Arndt Dibi

Earlier today, the Australian Transport Safety Board released a document entitled “MH370 — Search and debris examination update.” Perhaps occasioned by the recent completion of the towfish scan of the Indian Ocean seabed search area, the document updates earlier ATSB reports and offers some intriguing insights into what may have happened to the plane. Some thoughts:

— The first section of the report expands upon an assertion that the ATSB made in an earlier report: that the BFO values recorded at 0:19 indicate that the plane was in an increasingly steep dive. Indeed, the newly published calculations indicate that the plane was in an even steeper dive than previously reckoned: between 3,800 and 14,600 feet per minute at 00:19:29, and between 14,200 and 25,000 feet per minute at 00:19:37. On the lower end, this represents an acceleration along the vertical axis from 37.5 knots to 144 knots in eight seconds, or 0.7g. On the higher end, this represents an acceleration along the vertical axis from 140 knots to 247 knots, likewise about 0.7g. If the plane were freefalling in a vacuum, its acceleration would be 1.0g; given that the airframe would be experiencing considerable aerodynamic drag, a downward acceleration of 0.7 would have to represent a near-vertical plunge, which a plane would experience near the end of a highly developed spiral dive.

— The second section describes end-of-flight simulations carried out in a Boeing flight simulator in April of this year. These tests were more detailed than others carried out previously. Evidently, modeled aircraft were allowed to run out of fuel under various configurations of speed, altitude, and so forth, and their subsequent behavior observed. Thus, the exercise modeled what might have happened in a “ghost ship” scenario. Notably, it was found to be possible for the plane to spontaneously enter the kind of extremely steep dive described in the previous section. This being the case, the report states, the plane “generally impacted the water within 15 NM of the arc.” This is not surprising, considering that the plane had already lost altitude and was plummeting straight downward. This offers a tight constraint on where the plane could plausibly be if the 0:19 BFO analysis is correct.

— The third section describes the results of debris drift modeling that has been informed by tests involving replica flaperons “constructed with dimensions and buoyancy approximately equal to that of the recovered flaperon.” An important point not addressed by the report is the fact that the French investigators who tested the buoyancy of the flaperon were unable to reconcile its observed behavior with the observed distribution of the Lepas anatifera barnacles found growing on it. So when the French ran their own drift models, they had to run them twice, one for each buoyancy condition. Apparently the Australians overcame this paradox by discarding one of the states.

— The third section notes that, according to modeling carried out by the CSIRO, debris which entered the ocean in the southern half of the current search area would not likely reach Réunion by the time the flaperon was recovered. Meanwhile, debris that entered the water significantly north of the current search area would reach the shores of Africa much earlier than the time frame in which pieces were actually discovered there. Using this logic, the report concludes that the northern part of the current search area is probably correct. However, this seems dubious reasoning to me: one would expect a gap between the time debris arrives in Africa, and the moment when it is discovered. Also, debris can move quickly across the ocean, only to be trapped in a local gyre and move around randomly before beaching. Therefore I think the argument that the pieces couldn’t have originated further north is flawed.

— The fourth section, describing the damage analysis of the flap and flaperon, is the most interesting and newsworthy of all. In short, it makes a persuasive case that the flaperon and the inboard section of the right-hand outboard flap (which, rather remarkably, turn out to have been directly adjacent) were in the neutral, non-deployed state at the moment of impact. Assuming this is correct, this eliminates the IG’s flutter theory, as well as the widely discussed theory that the flap was deployed and therefore indicative of a pilot attempting to gently ditch the plane. Proponents of these theories will continue to argue on their behalf but in my opinion they were dubious to begin with (given the shredded condition of much of the recovered debris) and are now dead men walking.

— No mention was made of Patrick De Deckker’s exciting work with Lepas shells.

— Overall, the thrust of this report is that the plane went down very close to the seventh arc in a manner consistent with a “ghost ship” flight to fuel exhaustion, exactly as the ATSB has assumed all along. There is, however, one very large elephant in the room: the fact that Australia has spent two years and $180 million demonstrating that the plane’s wreckage does not lie where it would if this scenario were correct. Therefore it is not correct. The ATSB’s response to this conundrum is rather schizophrenic. On the one hand, it has recently floated the idea of raising another $30 million to search further—presumably the small remaining area where a plane just might conceivably have come to rest in a ghost-ship scenario, as I described in an earlier post. On the other, it has today convened a “First Principles Review” consisting of experts and advisors from Australia and around to world to scrap their previous assumptions and start with a clean sheet of paper. This implies an understanding that they have proven themselves wrong. I wonder how many assumptions they will scrap. Perhaps, as Neil Gordon mused in his interview with me, that the plane wasn’t really traveling south at 18:40? Or perhaps they’ll dare to go even deeper, and contemplate the provenance of the BFO data… ?

— A postscript: Richard Cole recently posted an update of the seabed search (below). I’m intrigued by the fact that the Fugro Equator has deployed its AUV near the northern end of the search zone. When I interviewed him for my last blog post, Fugro’s Rob Luijnenburg told me that the northern end of the search zone was flat enough that it could be scanned by the towfish alone; there was no need for an AUV scan to infill the craggy bits. So why is the AUV looking there now? Especially given that it’s very close to an area just reinspected by Dong Hai Jiu 101’s ROV. Another MH370 mystery.

UPDATE 11-2-16: I emailed Rob Luijnenburg and he immediately responded: “The AUV is scanning in a section in the north part of the priority search area in the very rugged terrain south of Broken Ridge (the east -west mountain range at approximately the 33rd parallel)… Generally the AUV is deployed in spots of extremely rugged seabed to complete the 120,000 sq km priority area survey.” Worth noting is that if the search gets expanded northeastward, it’s going to be into very rough terrain indeed.

courtesy of Richard Cole

Microsoft hate nach mehreren Wochen der Leaks und Spekulationen den Slack-Konkurrenten Microsoft Teams offiziell angekündigt. Hierbei handelt es sich um ein Tool zur Kollaboration in Teams, welches das Office 365-Paket für Unternehmen um ein wichtiges Tool erweitern wird.

Microsoft Teams ist, wie Slack auch, ein Chatroom für Unternehmen, der es erleichtern soll, in Teams zu arbeiten und diese zu organisieren. Microsoft Teams soll das perfekte Werkzeug dafür werden und den Grundstein dafür hat Microsoft bereits gelegt. Selbstverständlich kann mit dem Tool mit Outlook, OneDrive, Skype und anderen Office-Diensten interagiert werden, die in sehr vielen Unternehmen unverzichtbar sind. Dokumente können so schneller gefunden und verschickt werden. Microsoft Teams wird bereits als „Slack-Killer“ gehandelt und das zurecht. Man hat Slack im Prinzip kopiert, es aber um zahlreiche Funktionen erweitert, beispielsweise, um die Möglichkeit auf Nachrichten zu antworten, wie es von Telegram bekannt ist oder Videoanrufe zu tätigen und Meetings zu organisieren.

Slack freut sich über Konkurrenz

Slack hat bereits heute Früh in einem Blogpost auf Microsofts Ankündigung reagiert, welche bis dahin noch nicht einmal offiziell war. Man sei wirklich erfreut über die Konkurrenz und gab den Redmondern einige Tipps mit auf den Weg. Demnach reiche es nicht, einfach die Funktionen reihenweise zu kopieren, wichtiger sei, das Produkt mit Liebe zu gestalten und Kommunikation ernst zu nehmen. Slack ist da, um zu bleiben, heißt es abschließend und man sei bereit dafür, falls Microsoft auch mit einer eigenen Idee aufhorchen lassen sollte. Es klingt dennoch nicht gerade so, als würde man Microsofts Dienst etwas abgewinnen können, wenn man auch die Konkurrenz sicherlich nicht unterschätzen sollte.

Office 365 als Paket ist besser denn je

Microsoft Office 365 ist ein zweifellos großartiger Dienst für Unternehmen und mit einer integrierten Plattform zur Organisation von Teams ist diese stärker denn je. Wenn Microsoft eine Sache kann, dann ist es Arbeitsprozesse zu verstehen und Produkte anzubieten, welche diese erleichtern. Slack wird es zweifellos sehr schwer haben, mit Microsoft Teams zu konkurrieren und vor allem neue Kunden werden sich die Frage stellen, ob es sich neben Office 365 überhaupt noch lohnt, Slack zusätzlich zu bezahlen anstatt einfach das integrierte Microsoft Teams zu nutzen.

Die Einrichtung von Microsoft Teams ist absolut unkompliziert und es ist bei Office 365 Unternehmenskunden standardmäßig dabei. Um Microsoft Teams nämlich zu aktivieren, müssen Nutzer einfach ins Admin Center im Office 365 Portal navigieren, dort die Einstellungen öffnen und unter Dienste & Add-ins Microsoft Teams auswählen und einen Schalter auf „Ein“ umlegen. Die Preview ist ab heute in 18 Sprachen erhältlich für Office 365 Enterprise- und Business-Nutzer. Offiziell ausgerollt wird die Funktion im ersten Quartal 2017.

Quelle: Microsoft

Der Beitrag Microsoft Teams: Slack-Konkurrent offiziell angekündigt erschien zuerst auf WindowsArea.de.

Microsoft's long-awaited Slack alternative is finally here: The software giant announced the preview version of Microsoft Teams today at an event in New York.

The post Microsoft Teams Enters Preview appeared first on Thurrott.com.

I’m thrilled to announce that, starting today, you can use LastPass on any device, anywhere, for free. No matter where you need your passwords – on your desktop, laptop, tablet, or phone – you can rely on LastPass to sync them for you, for free. Anything you save to LastPass on one device is instantly available to you on any other device you use.

From day one here at LastPass, we’ve been on a mission to help you simplify your online life, and make it a whole lot easier to achieve strong password security. By offering LastPass for free across all your devices, we’re making it that much easier for everyone to make good password habits the norm. Because when you have a password manager that goes everywhere you do, you have a strong foundation for securing and taking control of your identity.

It was a different world when we launched LastPass back in 2008. The iPhone had just arrived in 2007, without an App Store, and Android didn’t exist yet. Now, nearly every aspect of our lives, both at home and in the workplace, is connected to the cloud and available across many devices. There is no “online” life and “offline” life – it’s just life, with technology seamlessly weaving in and out of our everyday experiences. In today’s connected world, we believe the best way to benefit from the security and convenience of LastPass is to have it on all your devices. And because security is so fundamental, we want to offer a frictionless experience that makes it easy to connect safely and use strong passwords everywhere.

Too many of us are still struggling to build a strong security foundation, at work and at home. So far in 2016, there were more than 1 billion passwords publicly leaked due to poor password practices. We want to empower our users to take back control of their online security, and no longer feel powerless against the next wave of breaches. The more convenient we make password management the better we will be able to solve this problem. We want our users to bring LastPass with them everywhere – including the workplace because accessing the sites, apps, and services you use every day doesn’t end because you checked in at the office.

We’re still on a mission to be the last password you need to know, and in the future, maybe even eliminate our own master password, so there’s no password to remember at all. When that leap comes, we’ll be there to help tackle the next generation of security challenges.

Be secure,
Joe Siegrist
Founder, VP & GM of LastPass

Here’s how the new personal plans work:

If you’re already using LastPass Free, no action is required to start enjoying LastPass on all your devices. You can simply download LastPass to any of your browsers or grab the mobile app for your smartphone or tablet, and login with your LastPass account. Everything in your vault will be available, automatically, anywhere you login.

If you’re already a LastPass Premium subscriber, you’ll still enjoy the additional value that Premium offers, including priority customer support, family password sharing with up to 5 others, and additional two-factor authentication options like YubiKey. You can also safeguard important documents with 1GB of encrypted file storage. We’re hard at work developing even more useful features for power users like you, so stay tuned! Thank you for investing in LastPass and helping us build a better product, for you.

For more information, please see our customer FAQs.

Microsoft Teams is the chat-based workspace in Office 365 that helps teams achieve more together. On the heels of today’s preview announcement, Microsoft Mechanics catches up with Dan Stevenson, principal group program manager for Microsoft Teams, who demonstrates step by step how to get started—from user experiences for chat and collaboration to what Office 365 administrators need to do to enable and manage Microsoft Teams.

Dan explains how Microsoft Teams brings together people, conversations, content and the tools teams need with a real focus on teams, and built around chat. The Microsoft Teams chat workspace integrates with all the familiar Office apps and capabilities, such as SharePoint document libraries, OneNote, Planner, Power BI, team calendar and more.

We walk through the process to launch Microsoft Teams in Office 365 in the browser, how to download the app and everything you can do within the apps for the desktop and mobile. Microsoft Teams works in the browser and apps are available for Windows, Mac, Android and iOS platforms. Dan also demonstrates the specifics on how to get Microsoft Teams running using the Office 365 admin center and the controls available for configuring and managing the experience for your organization. Check out today’s show to learn more.

—Jeremy Chapman

The post Take an in-depth look at Microsoft Teams—now in preview appeared first on Office Blogs.

Today’s post was written by Kirk Koenigsbauer, corporate vice president for the Office team.

Today, at an event in New York City, we announced Microsoft Teams—the new chat-based workspace in Office 365. Microsoft Teams is an entirely new experience that brings together people, conversations and content—along with the tools that teams need—so they can easily collaborate to achieve more. It’s naturally integrated with the familiar Office applications and is built from the ground up on the Office 365 global, secure cloud. Starting today, Microsoft Teams is available in preview in 181 countries and in 18 languages to commercial customers with Office 365 Enterprise or Business plans, with general availability expected in the first quarter of 2017.

At Microsoft, we are deeply committed to the mission of helping people and organizations achieve more—and reinventing productivity for the cloud and mobile world is core to our ambition. We built Microsoft Teams because we see both tremendous opportunity and tremendous change in how people and teams get work done. Teams are now more agile and organizational structures more flat to keep communications and information flowing. With Microsoft Teams, we aspire to create a more open, digital environment that makes work visible, integrated and accessible—across the team—so everyone can stay in the know.

Microsoft Teams delivers on four core promises to create a digital workspace for high performing teams.

Chat for today’s teams

First and foremost, Microsoft Teams provides a modern conversation experience for today’s teams. Microsoft Teams supports not only persistent but also threaded chats to keep everyone engaged. Team conversations are, by default, visible to the entire team, but there is of course the ability for private discussions. Skype is deeply integrated, so teams can participate in voice and video conferences. And everyone can add personality to their digital workspace with emojis, stickers, GIFs and custom memes to make it their own.

A hub for teamwork

Second, Microsoft Teams brings together the full breadth and depth of Office 365 to provide a true hub for teamwork. Word, Excel, PowerPoint, SharePoint, OneNote, Planner, Power BI and Delve are all built into Microsoft Teams so people have all the information and tools they need at their fingertips. Backed by the Microsoft Graph, intelligent services are surfaced throughout the workspace to help with information relevancy, discovery and sharing. Microsoft Teams is also built on Office 365 Groups—our cross-application membership service that makes it easy for people to move naturally from one collaboration tool to another, preserve their sense of context and share with others.

Customizable for each team

Third, since all teams are unique, we’ve invested deeply in ways for people to customize their workspace, with rich extensibility and open APIs available at general availability. For example, Tabs provides quick access to frequently used documents and cloud services. Microsoft Teams also shares the same Connector model as Exchange, providing notifications and updates from third-party services like Twitter or GitHub. Further, we are including full support for the Microsoft Bot Framework to bring intelligent first- and third-party services into your team environment.

Today, we are also announcing the Microsoft Teams Developer Preview program, allowing developers to extend Microsoft Teams. We will have integrations with over 150 partners at general availability—including our early partners Zendesk, Asana, Hootsuite and Intercom. This is the first step in providing the customization users want and the tools and support our developer community will need to integrate with Microsoft Teams.

Security teams trust

Finally, Microsoft Teams provides the advanced security and compliance capabilities that our Office 365 customers expect. Data is encrypted in transit and at rest. Like all our commercial services, we have a transparent operational model with no standing access to customer data. Microsoft Teams will support key compliance standards including EU Model Clauses, ISO 27001, SOC 2, HIPAA and more. And, as customers would expect, Microsoft Teams is served out of our hyper-scale global network of data centers, automatically provisioned within Office 365 and managed centrally, just as any other Office 365 service.

Microsoft Teams joins the Office 365 universal toolkit

Microsoft Teams joins the broadest and deepest portfolio of collaboration applications and services to help solve the diverse needs of people and organizations globally. As we’ve learned from our 85 million active monthly users, all groups have a diverse set of needs when it comes to working together. Office 365 is designed for the unique workstyle of every group and includes purpose-built applications, all deeply integrated together.

• SharePoint provides intranets and content management solutions to more than 200,000 organizations and 190 million people.
• Yammer is the social network for work, enabling cross-company discussions for 85 percent of the Fortune 500.
• Skype for Business provides real-time voice, video and conferencing and hosts more than 100 million meetings a month.
• Office 365 Groups is our cross-application membership service that makes it easy for people to move naturally from one collaboration tool to another.

Turn on Microsoft Teams today

Early private preview customers are seeing benefits in using Microsoft Teams. “Based on our early use of Microsoft Teams in Office 365, we believe it is the digital cockpit we’ve been waiting for,” said Andrew Wilson, CIO of Accenture. With the public preview available today, administrators can enable Microsoft Teams through the Office 365 admin center. Ready to get started—see Microsoft Teams in action in our Microsoft Mechanics video.

—Kirk Koenigsbauer

Frequently asked questions

Q. Which Office 365 plans will include Microsoft Teams?

A. Microsoft Teams is available to Office 365 commercial customers with one of the following plans: Business Essentials, Business Premium, and Enterprise E1, E3 and E5. Microsoft Teams will also be available to customers who purchased E4 prior to its retirement.

Q. What action do Office 365 IT admins need to take to access the preview of Microsoft Teams?

A. To turn on Microsoft Teams, IT admins should go to their Office 365 admin center, click Settings > Services & Add Ins > Microsoft Teams.

Q. When will Microsoft Teams roll out broadly to all eligible Office 365 customers?

A. Microsoft Teams is available in preview to eligible Office 365 commercial customers beginning November 2, 2016. We expect the service to become generally available in the first quarter of calendar year 2017.

Q. What platforms does Microsoft Teams support?

A. Microsoft Teams runs on Windows, Mac, Android, iOS and web platforms.

Q. What level of security and compliance does Microsoft Teams support?

A. Microsoft Teams is expected to be Office 365 Tier C compliant at launch. This broad set of global compliance and data protection requirements includes ISO 27001, ISO 27018, EUMC, SOC 1 Type I & II, SOC 2 Type I and II, HIPAA and FERPA. Microsoft Teams also enforces two-factor authentication, single sign on through Active Directory and encryption of data in transit and at rest.

Q. What trainings are available to help Office 365 admins learn about Microsoft Teams?

A. We have two different trainings currently available for our IT admins. To view the trainings, visit the Microsoft Virtual Academy website. We have a video on Microsoft Mechanics and more information on the Microsoft Teams Tech Community.

The post Introducing Microsoft Teams—the chat-based workspace in Office 365 appeared first on Office Blogs.

Meetings have always been a pillar of the business world, and they’re not going anywhere. According to Bain & Company, as reported by the Harvard Business Review, 15 percent of an organization’s collective time is spent in meetings. But as technologies change, workloads increase and attention spans shorten, truly reaching your audience can be a challenge.

One major hurdle is addressing an audience across multiple locations. From attendees sitting in a conference room to participants tuning in from various enterprise or home connections, your audience should feel involved and that their time and efforts are appreciated. With sentiments like 18 percent of employees saying they’d rather take a trip to the DMV than attend a status meeting (according to Clarizen), this sometimes feels like an uphill battle.

Reaching your meeting attendees shouldn’t be a struggle. Use these tips to master the necessary techniques to keep your meeting attendees engaged and happy. Who knows? Maybe your next meeting will be the most productive.

Tip 1: Make joining pain-free—Downloads, lost audio PINs, information missing from calendar invites: Everyone’s stumbled across these hurdles to join a meeting. Streamline the process with convenient meeting invites that include all the necessary information attendees need to join your meeting. To make things simple, find a meeting solution that offers automatic authentication for your organization and supports a smooth, one-click meeting join experience.

Tip 2: Allow for multiple presenters—Give everyone who needs to present the ability to do so, regardless of where they are. Meeting solutions that offer seamless presenter transitions make this possible, and provide an uninterrupted flow to keep everyone’s attention on the content being presented.

Tip 3: Show, don’t tell, important information—Effective visual communication is key to employee engagement in meetings. Show videos, presentations, websites, pictures and presenters themselves—instead of a static image that’s easy to ignore. On-site employees shouldn’t get a different meeting experience or information from people tuning in from other locations. Online meeting and broadcast solutions enable you to present to everyone, without interruption.

Tip 4: Allow for feedback, comments and engagement—If employees feel that they can’t ask questions or get involved in a meeting, they’re likely to tune it out. From Q&A sections in your meeting solution software to instant polls, questions and group instant messaging within the online meeting, give your attendees the opportunity to chime in so you know they’re still following along.

Tip 5: Use multi-device access—Giving meeting attendees the freedom to choose which devices they use to tune in is also more likely to hold their engagement through the duration of your meeting. It gives everyone the freedom to participate however works best for them: on-the-go, at their desk or from anywhere their devices are connected to the internet.

Interested in learning more about how to hold the best meeting or online broadcast? Skype for Business and Skype Meeting Broadcast give meeting organizers and attendees everything they need. Check out The Ultimate Meeting Guide and discover how to host large-scale virtual meetings like a pro to create the best possible meetings for your organization.

The post 5 tips to better engage your meeting attendees appeared first on Office Blogs.

For the first time in history, many organizations now have five distinct generations in the workplace, according to Forbes.com. From Gen-Xers and Millennials, to Baby Boomers and beyond, how can you ensure your multi-generational teams are collaborating and communicating effectively?

Join us for the next episode of Modern Workplace, “Bridging the Generation Gap: How to create cohesive teams,” airing November 15 at 8 a.m. PST / 4 p.m. GMT, and learn how to leverage the skills and knowledge from each team member to maximize productivity.

• Asha Sharma, chief operating officer at Porch.com, shares how to create a dynamic workforce through empowering integrated and diverse teams.
• Haydn Shaw, author of “Sticking Points,” highlights the twelve most common points of friction among team members and explains how they can either weaken your organization or, if leveraged properly, be the keys to its success.

Plus, get an exclusive look inside Microsoft’s latest collaboration tool—Microsoft Teams—and find out how you can improve communication and revolutionize the way your teams work.

Register now!

Related content

• Get the e-book: “5 reasons to move your enterprise to a collaboration suite.”
• Watch the video: How Point Solutions Block Productivity.
• Visit: Secure Productive Enterprise.

The post Register now for “Bridging the Generation Gap: How to create cohesive teams” on Modern Workplace appeared first on Office Blogs.

Citing a computer virus outbreak, a hospital system in the United Kingdom has canceled all planned operations and diverted major trauma cases to neighboring facilities. The incident came as U.K. leaders detailed a national cyber security strategy that promises billions in cybersecurity spending, new special police units to pursue organized online gangs, and the possibility of retaliation for major attacks.

In a “major incident” alert posted to its Web site, the National Health Service’s Lincolnshire and Goole trust said it made the decision to cancel surgeries and divert trauma patients after a virus infected its electronic systems on Sunday, October 30.

A portion of the alert posted to the NHS’s home page.

“We have taken the decision, following expert advise, to shut down the majority of our systems so we can isolate and destroy it,” the NHS said, of the unspecified malware infection. “All planned operations, outpatient appointments and diagnostic procedures have been cancelled for Wednesday, Nov. 2 with a small number of exceptions.”

The advisory continued:

“Inpatients will continue to be cared for and discharged as soon as they are medically fit. Major trauma cases will continue to be diverted to neighboring hospitals as will high risk women in labour.”

Although the NHS didn’t say what kind of virus infected its systems, it is likely an infestation of ransomware — a malware scourge whose purveyors have taken to targeting hospitals and healthcare facilities.

Ransomware scours an infected computer for documents, audio files, pictures and other things likely to be of value to the system’s owner, and then encrypts that data with very powerful encryption software. Most ransomware variants also scour the local network for other systems or network shares to infect. Victims usually can only get their files back after paying a specified ransom demand using a virtual currency, such as Bitcoin.

Earlier this year, experts began noticing that cybercriminals were using ransomware to target hospitals — organizations that are heavily reliant on instant access to patient records. In March 2016, Henderson, Ky.-based Methodist Hospital shut down its computer systems after an infection from the Locky strain of ransomware. Just weeks before that attack, a California hospital that was similarly besieged with ransomware paid a $17,000 ransom to get its files back.

According to a recent report by Intel Security, the healthcare sector is experiencing over 20 data loss incidents per day related to ransomware attacks. The company said it identified almost $100,000 in payments from hospital ransomware victims to specific bitcoin accounts so far in 2016.

As dependent as healthcare systems are on computers and information technology, the notion that a computer virus could result in bodily injury or death is no longer the stuff of Hollywood movie scripts. Unfortunately, the healthcare industry is for the most part still catching up in its ability to anticipate, prevent and respond to these types of cyber attacks.

As macabre as it may sound, perhaps people dying because of poor cybersecurity is exactly what it will take for more organizations to dedicate the necessary resources toward adequately defending the systems upon which they so heavily rely.

In 2010, I was interviewed by Team Cyrmu‘s Steve Santorelli as part of their ongoing Who and Why Show. Santorelli gave me a few minutes to answer the question, “What keeps you up at night?” My answer was basically that I worry what will happen to the Internet as we know it when people start to die in a measurable way because of computer and Internet security vulnerabilities and attacks. Here’s the entire interview if anyone cares to have a listen.

The crippling of NHS’s systems came as U.K. Chancellor Philip Hammond unveiled a national cybersecurity strategy, warning that hostile “foreign actors” were developing techniques that threaten the country’s electrical grid and airports, among other critical infrastructure.

“If we want Britain to be the best place in the world to be a tech business then it is also crucial that Britain is a safe place to do the digital business,” Hammond said Tuesday as he described the National Cyber Security Strategy in London. “Trust in the internet and the infrastructure on which it relies is fundamental to our economic future.”

What can businesses do to lessen the chances of having their critical infrastructure crippled by malware like ransomware? The FBI has the following tips:

• Regularly back up data and verify the integrity of those backups. Backups are critical in ransomware incidents; if you are infected, backups may be the best way to recover your critical data.
• Secure your backups. Ensure backups are not connected to the computers and networks they are backing up. Examples might include securing backups in the cloud or physically storing them offline. It should be noted, some instances of ransomware have the capability to lock cloud-based backups when systems continuously back up in real-time, also known as persistent synchronization.
• Scrutinize links contained in e-mails and do not open attachments included in unsolicited e-mails.
• Only download software – especially free software – from sites you know and trust. When possible, verify the integrity of the software through a digital signature prior to execution.
• Ensure application patches for the operating system, software, and firmware are up to date, including Adobe Flash, Java, Web browsers, etc.
• Ensure anti-virus and anti-malware solutions are set to automatically update and regular scans are conducted.
• Disable macro scripts from files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office Suite applications.
• Implement software restrictions or other controls to prevent the execution of programs in common ransomware locations, such as temporary folders supporting popular Internet browsers, or compression/decompression programs, including those located in the AppData/LocalAppData folder.

Additional considerations for businesses include the following:

• Focus on awareness and training. Because end users are often targeted, employees should be made aware of the threat of ransomware, how it is delivered, and trained on information security principles and techniques.
• Patch all endpoint device operating systems, software, and firmware as vulnerabilities are discovered. This precaution can be made easier through a centralized patch management system.
• Manage the use of privileged accounts by implementing the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary; they should operate with standard user accounts at all other times.
• Configure access controls with least privilege in mind. If a user only needs to read specific files, he or she should not have write access to those files, directories, or shares.
• Use virtualized environments to execute operating system environments or specific programs.
• Categorize data based on organizational value, and implement physical/logical separation of networks and data for different organizational units. For example, sensitive research or business data should not reside on the same server and/or network segment as an organization’s e-mail environment.
• Require user interaction for end user applications communicating with Web sites uncategorized by the network proxy or firewall. Examples include requiring users to type in information or enter a password when the system communicates with an uncategorized Web site.
• Implement application whitelisting. Only allow systems to execute programs known and permitted by security policy.

Further reading: SC Magazine UK’s take on the attack.

Sicherheitsforscher warnen, dass es Angreifer derzeit vermehrt auf Joomla-Webseiten abgesehen haben. Admins sollten zügig die jüngst erschienene abgesicherte Version installieren.

Offenbar durch einen Fehler bei AppleCare sind die Telefonbucheinträge mehrerer iPhone-Nutzer an andere übertragen worden, berichten der "Stern" und das österreichische Magazin "News".

LastPass announced today that you will no longer need a paid Premium account to access the service on multiple devices. This feature is now free for everyone.

The post LastPass Makes Multi-Device Access Free to All appeared first on Thurrott.com.

Inboard section of outboard flap of MH370 (ATSB)

The Malaysia Airlines Boeing 777 missing since March 2014, MH370, likely came down at an increasing rate of descent and without deployment of flaps according to analysis published by the Australian Transport Safety Bureau (ATSB).

The ATSB report provides an update to the MH370 search area definition. An analysis was made of the burst frequency offsets associated with the final satellite communications to and from the aircraft. These results were consistent with the aircraft being in a high and increasing rate of descent at that time. Additionally, the wing flap debris analysis “reduced the likelihood of end-of-flight scenarios involving flap deployment,” according to the ATSB. Thus, a scenario where a controlled ditching was carried out seems unlikely.

To assist with the underwater search for the aircraft, the Commonwealth Scientific and Industrial Research Organisation (CSIRO) undertook an analysis of existing ocean drifting and currents data. Preliminary results of the drift analysis indicated it was unlikely that debris originated from south of the current search area. The northernmost simulated regions were also found to be less likely. Drift analysis work is ongoing and is expected to refine these results.

The report also stated that currently, more than 20 items of debris are under investigation. The items have been located along the east and south coast of Africa, the east coast of Madagascar and the Islands of Mauritius, Reunion and Rodrigues in the Indian Ocean. A list of items recovered was published by the Malaysian investigation team (PDF).

The post Debris analysis of MH370: controlled ditching not likely appeared first on ASN News.

Microsoft Flow---the software giant's answer to IFTTT---is now available, following about six months in beta.

The post Microsoft Flow is Now Available appeared first on Thurrott.com.

Forscher haben einen konkreten Vorschlag gemacht, wie das IoT-Super-Botnetz Mirai angegriffen werden könnte. Allerdings würde sich derjenige, der den Plan durchführt, sehr wahrscheinlich gleich mehrmals strafbar machen.