Tag Archives: Microsoft Office

Watch Out For SVCReady Malware In MS Word Documents!

Watch Out For SVCReady Malware In MS Word Documents!

Leave a reply

Please watch out for a new malware called SVCReady that is being embedded in Microsoft Word attachments!

Here is what you need to know about the new SVCReady malware!

 

Watch Out For SVCReady Malware In MS Word Documents!

The HP Threat Research just uncovered a new malware called SVCReady, which they first picked up on 22 April 2022 through HP Wolf Security telemetry.

SVCReady is being distributed in phishing emails with Microsoft Word attachments. On opening the infected Word document, an embedded Visual Basic for Applications (VBA) AutoOpen macro is used to run shellcode stored in the properties of the document.

Splitting the macro from the shellcode is a way to evade security software that would normally detect the malicious code.

Document properties containing shellcode, namely a series of nop instructions as represented by 0x90 values. Credit : HP

The SVCReady malware begins by downloading and loading its payload from the web, and connecting to its Command and Control (C2) server.

It then starts gathering and sending information to the C2 server like :

  • username
  • computer name
  • time zone
  • whether the computer is joined to a domain
  • HKEY_LOCAL_MACHINE\HARDWARE|DESCRIPTION\System registry key
  • running processes
  • installed software

The SVCReady malware also connects to its C2 server every 5 minutes to report its status, send information, receive new instructions, or validate the domain.

Currently, the malware appears to only gather and send information. However, that will change as the malware persists in the system, and is capable of receiving both updates and instructions from the C2 server.

In fact, the HP team observed the SVCReady retrieve and load a Readline stealer payload on an infected computer. It’s a sign of things to come.

The HP team believes that the SVCReady malware is still in early development, with an influx of updates adding features like encrypted C2 communications, and detection evasion.

They also found evidence linking SVCReady to past malware documents by the TA551 (Shatak) group from 2019 and 2020.

SVCReady will eventually be used for more nefarious purposes once it is good and ready. Until then, the malware will stay hidden, lurking and waiting for its master’s commands.

 

How To Avoid SVCReady Malware In MS Word Documents?

The HP team discovered that the malware creates a new registry key, which could serve as a signature for security software to detect it : HKEY_CURRENT_USER\Software\Classes\CLSID\{E6D34FFC-AD32-4d6a-934C-D387FA873A19}

But until security software are updated to detect SVCReady, the best way to avoid this malware is simple – do NOT open Word document attached to emails!

If you regularly receive Word documents in your emails, please VERIFY with the sender before opening them.

These phishing emails are designed to look legitimate. So be very careful about what you open!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

2020 HP ENVY Laptops : Be The Envy Of Creators Wherever You Go!

Leave a reply

The new 2020 HP ENVY 13 and ENVY 15 laptops are each designed for a different purpose, but with a single mission – to help you bring your ideas to life no matter where you are.

Find out how the 2020 HP ENVY 13 and HP ENVY 15 laptops differ, and which is the best option for you!

 

HP ENVY 13 (2020) Laptop

Powerful and yet light and compact, the new HP ENVY 13 laptop is designed for creators on-the-go. Its long-lasting battery ensures you can work for a full day and then some, without worrying about running out of power.

And should you be on-the-road longer than expected, the HP Fast Charge feature lets you recharge 50% of its battery in just 30 minutes, so you can get right back to creating your content, after a short break!

Being light and compact, the new ENVY 13 is great for creators who need the flexibility to work wherever they are. But it does not compromise quality for mobility.

Despite weighing just 1.3 kg, the HP ENVY 13 provides the performance you need for designing and editing work, with its NVIDIA GeForce MX350 graphics and 10th Gen Intel Core processor.

When your workspace can be anywhere from your home to a busy café or a shooting location, security and privacy becomes a real concern. Thankfully, the new ENVY 13 comes with built-in security features like a physical camera shutter, and a microphone mute button, as well as a fingerprint reader.

When out and about, you can enjoy accurate, cinematic audio thanks to its dual speakers with HP Audio Boost, that have been custom-tuned by Bang & Olufsen.

On top of all that, the new ENVY 13 comes pre-installed with Microsoft Office Home & Student 2019 worth RM529 for FREE, you can get straight to creating on your new laptop.

And you never have to worry about where you create your content, thanks to its 2-year Accidental Damage Protection coverage!

 

HP ENVY 15 (2020) Laptop

The HP ENVY 15 is not just a larger version of the ENVY 13. It is designed to be a content creation workhorse, with serious gaming chops.

It can be equipped with the latest 10th Generation Intel Core processors and the NVIDIA GeForce GTX 1660 Ti, and up to 32 GB of DDR4 memory.

To ensure the best possible performance while designing and editing high-resolution videos, or during strenuous gaming sessions, its CPU and GPU are kept cool by HP’s custom vapour chamber cooling, with dual 12V high-performance fans and an IR thermal sensor.

They all work together to keep the CPU and GPU cool, delivering 33% more processing power during intense workloads.

Its 15.6-inch touch display also offers a better experience while working on your creative project, with greater colour accuracy thanks to its Full High Definition micro-edge display with WLED backlight, IPS technology, 100% sRGB, and anti-glare coating.

Your creative journey is also enhanced by its two built-in speakers, which are not only custom-tuned by Bang & Olufsen, but also feature HP Audio Boost for a cinematic experience.

To keep your creations under wraps until you are ready to share it with the world, the new HP ENVY 15 comes with built-in security features, such as a fingerprint reader, physical camera shutter, and a dedicated microphone mute button, which are all easily accessible from the keyboard.

Just like the smaller ENVY 13, the new ENVY 15 comes pre-installed with Microsoft Office Home & Student 2019 worth RM529 for FREE, as well as 2 years of Accidental Damage Protection coverage!

 

HP ENVY 13 vs HP ENVY 15 : Which Should You Choose?

The HP ENVY 13 and HP ENVY 15 are not just different in their sizes – they are actually very different laptops.

The HP ENVY 13 is most suited for those who want the ability to create content for ultra-long hours on-the-go.

The HP ENVY 15 is best for those who want a powerful GPU for intense content creation or gaming no matter where they are.

To make it easier for you, this table gives you a quick comparison of their key advantages :

Why Buy The ENVY 13? Why Buy The ENVY 15?
Performance
– Latest Intel 10th Gen processors
– Intel Iris Plus Graphics / NVIDIA GeForce MX350
– Up to 19.5 hours battery life
– HP Fast Charge: Up to 50% in 30 mins		 Performance
– Latest Intel 10th Gen processors
– Vapour Chamber Cooling with dual 12V fans
– Up to NVIDIA GeForce GTX 1660 Ti
– Up to 32 GB of DDR4 memory
– Up to 16.5 hours battery life
– HP Fast Charge : Up to 50% in 45 mins
Design
– 13.3-inch micro-edge WLED display
– 88% screen-to-body ratio		 Design
– 15.6-inch micro-edge WLED touch display
– 100% sRGB colour gamut
Security
– unhackable physical camera shutter
– microphone mute button on keyboard
– fingerprint reader		 Security
– unhackable physical camera shutter
– microphone mute button on keyboard
– fingerprint reader
– virtual private ExpressVPN (30 day trial)
Other Features
– free Microsoft Office Home & Student 2019 (worth RM 529)
– 2-year accidental damage protection coverage

But no matter which HP ENVY laptop you choose, it will come with free pre-installed Microsoft Office Home & Student 2019 (worth RM 529) as well as 2 Years of Accidental Damage Protection!

Find out more about the new HP ENVY 13 and HP ENVY 15 laptops here.

 

HP Accidental Damage Protection (ADP)

HP Accidental Damage Protection (ADP) is designed to protect your HP ENVY laptop against any accidental damage during your use.

It will cover drops, spills, power surges, including broken parts. Even damaged or broken displays!

Here are some examples of how useful it can be to protect your investment :

  • You accidentally knock your HP ENVY laptop off the desk, and crack its LCD display. The ADP coverage includes a free replacement of the damaged LCD screen!
  • You accidentally spill your drink on the keyboard, causing the laptop to stop operating. It will be repaired for free with ADP coverage!
  • A power surge during a lightning storm damages the laptop. It will be repaired for free with ADP coverage!

 

2020 HP ENVY 13 | HP ENVY 15 : Price + Availability

The 2020 HP ENVY laptops are available with immediate effect, with these starting prices :

  • HP ENVY 13 (2020) : RM 4,399
  • HP ENVY 15 (2020) : RM 5,799

Here are the online purchase options :

 

Recommended Reading

Go Back To > Computer | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!







The New Microsoft Teams Collaborative Chat Is Now Available!

1 Reply

Redmond, Wash. 2 November 2016Microsoft Corp. on Wednesday unveiled Microsoft Teams, a new chat-based workspace that further enhances the collaboration capabilities in Microsoft Office 365, the cloud-based productivity offering with more than 85 million monthly active commercial users. Microsoft Teams brings together people, conversations, content and the tools teams need to collaborate.

“At Microsoft we aim to empower every person and organization with the technology to be more productive as individuals and in groups,” said Satya Nadella, CEO, Microsoft. “Office 365 is the broadest toolkit and platform for creation, communication and collaboration. Microsoft Teams adds a new experience to Office 365 as the chat-based workspace designed to empower the art of teams.”

Microsoft Teams is Built on Four Core Promises:

  • Chat for today’s teams. Microsoft Teams provides persistent, threaded chat to keep everyone engaged and informed. Team conversations are visible to the entire team by default, and the experience also offers private chat capabilities. A library of emojis, GIFs, custom stickers and memes gives people a fun way to express personality within their digital workspace.
  • A hub for teamwork. Microsoft Teams brings together the full breadth and depth of Office 365. People can start voice and video meetings, as well as work with Microsoft Office documents, directly within the Microsoft Teams experience. The Microsoft Graph enables intelligence to help with information relevance, discovery and sharing. Microsoft Teams is also built on Office 365 Groups, the cross-application membership service that makes it easy for people to move naturally from one collaboration tool to another, preserve their sense of context and share with others.
  • Customizable for each team. Because every team is unique, Microsoft Teams offers the ability for teams to customize the experience to meet their specific needs. Team members can create channels to organize conversations by topic. They can customize channels with a feature called Tabs, which provide quick access to frequently used documents and applications. Tabs can be created for Office 365 services like OneNote, SharePoint and Planner, or third-party solutions, such as Zendesk and Asana coming soon. Microsoft Teams supports the same Connector model as Exchange to bring notifications and updates from third-party services, such as Twitter or GitHub available Wednesday, directly into the experience. In addition, it supports the Microsoft Bot Framework to bring intelligent first- and third-party services into the team environment. The preview of the Microsoft Teams Developer Preview, also announced today, gives developers the opportunity to start building integrations with Microsoft Teams right away.
  • Security that teams trust. As part of Office 365, Microsoft Teams offers the global scale and advanced security and compliance capabilities provided by the Microsoft Cloud. Data is encrypted at all times and covered by a transparent operational model with no standing access to customer data. Multifactor authentication provides enhanced identity protection to help ensure data stays safe within the team. In addition, Microsoft Teams will support key compliance and data protection standards, such as the data processing terms with European Union Model Clauses, Health Insurance Portability and Accountability Act business associate agreement (HIPAA BAA), ISO 27001, ISO 27018, and SSAE 16 SOC 1 and 2 report.
[adrotate group=”1″]

 

Preview Availability

Starting Nov 2nd, the preview of Microsoft Teams is available to Office 365 commercial customers with Office 365 Enterprise or Business plans. The preview is available in 181 countries and 18 languages. Office 365 IT administrators can enable Microsoft Teams for their organization from the Office 365 admin center.

Go Back To > Enterprise | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Unblock Gmail Restrictions On Outlook & Less Secure Apps

2 Replies

If your mail app keeps refusing to sync your emails, it is probably because Gmail considers it to be a “less secure app”. Instead of syncing your mail, you get warning messages asking you to login by a web browser. You may already have tried to do that, but your mail app still won’t sync with Gmail. Let us tell you what’s going on, and how to resolve this problem once and for all.

 

Gmail Tightened Security

From July 15, 2014 onwards, Google started promoting OAuth 2.0 over Basic Authentication. Their first step – blocking access to third-party apps that do not support OAuth 2.0. This includes all versions of Microsoft Outlook, even Outlook 2016. This issue also affects other apps like Mozilla Thunderbird, and Apple Mail apps in iOS 6 and older.

When these apps try to sync with Gmail, they will be denied access. Instead, you will get a warning message, asking you to login using a web browser. That won’t work though, because logging into your Gmail account using a web browser won’t enable OAuth 2.0 support in your app.

It would be technically simple for Microsoft to add OAuth 2.0 support to Outlook, but it appears that they are uninterested in helping improve access to Gmail. Until then, let’s show you how to unblock Gmail restrictions on Outlook and other “less secure apps”.

 

How To Unblock Gmail’s Restrictions

The good news is Google did not block access completely. They still allow Basic Authentication for these “less secure apps” to work with Gmail. The only thing is you must explicitly enable Basic Authentication via the Allow less secure apps option in Gmail.

There are two ways to access the Allow less secure apps option. Both require you to login to Gmail via a web browser first. Once you are logged into your Gmail account, go to the following links, and enable access for less secure apps :

Option Ahttps://www.google.com/settings/security/lesssecureapps

Option B – Scroll to the bottom of https://myaccount.google.com/security

Whichever method you choose, you will need to replicate for each and every Gmail account you need to sync to Microsoft Outlook, or any app that is considered “less secure” by Gmail.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

Malaysians Not Ready For New World Of Work (NWoW)

Leave a reply

KUALA LUMPUR, Malaysia — Jan 11, 2016 — Microsoft has unveiled the results from its recent New World of Work (NWoW) study, which showed that large enterprises with more than 250 employees were lagging behind expectations to be more productive, collaborative and innovative in today’s modern workplace.

While 64% of the 200 enterprise employees surveyed in Malaysia considered themselves to be mobile workers, the study also unveils what workers feel they need to succeed in today’s digital, fast-paced, modern workplace. Microsoft’s NWoW Study also generated insights on their current work and life needs and the gaps that exist between them.

The NWoW Index was derived from respondents who rated themselves highly in three key pillars – people (whether today’s employees have the capabilities to work flexibly and productively in the digital modern workplace, and are supported by leaders and cultures that help them succeed in this dynamic environment), place (whether employees can work flexibly – anywhere at any time – and if their workplaces support a collaborative, dynamic design with the ability to work at work, home or with customers) and technology (whether employees are empowered with technology to enable them to succeed in this environment, allowing collaborative work wherever they may go).

In Malaysia, only 40 out of 100 respondents rated themselves highly in embracing new People, Place and Technology principles, placing the country ninth amongst the 12 markets involved in the study.

The findings clearly showed that the traditional notion of work is changing, even within enterprises in Malaysia:

  • The responsive organization: 56% of respondents said that they were required to respond to internal stakeholders within four hours; while 54% said that they were required to respond to external customers within four hours.
  • Work doesn’t end at 5.00pm: A majority (77%) said that they were still required to be contactable outside of work in order to complete their work effectively.
  • Limited mobile productivity in a highly mobile workforce: 62.5% of respondents said they needed to be in the office to access special equipment or tools that are only available in the office.
  • Bring-your-own-device and Bring-your-own-service culture is increasingly pervasive: Employees in Malaysia were using more personal devices (48%) to get work done. 62% were also using online tools that go beyond just email – document & file sharing, storage, virtual meetings and social.
  • Achieving work life balance is challenging: 82% of respondents said that work life balance was a very important aspect of their job, but only 57% felt that they had adequate balance today.

“Over the last decade, globalization and technological innovations have made today’s workplace increasingly modern and mobile – bringing the world closer and changing the way people live and work. This study helps us better understand how work and life has changed for Malaysian employees – to determine how well supported they are from their workplaces, or from a technological standpoint, in being enabled to succeed,” said Michal Golebiewski, Chief Marketing & Operations Officer, Microsoft Malaysia.

“While technology plays a key role to enable ‘work from anywhere’ scenarios and higher productivity, there are other aspects such as organizational culture, policies, infrastructure, enabling collaboration or the ability to break down barriers to innovation which are becoming increasingly important for an organization to be competitive, especially when many are undergoing digital transformation of their businesses today,” he added.

 

Malaysian Enterprises Leveraging NWoW Principles

When companies adopt the NWoW principles, they are able to gain new business insights, realize greater operational efficiency, communicate and collaborate in real time.

[adrotate group=”2″]

In fact, the top three benefits cited by respondents were:

  • To be able to work productively from anywhere (58%)
  • To share ideas, documents and information with colleagues instantly (57.5%)
  • To have better insights and data analysis (45%)

Maxis Berhad (“Maxis”), Malaysia’s leading communications and Internet service provider was one such organization which successfully leveraged the NWoW principles and have been reaping its benefits since. As a modern company that is embracing digitalisation, the telco leverages on technology by using Yammer and SharePoint for new ways of collaborating and to share information amongst employees.

“We’re proud and excited that Maxis had chosen our two social tools – Yammer, which is akin to Facebook for enterprises, and SharePoint, which provides employees with a platform to collaborate and engage with one another by creating, sharing, managing and organizing data,” said Golebiewski. “Today’s digital world is driven by the cloud and mobility, and the ability to stay connected and productive when you’re on the go. Both Yammer and SharePoint allows the user to do just that – in an effective and seamless manner. We’re happy to see that Maxis was able to leverage these two platforms to increase employee engagement and collaboration in such a short period of time.”

Yammer and Sharepoint are components of Microsoft’s Office 365 productivity suite for commercial customers. Commercial customers can get the latest productivity tools and resources through Office 365 E5, which was recently launched. Office 365 E5 SKU includes Skype for Business with support for features including Cloud PBX and Meeting Broadcast; new analytics features, like Power BI Pro and Delve Organizational Analytics; and new advanced security features, such as eDiscovery, Customer Lockbox, and Safe Attachments.

Go Back To > Enterprise | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!