsson and Microsoft’s technology leadership in connectivity and cloud.”

source – Windbuzzer

read more
Azure SQL

Microsoft Details SQL Server 2019 Machine Learning Improvements

SQL-Server-Microsoft-893×420

Microsoft has this week expanded on the details for its SQL Server 2019 platform. Specifically, the company has discussed the machine learning tools in the database management system. Furthermore, Microsoft also talks about the benefits provided by Big Data Clusters.

SQL Server 2019 brings support for Machine Learning Services and failover clusters. Microsoft says this boosts reliability and makes model generation more efficient.

In terms of model training, SQL Server now offers partition-based modelling. With this introduction, users can train multiple small models through partitioned data. Previously, users were limited to training whole models.

An ability to train multiple small models means users can have greater granularity by breaking data into individual categories without needing to split data.

Elsewhere in its post, Microsoft talks about improvements made to R and Python support on SQL Server 2019. Both languages are popular amongst SQL users. In terms of Python, the language is integrated with the database engines.

“Integration of Python with the SQL server database engine enables you to perform advanced machine learning tasks close to the data rather than moving it around. Insights generated from the Python runtime can be accessed by production applications using standard SQL Server data access methods.”

SQL Server 2019

Microsoft announced the general availability of SQL Server 2019 at Ignite in November. Big Data clusters are arguably the stand out feature in SQL Server 2019. This is a solution for scaling data virtualization build on the Kuberenetes (K8s) container. Elsewhere in the new release, Microsoft has added always-on to SQL Server.

source- Windbuzzer

read more