Archive for October, 2020

Important considerations for a ransomware attack

October 31st, 2020

This post contains general information only offered in good faith and cannot consider every customers’ environment or risk. Synergy Software Systems is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or any other professional advice or services. This publication is not a substitute for such professional advice or services, nor should you use it as a basis for any decision, action or omission that may affect you or your business. Before making any decision, taking any action or omitting an action that may affect you or your business, consult a qualified professional advisor. You acknowledge that Synergy Software Systems shall not be responsible for any loss sustained by you or any person who relies on this publication.

If your network experiences a ransomware attack, then it is likely that your IT staff will want to immediately research and work to stop the attack before they get assistance from an outside incident response firm. This guidance is to help you to prepare your strategy, policies and and responses procedure and checklists to aid your first responders to identify important response priorities for containing a ransomware attack and to avoid common pitfalls that can hinder later investigation and recovery activities.

• Notify your incident response partner and cyber insurance agent (if you have these relationships in place).
• Be aware of any statutory and legal or contractual requirements e.g. to notify authorities, or trading partners relying on your services or integrated systems perhaps with SLAs and financial penalties, or perhaps GDPR related.
• Stop any malicious encryption software that may still be running.
• If you suspect servers and workstations are still encrypting data, power down as quickly as possible to reliably stop further encryption.
• If continued encryption is not a concern on a system, leave the system powered on but disconnect it from the network (as RAM may contain forensic data).
• Disconnect network attached storage (NAS) systems from the network immediately and until you can validate that all systems are free of ransomware.
• Isolate critical systems to prevent further spread of the malware.
• Isolate backups and backup servers.
• Shut down servers or disconnect them from networks.
• Shut down wide area network tunnels.
• Disable any employee remote access services that do not use multi-factor authentication (MFA).
• Disable VPNs or whitelist source IPs to known employees.
• Disable Remote Desktop Protocol (RDP) services or whitelist source IPs to known employees.
• Disable existing domain administrator accounts.
• Create new domain administrator accounts for critical IT staff.
• Disable all other domain administrator accounts (to prevent logins and use of issued Kerberos tickets).
• Disable malware command-and-control channels.
• Disable outbound web traffic.
• Disable all other outbound services/protocols through the firewall.
• Collect and retain logs that are not already in a centralized archive.
• As Windows security event logs can by default be overwritten within days, copy the folder c:\windows\system32\winevt\logs from any domain controllers, RDP servers and other key impacted servers to a safe place.
• Since many firewall logs and VPN are also overwritten quickly, work to export VPN access logs and firewall traffic logs to a safe place.

DEVELOP A RECOVERY STRATEGY
At this point evaluate and develop an investigation and recovery strategy. Examples of key next steps include:
• When needed, completing contracting with a legal firm and/or incident response firm
• Determining the state of storage systems and status of online and offline backups
• Creating an inventory of impacted systems
• Prioritizing applications for recovery
• Creating an inventory of sensitive or high-risk data that could have been stolen
• Evaluating potential risk to cloud email accounts or other cloud services

PITFALLS TO AVOID
In the case of an incident, your organization will want to avoid the following.
• DESTROYING CRITICAL DATA
Many times, IT staff may delete encrypted files or impacted virtual machines to free space for recovery, only to learn that the associated backups are missing or corrupt. Be sure to retain copies of all encrypted or impacted files and systems until after backups are validated and restores are complete, even if it means you have to slow down recovery to add temporary storage and copy potentially unneeded data.

• DESTROYING EVIDENCE
Deleting files or virtual machines, or performing other recovery activities before taking steps to preserve disk images, logs and other evidence, can destroy artifacts that could be used later to help tell the story of how the attacker got in and what data they stole.

• OPTIMISTIC ASSUMPTIONS
There is often a tendency to underestimate an attacker early on and to assume that it is unlikely that the attacker accessed some critical system or set of sensitive data. Perhaps because of a belief that the data would have been too hard to find or too difficult to extract. The organization, may then base its decisions about investigation and notification activities on these optimistic assumptions.

• LEAKING INFORMATION TO THE ATTACKER
Be aware that the attacker may be monitoring your communications during and after the attack. For example, don’t disclose your insurance policy’s ransom coverage limit in a public board meeting discussing the community’s response options, or the attacker will increase their demand to match the policy limit. Social media comments by staff may worry your customers. So, consider also how you will handle communications to your trading partners.

As cybercrime becomes ever more targeted and resourced ensure you have a strategy in place- just in case. Review the security tools you use. Define policies and ensure they are followed for example:
• use of secure regularly changed passwords, or dual authentication passwords
• back ups
• training of new users, and refresher training

Install and use security systems e.g.
• Physical access controls
• Firewalls,
• Anti-malware tools
Consider whether cloud migration or managed services are a better option.

Agile business with Microsoft Dynamics 365 Finance and SCMO Webinar with Synergy, Redington & Microsoft.

October 22nd, 2020

Agile business and digital transformation with Microsoft Dynamics 365 Finance and SCM
Webinar with spears from Synergy Software Systems, Redington and Microsoft.

Also features a local case study for a leading UAE real estate group.
Date and Time: UAE – 28th October 2020 | 10:00am -11:30

For existing Dynamics customers looking to upgrade there will be a special offer announced by Redington and Synergy.

Please register on the link :


If you are unable to attend this session and would like to know more about Dynamics 365 then call us on 00971 4 3365589.

DymaxIO Subscription Licensing -all Condusiv products now rolled into one for fast data.

October 21st, 2020

All of the technologies in V-locity®, Diskeeper®, and SSDkeeper® have been rolled into one new product – DymaxIO™.

New DymaxIO is fast data software. Whether on-premises or in the Cloud, DymaxIO returns more than 40%+ of your hroughput that is being robbed due to I/O inefficiencies of Windows, SQl and virtualisation.

Fix your application slows, freezes, timeouts, slow SQL queries, reduce cloud compute costs, and more, at the source – no new hardware needed.
A software solutlion to a software performance problem.

DymaxIO is sold as an annual subscription which saves you money. Subscriptions are available for client, server, and host systems.

A new DymaxIO site license is also available to conveniently and cost-effectively optimize the performance of all Windows systems.

To improve performance across your systems callus on 009714 3365589

Dynamics 365 and Microsoft Power Platform innovations, updates, and demos from the Microsoft Business Applications Launch Event

October 8th, 2020

See the latest Dynamics 365 and Microsoft Power Platform innovations, updates, and demos from the Microsoft Business Applications Launch Event. You’ll hear from James Phillips, President of the Business Applications Group, and other #Microsoft leaders as they guide you through what’s new

DYNAMICS 365 FOR MARKETING – October 2020 updates

October 8th, 2020

Microsoft understands customer engagement is the key to every business development process. This month, they add meat to their 360-degree view of customers with smart improvements to relationship-building processes and capabilities.

In-Place Editing of Email & Forms. No longer will you have to disengage from a customer journey to create or edit email communications or forms. In-place editing keeps the focus where it should be – within the customer journey. You can also create or edit marketing forms related to an event within the event itself. This one is a big improvement and just makes smart sense.

Enhanced Content-Rich Social Media Creation and Managemetn. The entire social media post creation experience has been redesigned for ease of use, better management across multiple channels and enhanced scheduling features.

A Redesigned, More Efficient Customer Journey Canvas. The new design offers a more intuitive approach to building customer journeys. The experience is further enhanced by no longer needing to hop between the canvas and the toolbox when creating the journey. One of my favorite new features is the inclusion of negative journey paths that allows you to create alternate journeys and follow-up events for those customers not meeting a certain condition (like not opening an email or not clicking on a specified link). This alone is a real game-changer.

Running Webinars within Microsoft Teams. With the onslaught of virtual events, the October release enables you to manage webinars and video meetings in Teams, directly from the Dynamics 365 Marketing platform. You can create and host live events – and integrate them directly into Marketing events. Businesses are already looking for better alternatives to Zoom and other video conferencing platforms and Microsoft is definitely stepping up to the plate.

Expanded Entity Options for Easy Data Collection. Before now, forms had to be connected to a lead or contact. But with the new release, forms no longer need to be mapped this way. Instead, marketers can store form submissions to other entities. and workflows can be created to move the data to where it needs to be.

The entirety of Dynamics 365 October Release is enormous, with updates and enhancements made throughout the entire suite of applications including: Marketing, Sales, Customer Service, Field Service, Finance, Supply Chain Management, Human Resources, Commerce, Fraud Protection, and Business Central. There are also notable Microsoft Power Platform features in the new release, including substantial improvements for Power Apps developers.

Dynamics 365 Finance deep dive

October 6th, 2020

Dynamics 365 Finance Core Features
General ledger
The general ledger module is the core of Dynamics 365 Finance.
• It’s integrated with other subledgers in financial management, so each department can manage its own books (subledgers) without disrupting the general ledger.
• It provides you with a central location to organize and manage all your organization’s financial records. Use this account information to prepare your financial statements.
• Use general ledger to define and manage the legal entity’s financial records.
• The general ledger is the register of debit and credit entries.
• You classify these entries using the accounts that listed in a chart of accounts.
• Adjust to changing financial requirements with a flexible, guided, rules-based chart of accounts, financial dimensions, and global tax engine.
• Track values efficiently and reduce reporting errors with centralized, automated processes for managing your capitalized assets from acquisition through disposal.
• Incorporate a shared chart of accounts across legal entities enables organizations to streamline main reporting and the intercompany and consolidations business processes.
The following figure illustrates the typical General ledger processes of a business:

The chart of accounts, fiscal calendars, and financial dimensions and how they’re the foundation of the general ledger module.
The general ledger defines and manages your financial records. The chart of accounts displays your register of debit and credit entries. It processes closing transactions, revalues currency amounts, and closes the fiscal periods.
Accounts payable
• With Dynamics 365 Finance accounts payable, you can distribute expenses, taxes, and charges across accounts.
• You manage your vendors, purchase orders, discounts, transactions, and invoices to reduce liability and generate greater income.
• You can also automate the review and payment of vendor invoices.
The following figure shows typical accounts payable business processes in an organization.

The general ledger is a record of all invoices and payment transactions. You match purchase orders to the invoices to see if you should pay the vendor invoice. When the invoice is due, your payable clerks generate the payments, which Dynamics 365 Finance records in the general ledger, and affects the cash and bank management.
You assign purchase orders, discount groups, payment, options, vendor holds, and more to your vendors and vendor group records. You can also create and manage transaction records with purchase orders, product receipts, and invoices. When creating and managing invoices, you can check on invoice approval, payment proposals, and invoice matches.
You use accounts payable to set up and manage your vendors and vendor groups. Once complete, you assign purchase orders, discount groups, payment, options, vendor holds, and more to your vendors and vendor group records. You can also create and manage transaction records with purchase orders, product receipts, and invoices. When creating and managing invoices, you can check on invoice approval, payment proposals, and invoice matches.

Accounts receivableCustomers, sale orders, customer invoicing, and receiving customer payments.
The Dynamics 365 Finance accounts receivable module tracks customer invoices and incoming payments. You create and manage customers, invoice sales orders, and incoming payments while completing the daily tasks in accounts receivable.
You can also invoice customers using free text invoices, recurring invoices, and batch invoices. When you receive a customer payment, you map it to the correct invoice. You can receive payments using many payment types, such as bills of exchange, cash, checks, credit cards, and electronic payments. Dynamics 365 Finance centralized payments module allows organizations with multiple legal entities to create and manage payments using a single legal entity that manages all payments.

In Dynamics 365 Finance, create and manage customers and review sales order default values, credit limits, and on hold functions. You can create and manage sales orders, journals, subscriptions, return orders, item requirements, and sales agreements. You invoice customers using free text invoices, recurring invoices, and batch invoices, then receive a customer payment and map it to the correct invoice.

Project management and accounting
A project is a group of activities to provide a service, produce a product, or achieve a result. Projects consume resources and generate financial results in the form of revenues or assets. The Dynamics 365 Finance project management and accounting module allows you to plan, create, manage, control, and complete projects.

Project managers can work across multiple industries to provide a service, produce a product, or achieve a result. You can use the project management and accounting functionality in multiple industries, as shown in the following illustration.

For example, in a call center, a ticket describes the set of actions required to resolve a call. Consulting companies, such as management or technical consulting organizations or advertising agencies, refer to their activities as projects. In marketing, a campaign is the work delivered. In project-based manufacturing, a production order refers to the work to produce the finished goods. Whatever name you use, the projects involve resources, schedules, and costs. The project management and accounting functionality help with the planning, execution, and analysis of these projects.

Project managers:
• Oversee the resources and finances.
• Create project quotations, contracts, and funding sources to set project financial perimeters.
• Review a post hour journal.
• Create project invoice proposals as they move projects through phases.

The project type determines which invoicing procedure you apply. You can invoice the two external project types only—time and material projects and fixed-price projects. You always attach time and material projects and fixed-price projects to a project contract.
Time and material projects: You base the customer invoice amount on transaction lines that you enter in projects. You can invoice transactions per project or per project contract.
Fixed-price projects: You base the customer invoice amount on invoice billing schedules. You invoice through an on-account setup, called a billing schedule. You can invoice fixed-price projects per project or per project contract.

With either type of project, you may buy items. The module interacts with procurement and sourcing to generate a purchase order, which you settle in accounts payable.

During the execution of a project, you create invoices for your customers. The sales and marketing departments continue to manage the quotations and convert them into invoices for ongoing projects, alongside with their typical role of marketing the goods and managing the sales. You manage customer payments and refunds in accounts receivable.

By using a project contract, you can invoice one or more projects at the same time. The project contract also guarantees a consistent invoicing procedure for every subproject in a project structure. Every project you invoice must be associated with a project contract. The settings for a project contract apply to all projects and subprojects that are associated with that project contract.
With project accounting, you gain an overview of project attributes. Create project quotations, contracts, and funding sources to set project financial perimeters. Review a post hour journal and create project invoice proposals as you move projects through phases.

Budgeting
With proper budgeting processes, organizations can benefit from forecasting and financial insights to compare actuals against allocated budget.
The Dynamics 365 Finance budgeting module lets you estimate the total financial requirements properly by determining the operating requirements, the fixed capital requirements, and the working capital requirements of the organization.

The resource planning cycle consists of planning, budgeting, and forecasting activities. Dynamics 365 Finance supports the processes for both long-term strategic planning and quarterly and annual budget planning.

Use the budgeting module to create and assign budget codes, allocate funds, and to plan for the future.
• Reduce operational expense by minimizing operational costs across business geographies with financial process automation, encumbrance, budget planning, and budget control.
• After you set up and approve a budget in Dynamics 365 Finance, you convert the budget plan to a budget register entry. Budget register entries give you the tools to manage the budget and keep amounts traceable through budget codes.
• Budget register entries let you revise original budgets, do transfers, and carry forward budget amounts from the previous year.
• Based on the established budget, enable budget control. The level of control depends on your organizational culture and the organization’s level of maturity.
• Educate employees about organizational targets and follow those targets through policies such as consider an online meeting instead of a travel.

Dynamics 365 Finance includes a budget control framework that lets you select either hard control or soft control. Hard control prevents postings that would go over the budget. Soft control warns you that you’ll exceed the available budget, but you can decide how to continue.

Dynamics 365 Finance budget control supports management of your financial resources through the:
• Chart of accounts
• Workflows
• User groups
• Source documents and journals
• Configurable calculation of available funds
• Budget cycles
• Thresholds.

When controls are in place, you can plan, measure, manage, and forecast your financial resources throughout its fiscal year.
After you approve budgets in Dynamics 365 Finance, you use budget plans to generate budget register entries to record the expenditure budget for your organization. You can also create or import budget register entries from a third-party program.
Then you can set up budget planning processes to meet your policies, procedures, and requirements for budget preparation. You can view and edit budget plan documents using one or more layouts. You associate each layout with a template to view and edit the budget plan documents in Excel.

You can use the budgeting module to create and assign budget codes, allocate funds, and plan for the future. You define who does budgeting, what you budget, and how the process works through a sole source of truth.

Real-time cash flow visibility
Dynamics 365 Finance offers tools, features, and a workspace with built-in intelligent controls to give real-time insight into your cash flow, product supply, and demand. It can analyze customer demographics and the cost of goods so that you negotiate advantageous agreements with your vendors and customers.

Use the cash flow forecasting tools to analyze upcoming cash flow and currency requirements to estimate your future need for cash while checking on budgeting and inventory management. It gives you better oversight and preparation for the future.
To get a forecast of your cash flow, you complete the following tasks:
• Find and list all the liquidity accounts. Liquidity accounts are the accounts for cash or cash equivalents.
• Configure the behavior for forecasts of transactions that affect the liquidity accounts.
After you’ve completed these tasks, calculate and analyze forecasts of the cash flow and upcoming currency requirements.
Integrate cash flow forecasting with the general ledger, accounts payable, accounts receivable, and budgeting and inventory management. The forecasting process uses transaction information in the system, and the calculation process forecasts the expected cash effect of each transaction.
Dynamics 365 Finance considers the following types of transactions when calculating the cash flow:
• Sales orders: Sales orders that aren’t yet invoiced, and that result in physical or financial sales.
• Purchase orders: Purchase orders that aren’t yet invoiced, and that result in physical or financial purchases.
• Accounts receivable: Open customer transactions or invoices that aren’t yet paid.
• Accounts payable: Open vendor transactions or invoices that aren’t yet paid.
• Ledger transactions: Transactions where it’s specified that a future posting will occur.
• Budget register entries: Budget register entries selected for cash flow forecasts.
• Demand forecasts: Inventory forecast model lines selected for cash flow forecasts.
• Supply forecasts: Inventory forecast model lines selected for cash flow forecasts.

Although there’s no direct integration with project management and accounting, there are several ways to include project transactions in the cash flow forecast. The system includes posted project invoices in the forecast as part of open customer transactions. The system includes project-initiated sales orders and purchase orders in the forecast as open orders after they’re entered. You can also transfer project forecasts to a ledger budget model. You include the ledger budget model in the cash flow forecast as part of the budget register entries.
Use real-time cash flow visibility features, such as budgeting and inventory management integrations, to get better visibility into the future.
Set up cash flow forecasts and show vendor and purchase order cash flow forecasts. With tools that give you a full-circle view of your current and future needs, Dynamics 365 Finance is a powerful tool for organizations that want control and insight.

Credit and collections
A common challenge for CFOs is predicting when customers will pay. Slow and inconsistent payments restrict cash flow and inhibit both long-term planning and daily performance. The credit and collections functionality in Dynamics 365 Finance predicts customers will pay when invoices, based on a multi-tiered historical analysis. The predictions help you get your receivables collected on time and reduce the cost and effort of manual collections management.
Y
ou can track and manage the complete lifecycle of credit and collections including:
• Generating customer account statements.
• 360-degree visibility of customer aging data and overdue balances.
• Automating customer communication.
• Finalizing write-offs.

You can better allocate funds and spot credit risks before large orders ship.
• You’re equipped with effective strategies to get paid in full and on time.
• You collect revenue faster because you process your money faster.
You manage accounts receivable collections information in one central view, using the Dynamics 365 Finance Manage customer credit and collection workspace. Use this central view to manage collections. Collections agents can begin the collection process from customer lists that you generate using predefined collection criteria.Visibility to customers that don’t pay invoices on-time is important to managing cash flow and receivables. The credit and collections module addresses the customer credit, collection, and write-off process. Dynamics 365 Finance ties these transactions back to the proper financial transactions to provide you with one central view.

Month, quarter, and year-end reviews
At the end of a fiscal year, you must generate closing transactions and prepare your accounts for the next fiscal year. You use the consolidation functionality to combine the financial results for several subsidiary legal entities into results for a single, consolidated organization. Prompt month end closing, and correct reporting are imperative for overall operational health of your organization.

Dynamics 365 Finance allows global businesses to do more with capabilities such as a shared chart of accounts across multiple legal entities and dashboards show a global view of your organization.

The financial period close workspace lets you track your financial closing processes across organizations, areas, and people. Depending on their view of the financial period close workspace, you’ll see either all tasks and statuses for a closing schedule assigned to different employees, or just the tasks assigned to them.

With Dynamics 365 Finance, you can close the books faster and simplify global financial management with in-depth reporting capabilities, financial intelligence, and embedded real-time analytics. You can activate flexible and agile financial reporting that supports multiple legal entities and currencies in a single instance. That instance natively manages foreign exchange and shortens the end-of-month process.
You use the general ledger to complete closing procedures for a period or a year. Closing processes prepare the system for a new period. There are many tasks including preparing filings, inventory closing, consolidation, and more that you need to complete first.
To prepare the system for a new year, you must run the year-end close process. Each organization has different processes and steps for the end of a period.

As part of periodic tasks, you must complete the following tasks:
• Bank reconciliations.
• Configure financial period close.
• Prepare periodic filings.
• Run foreign currency revaluation processes.
• Perform financial consolidations.
• Process end of year tax reporting.

Global attributes
Dynamics 365 Finance enables you to operate worldwide by supporting multiple currencies, language translations, jurisdictions, compliance regulations, and infinite dimensions.

In today’s global market, you might receive and send payments using different currencies. There are two types of currencies in Dynamics 365 Finance. The accounting currency is the main currency that you use. However, you’ll need to report recorded financial transactions in different currency, called the reporting currency. You can repurpose a reporting currency and use it as a second accounting currency. You call using two accounting currencies dual currency.

With Dynamics 365 Finance, you can convert currencies and post transactions to currencies other than the one in which you completed the order. You can recognize jurisdiction and compliance based on locality, and the user interface displays different languages based on users’ personal settings.

If your organization has multiple legal entities and transacts in multiple currencies, then supporting currencies and their corresponding exchange rates is essential.

To learn more or join our next webinar with Microsoft and Reddington on 21 October 20121 call: 0097143365589

Dynamics 365 Fraud protection

October 6th, 2020

Today’s digitally transformed enterprise conducts business online in real time – little human intervention is involved. This reduces costs and improves the customer experience. However, it exposes the enterprise to serious threats of fraud from sophisticated cybercriminals who try to take advantage of the online channel’s relative anonymity and accessibility. In e-commerce, transactions can be maliciously created via compromised accounts and stolen payment instruments

A key difference in E-Commerce fraud compared to any other fraudulent activity is that criminals do not even need a physical card for their actions.
For a false transaction to occur between a marketplace and a customer bank account only card information is required.
There are multiple ways to steal customer’s information, that’s why online payment fraud detection deserves to be managed separately.

Chargeback Fraud examples:

A customer buys a massive order and cancels the order right after the shipment, receiving goods without any payment.
A criminal, acting as a customer, gets in touch with the banking institution and claim his identity was stolen, and by this cancel the transaction
A scammer claims he never received the delivery and asks for another delivery.
For the business, it takes time and effort to properly investigate each case, so it will lose money no matter what the outcome. It’s even harder to distinguish real criminal activity from “friendly fraud” –i.e. genuine mistakes by your operation or by the real customer.

Other malicious activities include:
account takeover,
abuse of free trials,
fake product reviews,
warranty fraud,
refund fraud,
reseller fraud,
abuse of program discounts.

Such activities, affect the enterprise’s profitability and reputation and may also have serious consequences for society. Examples include money laundering and posting fake news

Dynamics 365 Fraud Protection is a cloud-based solution.
It is designed to help e-commerce merchants
decrease fraud costs,
increase acceptance rates,
improve the customer shopping experience.
Prevent payment and account-creation fraud with adaptive AI technology.
Get the benefit of connected knowledge from all Dynamics 365 Fraud Protection merchants for better fraud insights.
Improve customer service with the built-in escalation support.

The return on investment (ROI) for cybercrime online fraud is high, and it’s likely that most of an enterprise’s vulnerabilities will be discovered and exploited. Additionally, unlike during the early years of the internet, today’s fraudulent transactions can be orchestrated by well-funded and well-equipped rings of professionals. Fraud protection professionals need the right tools to fight this threat

By using Fraud Protection, you can help protect your business from fraud through several innovative and advanced capabilities. Here are some examples:
AI and insights from the fraud protection network
Device fingerprinting
A rules engine and virtual fraud analyst
A graph explorer and scorecard
A transaction acceptance booster

PURCHASE PROTECTION
1. Decrease wrongful rejections and boost acceptance rates with adaptive AI technology that continuously learns and adapts from patterns and equips store managers with tools to optimize fraud controls.
2. Increase fraud awareness and help reduce losses with a fraud protection network that uses connected knowledge to provide broad awareness of fraud activity across the globe, while keeping the security of your confidential information and shoppers’ privacy top of mind.
3. Boost transaction acceptance rates and improve the shopping experience by sharing transactional trust knowledge with issuing banks to increase authorization rates.
4. Improve customer service with a built-in escalation support tool that displays detailed context of the customer transaction including fraud insights provided by the service.

ACCOUNT PROTECTION

1. Safeguard your system with bot protection that helps protect against bots attempting to gain access to accounts with stolen credentials or to create fake accounts and transactions.
2. Help avoid losses due to fraudulent accounts with account creation protection that helps minimize abuse and automated attacks on customer accounts.
3. Reduce fraud with account sign-in protection that helps safeguard customer accounts, improving customer engagement and conversion by reducing friction.
4. Help protect customers with device fingerprinting to leverage the fraud network linkages and detect automated fraud attacks

LOSS PREVENTION
1. Help protect profits and reduce losses using adaptive AI technology that learns patterns and adapts to help optimize fraud controls.
2. Gain visibility into fraud risk with business intelligence reporting that enables store managers and investigators to take action by providing them with insights on anomalies with merchandise discounts and returns.
3. Increase operational efficiency by reducing manual effort required to determine the business entities and functions that may be at risk.
4. React quickly to dynamic fraud and purchase patterns using an enhanced loss prevention system with analysis that provides actionable insights to help reduce fraudulent returns and discounts.

Call Synergy Software Systems to learn more 00097143365589

What’s new in Dynamics SCM October 2020 Wave release – Ask Synergy Software Systems

October 6th, 2020

Edge computing is not just a buzzword. Companies often struggle with latency and connectivity when running operations in remote facilities. In fact, network latency is a top connectivity challenge for 30 percent of manufacturers, according to the IDC1. A leading cause of latency is high volume and resource-intensive processes running in parallel, resulting in reduced productivity.

Edge computing, is a means go changing where processing happens. The edge is the end of your organization’s network, the end of your reach. Edge computing put Internet of Things (IoT) devices closer to the locations they serve. The big benefits of edge computing is bandwidth savings and reduced latency, or the time it takes data to travel. Sending all data captured to a remote, central location requires a lot of bandwidth. When you put devices at the edge of your network, they can process the data before transferring only the output to your central server, which will reduce the amount of data and thus the bandwidth needed to send the information across the internet.

Data centers, typically run in cool dry atmospheres with little variability in temperature, edge computing devices are meant to operate in real-world conditions. They are usually more robust against heat and humidity and require less power, because they’re not located in big data centers that consume large amounts of electricity.

Operations without interruptions
The new Cloud and Edge Scale Unit add-ins for Microsoft Dynamics 365 Supply Chain Management, coming to preview in October, brings the power of the intelligent cloud to the edge. It allows organizations to run critical warehousing and manufacturing workloads on the edge in a distributed model using Azure stack devices. This improves resilience and ensures operations without interruptions even when temporarily disconnected from the cloud.

Scaling production and distribution with agility
Customers can make data-driven decisions before making any investment by easily simulating various factors that impact resilience of their critical manufacturing and warehouse processes, such as network latency, traffic volume, time-outs, or intermittent connectivity. They can then deploy the scale units—edge or cloud—to best overcome these challenges.

Microsoft Azure compute technologies make the deployment of edge scale units seamless with a plug-and-play experience and allows customers to easily scale during usage spikes to ensure high throughput.

In the past, edge deployments have been associated with use cases related to asset management due to the biggest concern associated with latency issues. With the new scale units for Dynamics 365 Supply Chain Management, however, the use cases have expanded to other critical manufacturing and warehouse execution scenarios.

Many manufacturers and distributors are heavily regulated and have strict policy requirements. These customers have been conservative with their migration to the cloud, which has impeded their ability to overcome disruptions like the one caused by the current pandemic. With the ability to run distributed workloads on the edge, these companies can feel more confident running the manufacturing and warehousing workloads on their premises while migrating the rest of their operations to the cloud; thereby digitally transforming their organizations and reducing costs to become more resilient.

What is the downside?
Edge computing requires a lot of hardware. For example, a large distributor or manufacturer who wanted to use IoT security cameras would need to have those edge devices at all of their hubs or warehouses. Decentralizing your equipment can present logistical challenges when it comes to management and maintenance

Edge computing has an increased attack vector because these multiple internet-facing devices are not behind well-secured corporate networks with giant firewalls, and therefore are more vulnerable to being hacked. A malicious user might try to steal your data or just commandeer your devices.

In the consumer space, a lack of security updates is a problem for products like smart lightbulbs, doorbells, and home sensors. As vulnerabilities are found, these devices need to be patched, to ensure a cybercriminal does not get unwarranted access onto your home network or take over the operation of your lightbulbs or doorbell.

To learn join us for two Webinars with Microsoft and Reddington on 21 October 2020 covering Dynamics 365 Finance, Dynamics 365 SCM Dynamics 365 Fraud protection, and how the cloud and Dynamics 365 is supporting digital transformation and new business paradigms.
To learn more call us on 009714 3365589

MrbMiner – act now to protect your SQL databases

October 3rd, 2020

MSSQL databases are under attack by a new devastating attack campaign. This time it is a dangerous malware called MrbMiner which is devised by an experienced hacking group. At this moment there is no information available about the identity of the criminals behind it. The name was given to the virus after one of the domain names which was registered to spread it.The attacks using a botnet approach — numerous computers and hacked hosts are tasked with the goal of automatically identifying accessible database servers on a given network. If such is found an automated script will be invoked which will attempt to leverage various security exploits. The main technique used is the brute force attempts that will use a dictionary or algorithm-based lists of usernames and passwords of the administrative users.A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.

Thousands of MSSQL databases have been infected so far, according to the cybersecurity arm of Chinese tech giant Tencent.In a report published earlier this month, Tencent Security named this new malware gang MrbMiner, after one of the domains used by the group to host their malware. The Chinese company says the botnet has exclusively spread by scanning the internet for MSSQL servers and then performing brute-force attacks by repeatedly trying the admin account with various weak passwords.

Once the attackers gain a foothold on a system, they download an initial assm.exe file, which establishes a (re)boot persistence mechanism and adds a backdoor account for future access. Tencent says this account uses the username “Default” and a password of “@fg125kjnhn987.”

The last step of the infection process was to connect to the command and control server and download an app a Trojan module. that mines the Monero (XMR) cryptocurrency by abusing local server resources and generating XMR coins into accounts controlled by the attackers. It is used to keep a connection to the hacker-controlled server. It is used to take over control of the systems and steal any files and data from the hacked hosts. Usually, database servers are built on top of enterprise-grade and performance-optimized servers. For this reason, the hackers behind the ongoing campaign have implemented another dangerous action – to deploy a cryptocurrency miner. This is a script configured to download multiple performance-intensive complex tasks onto the infected servers. They will run automatically which will have a crippling effect on the usability of the systems. For every reported and completed the job the hackers will receive cryptocurrency assets as a reward.

The attacks will probably change in the near future. They are particularly useful for spreading dangerous malware such as the Qbot Trojan.

LINUX AND ARM VARIANTS ALSO DISCOVERED

The MrbMiner C&C server also contained versions of the group’s malware written to target Linux servers and ARM-based systems.
The Monero wallet used for the MbrMiner version deployed on MSSQL servers stored 7 XMR (~$630). While the two sums are small, crypto-mining gangs are known to use multiple wallets for their operations, and the group has most likely generated much larger profits.
For now, what system administrators need to do is to scan their MSSQL servers for the presence of the Default/@fg125kjnhn987 backdoor account. In case they find systems with this account configured, full network audits are recommended.

A T-SQL query that will collect data for you:

SELECT COUNT(*)
FROM sys.sql_logins AS s
WHERE s.[name] = ‘Default’
AND PWDCOMPARE(‘@fg125kjnhn987.’, s.password_hash) = 1

See this link for guidance on removal: