Friday, 14 July 2017

BMW and Microsoft work to create an even more productive ride with Skype for Business in new BMW 5 series






image: https://mscorpmedia.azureedge.net/mscorpmedia/2017/07/Skype-for-Business-car.jpg

By Ulrich Homann, Distinguished Architect, Cloud + Enterprise
In today’s always-on culture, people need to be productive from anywhere – including their cars. Commute times are reaching record highs and people work from a variety of locations. This means that people need a way to capitalize on time spent in their cars. At Microsoft, we believe that cars should be more than just a ride, and also be a personal office on wheels, helping people be productive and giving them time back to enjoy their lives. Our partners at BMW share that philosophy and have positioned the company for a future where the nature of work is more mobile.
In 2016, Microsoft and BMW announced a partnership to build a platform called Open Mobility, which powers BMW Connected, BMW’s personalized mobility companion powered by the Microsoft Azure cloud. BMW and Microsoft took another step to help its drivers be even more efficient on the go. Following the launch of the new BMW 5 series in December 2016, BMW became one of the first auto manufacturers to commercially offer Office 365 communications and collaboration services through Microsoft Exchange to drivers who already rely on Office 365 at work and want to extend the services to their car.

Sunday, 9 July 2017

Petya ransomware prevention & detection in Azure Security Center

This blog post was authored by Tim Burrell, Principal Engineering Manager, Microsoft Threat Intelligence Center .
Microsoft Malware Protection Center (MMPC) published a blog post yesterday detailing a new ransomware infection that appears to have begun in Ukraine and spread from there to other places in Europe and beyond. MMPC analysis showed this to be a more sophisticated variant of Ransom:Win32/Petya and all free Microsoft antimalware products were updated with signatures for this threat, including Windows Defender Antivirus.
This post summarizes measures that Azure customers can take to prevent and detect this threat through Azure Security Center. See here for basic information on enabling Azure Security Center.

Prevention

Azure Security Center scans virtual machines across an Azure subscription and makes a recommendation to deploy endpoint protection where an existing solution is not detected. This recommendation can be accessed via the Prevention section as shown below.
Security Center - Overview
Drilling into the Compute pane (or the overview recommendations pane) shows more detail, including the Endpoint Protection installation recommendation being discussed here:
Compute
Clicking on this leads to a dialog allowing selection of and installation of an endpoint protection solutions, including Microsoft’s own antimalware solution:
Install Endpoint Protection
Select Endpoint Protection
These recommendations and associated mitigation steps are available to Azure Security Center Free tier customers.

Detection

Azure Security Center customers who have opted into Standard-Tier can benefit from a new detection recently added to alert on specific indicators related to Petya ransomware running on an infected host - this is described in further detail below.
These alerts are accessed via the Detection pane highlighted below, and require the Azure Security Center Standard tier.
Security Center
An alert for Petya ransomware will show up as shown below:
Detected Petya
Drilling in provides more detail of the impacted VM and suspicious process or commandline that triggered the alert:
Detected Petya ransomware indicators
Note that although the detection alert relates to a specific host, because this ransomware attempts to propagate to other nearby machines, it is important to apply remediation steps to all on all hosts on the network, not just the host identified in the alert.
Please follow the remediation steps indicated in the Alert or in the Microsoft Malware Protection Center (MMPC) blog.