New Microsoft 365 offerings for small and medium-sized businesses

Following to the latest announcement for Microsoft 365 Personal and Family Subscriptions, we are pleased to follow up here to announce related changes to our Office 365 subscriptions for small and medium-sized businesses—and to Office 365 ProPlus. Going forward, all of these products will use the Microsoft 365 brand.

This is a natural evolution. Microsoft 365 began in 2017 as a licensing bundle for enterprise customers—a combination of Windows, Office, and Enterprise Mobility and Security (EMS). It has come a long way since then. Today, we call it “the world’s productivity cloud” and it represents our vision for the future of Microsoft productivity tools—an integrated set of apps and services that puts artificial intelligence (AI) and other cutting-edge innovations to work for you. And for small and medium-sized businesses, that includes new capabilities in Microsoft Teams to help you host rich meetings and events online; cloud file storage and sharing capabilities so you can collaborate from anywhere; and security and identity solutions to safeguard your business. At a moment when businesses are facing extraordinary health and economic challenges, we are pleased to bring our consumer and small and medium-sized business customers into this growing Microsoft 365 family.

New product names

The new product names go into effect on April 21, 2020. This is a change to the product name only, and there are no pricing or feature changes at this time.

  • Office 365 Business Essentials will become Microsoft 365 Business Basic.
  • Office 365 Business Premium will become Microsoft 365 Business Standard.
  • Microsoft 365 Business will become Microsoft 365 Business Premium.
  • Office 365 Business and Office 365 ProPlus will both become Microsoft 365 Apps. Where necessary we will use the “for business” and “for enterprise” labels to distinguish between the two.

Note that the changes to these products will all happen automatically.

Today, we’re simply announcing name changes. But these changes represent our ambition to continue to drive innovation in Microsoft 365 that goes well beyond what customers traditionally think of as Office. The Office you know and love will still be there, but we’re excited about the new apps and services we’ve added to our subscriptions over the last few years and about the new innovations we’ll be adding in the coming months. For questions, please refer the FAQs below and then head to the What is Microsoft 365 page for more details.


Frequently asked questions

Q. What Office 365 plan names aren’t changing?
A. The following Office 365 plans will have no changes:

  • Office 365 for Enterprise
    • Office 365 E1
    • Office 365 E3
    • Office 365 E5
  • Office 365 for Firstline Workers
    • Office 365 F1
  • Office 365 for Education
    • Office 365 A1
    • Office 365 A3
    • Office 365 A5
  • Office 365 for Government
    • Office 365 G1
    • Office 365 G3
    • Office 365 G5

Q. Why are you making these changes?
A. First, we want our products to reflect the range of features and benefits in the subscription. Microsoft 365 is an integrated set of apps and services that puts AI and other cutting-edge innovations to work for you. And for small and medium-sized businesses, that includes new capabilities in Microsoft Teams to help you host rich meetings and events online; cloud file storage and sharing capabilities so you can collaborate from anywhere; and security and identity solutions to safeguard your businesses. Second, we’re always looking for ways to simplify. This new approach to naming our products is designed to help you quickly find the plan you need and get back to your business.

Q. How does Office fit into Microsoft 365? Will I still be able to use Word, Excel, and PowerPoint?
A. The Office suite is core to the Microsoft productivity experience, and that’s not changing. But over the last several years, our cloud productivity offering has grown well beyond what people traditionally think of as “Office.” Word, Excel, and PowerPoint are more important than ever before. But in Microsoft 365 we’re breathing new life into these apps with the help of the cloud and AI, and we’re adding new, born-in-the-cloud experiences like Teams, Stream, Forms, and Planner. All of this is underpinned by a set of common services that keep your data safe and secure. It’s Office and a whole lot more.

Q. Is there anything new or different in Microsoft 365 Apps for business or Microsoft 365 Apps for enterprise plans that wasn’t in Office 365 Business or Office 365 ProPlus plans? Any new features?
A. There are no price or feature changes to plans at this time.

Q. When will the Microsoft 365 Business and Microsoft 365 Apps for enterprise plans be available?
A. All plans will become available for customers on April 21, 2020.

Q. Are allof the Office 365 plans going away? What isn’t changing?
A. None of the plans are going away. The same plans are available, only with updated names. And in the case of Office 365 Enterprise, the name will remain the same and there will be no changes.

Q. I’m an existing SMB or ProPlus customer. Do I need to take any action?
 Customers with the Office 365 Business, Office 365 Business Essentials, Office 365 Business Premium, or Microsoft 365 Business plans do not need to take additional action. The above changes will happen automatically.

Q. My company uses Office 365 ProPlus, and I have questions about this change. Where can I learn more?
A. Customers with the Office 365 ProPlus plan should consult this site for further details

For more information, please refer to Microsoft

Introducing the new Microsoft 365 Personal and Family subscriptions

The subscription service for your life to make the most of your time, connect, and protect the ones you love


Now more than ever, as many of us work and learn remotely, we’re acutely aware of all the different ways life can interrupt work and work can interrupt life. It’s never been more important to stay connected and on top of the things that matter. Over the past few weeks, we’ve shared what Microsoft is doing to help organizations, employees, teachers, parents, and students in these challenging times. And most recently we launched a new website for families to discover Microsoft tools and resources to help them connect, learn, and play at home. Aligned with our mission to empower every person and organization on the planet to achieve more, we want to help you and your family across work, school, and life.

Today, we offer a powerful set of free applications and services that help you create, share, connect, and collaborate with your friends and family across the web and on Windows, macOS, iOS, and Android devices. Used by more than a half billion people, free Office, Word, Excel, PowerPoint, Skype, Outlook, OneNote, and OneDrive apps enable you to coauthor, video chat, organize, and come together. We are committed to improving and innovating on these experiences every day.

In addition, more than 38 million people subscribe to Office 365, which includes the modern, most up-to-date Office desktop apps, 1 TB of OneDrive cloud storage per person (enough to store thousands of high res photos or hundreds of hours of videos), 60 Skype minutes to call mobile phones and landlines, advanced security to protect you from malware and phishing, and ongoing technical support.


Today, we are delighted to announce that on April 21stOffice 365 will become Microsoft 365, the subscription for your life to help you make the most of your time, connect, and protect the ones you love, and to develop and grow. An evolution of Office 365Microsoft 365 builds on the foundation of Office infusing new artificial intelligence (AI), rich content and templates, and cloud-powered experiences to empower you to become a better writer, presenter, designer, manager of your finances, and deepen your connection to the people in your life. These experiences start rolling out today and will reach the over 38 million Office 365 subscribers over the next few months.

In addition, today we unveiled two new Microsoft 365 experiences that will roll out in preview in the coming months—a new Microsoft Family Safety app designed to keep your family safe across the digital and physical worlds, and new features in Microsoft Teams that bring you closer to your friends and family to more deeply connect and collaborate on the things that matter most to you.

Finally, the new Microsoft Edge browser takes another step forward with new features to protect you on the web with Password Monitor, and to simplify research with Collections. You can learn more about all the new Edge features here.

Bring out your best writer with Microsoft Editor


Writing doesn’t come easy for many of us. In fact, our research shows that about half of us aspire to become better writers. That’s why today, we unveiled a major expansion to Microsoft Editor, an AI-powered service available in more than 20 languages, now accessible across Word and, and as a standalone browser extension for Microsoft Edge and Google Chrome. Whether you’re writing a paper for school or updating your LinkedIn profile, Editor helps you put your best foot forward as you write.

Anyone can access the essential Editor capabilities, such as spelling and basic grammar across Word,, and the web. Microsoft 365 Personal and Family subscribers have access to advanced grammar and style refinements to write with more clarity and conciseness. Here are some of the exclusive ways Microsoft 365 subscribers can get even more from the Editor service:

  • When you know what you want to say but can’t seem to find the “right” way to say it, just highlight a sentence and right-click for Rewrite Suggestions. Rewrite Suggestions in Word can offer ideas to help you rephrase sentences for more impact or clarity while staying true to your original meaning.
  • For the first time ever in Word, Editor’s similarity checker leverages plagiarism-checking capabilities to support writers in creating original content and, when necessary, insert relevant citations right into their document with just a click. This tool allows writers to focus less on the mechanics of writing and more on the content. And teachers love that similarity checker helps students learn how to appropriately cite content.
  • Additional style critiques including clarity, conciseness, formality, and inclusiveness assist Microsoft 365 subscribers to write with more confidence across documents, email, and the web. For example, the inclusive language critique can suggest refinements to help a writer avoid unintentional bias by suggesting a writer may want to try a term like “police officer” in place of “policeman.”

Become a better presenter in PowerPoint

One of the most common fears for people around the world is public speaking. Presenter Coach in PowerPoint can help. While you’re rehearsing, Presenter Coach uses AI to detect if you’re talking too fast, saying “umm” too much, or just reading the text from your slides.

Starting today, we’re introducing two new AI-powered features in PowerPoint Presenter Coach exclusively for Microsoft 365 subscribers—monotone pitch and speech refinement. With monotone pitch, Presenter Coach will listen to your tone of voice and give feedback in real-time to suggest adding some variation where needed. With speech refinement, Presenter Coach will give grammar suggestions including how to better phrase your speech. These new Presenter Coach features will be available to everyone through a free preview, and then eventually only to Microsoft 365 subscribers.

Kickstart your creativity in Word, Excel, and PowerPoint

Everyone would love to be more creative in their presentations and documents to better communicate their message, but often it takes more time than it’s worth. Now PowerPoint Designer helps you be more creative while saving you time. For example, with a simple click, you can transform text into a beautiful timeline. Or when you add a picture to your slide, Designer will auto-generate several slide layouts to choose from. To supercharge your creativity, we’re providing Microsoft 365 subscribers with exclusive access to over 8,000 beautiful images and 175 looping videos from Getty Images, plus 300 new fonts and 2,800 new icons to create high-impact and visually appealing documents. And you can use all this new content in Word and Excel too.

To kickstart your school, work, or family project and save time, Microsoft 365 subscribers also get exclusive access to 200+ new premium templates across Word, Excel, and PowerPoint. Find great templates to help you design the perfect resume, wedding invitation, newsletter, birth announcement, and so much more. There are even templates for printing coloring books and reward charts to keep kids engaged at home.

Seamlessly manage your finances with Money in Excel

Managing money is one of the top stressors among people and families. People typically track their spending across a variety of apps and spreadsheets. Today, we announced Money in Excel, a new solution for Microsoft 365 subscribers that makes it easy to manage, track, and analyze your money and spending all in one place—Excel.

A secure and simple process powered by Plaid allows you to connect your bank and credit card accounts to Money in Excel, so you can import transactions and account balances automatically and create a personalized workbook leveraging the rich features of Excel. Money in Excel can help you improve your spending habits by providing personalized insights on your monthly spending and proactive alerts about price changes for recurring payments, bank fees, overdraft warnings, and more. Money in Excel gives you the tools to help you achieve your financial goals. Money in Excel will start to become available in the coming months in the U.S. first.

Explore subjects in detail with new data types and smart templates in Excel

Many people use Excel to track and analyze data to make decisions by creating everything from simple lists to elaborate models. Finding, collecting, organizing, and refreshing this data is challenging and time consuming. Today, we are announcing a different way to interact with your data. With new data types, you’ll be able to make sense of your data as Excel provides deeper meaning for over 100 topics. These include food, movies, places, chemistry, and even Pokémon. Save time by converting plain text and numbers into a data type and Excel will surface both rich visual and interactive data cards and images that provide a better representation of your data.

How does it work? Say you want to start keeping better track of your nutrition. Simply enter a food like “avocado” and by converting it to a Food data type, Excel will help you access its nutritional information. Or maybe your family is considering adopting a dog. You can evaluate different types of breeds using the Animal data type, which provides you with images, facts, and their temperaments, so you can easily create a table to compare them. With data types, all information can be easily updated, so you always have the latest and relevant data. Anyone can access the Stocks and Geography data types in Excel for the web. And Microsoft 365 subscribers have exclusive access to the over 100 new data types powered by Wolfram Alpha. As a Microsoft 365 subscriber, data types will give you the opportunity to:

  • Easily gather, organize, and analyze the information you need in one place without the hassle of finding, copying, and refreshing the data.
  • Use new smart templates with data types to do more. They will help you prepare to move to a new city, track your nutrition, or help your kids learn chemistry.

The new data types and smart templates will be available to Office Insiders this spring and to Microsoft 365 Personal and Family subscribers in English in the coming months.

Organize your time across work and life with Outlook

Juggling work meetings with personal appointments can be a struggle, particularly if your work and personal calendars aren’t connected. Today, we announced new features in Outlook on the web that help you manage all your commitments, across your work and life, in one place. With these new features, you can link your personal calendar to your work calendar to show your real availability in your work account, while still maintaining privacy around the details of personal appointments and business meetings.

We also announced the expansion of Play My Emails on Android—where Cortana provides an intelligent read-out of your emails. Play My Emails can help you catch up and act on what’s new in your inbox whether you are mid-commute or getting ready in the morning, so that you can be fully present when you are home. To further enable hands-free activities, you can now use Microsoft Search that recognizes natural language on iOS and Android. Simply find your results faster and easier by using language you use every day to filter and narrow your search—just speak it or type it. The new search functionality and Play My Emails availability on Android will begin rolling out in the coming months.

Deepen your connection to family and friends with Skype and Microsoft Teams

Staying connected with our loved ones has never been more important than it is right now. We’re pleased to offer tools like Skype to help people to stay in touch with family and friends through chat and video calling. Recently, we have seen significant increases in Skype usage. Skype has seen an increase in usage, with 40 million people using it daily, up 70 percent month over month and, we are seeing a 220 percent increase in Skype to Skype calling minutes month over month. To help people get connected even faster, we recently introduced a new feature in Skype called Meet Now. Meet Now lets you easily create video meetings in as little as three clicks for free, no signups or downloads required.

At work, every day more than 44 million people use Microsoft Teams. People love Teams because it’s the only hub for teamwork that lets you chat, do video conferencing, make calls, and collaborate all in one place. And while Teams is great for work, we’re all struggling to manage responsibilities across work and life. We use multiple apps and disconnected tools such as calendars, email, messaging, and documents to manage it all.

To provide one app to help manage work and life and deepen your connection with those who matter most, today we previewed new features coming to Microsoft Teams for your personal life.

With these new features coming to Teams, you can connect, stay organized, and collaborate with family and friends. Create groups to plan trips with friends; organize a neighborhood gathering or your next book club meeting. You’ll be able to connect in a group chat, make video calls, collaborate over shared to-do lists and assign tasks to specific people, coordinate schedules, share photos and videos, all in one place. Teams gives to you the tools to seamlessly manage daily life; share grocery lists, organize across family calendars, store important information like Wi-Fi passwords and account info, and even see location updates when loved ones arrive home or at other locations like work or school.

These new features are coming in preview to the Microsoft Teams mobile app in the coming months. In the meantime, we invite you to connect with friends and family through chat and video calling using Skype.

Protect your family in the physical and digital worlds with Microsoft Family Safety

Many parents use multiple screen-time apps and location-based services to help ensure their families are safe in the physical and digital worlds. Unveiled today, Microsoft Family Safety is a new mobile experience coming on iOS and Android for Microsoft 365 subscribers.

Microsoft Family Safety empowers families to help protect their loved ones by giving them the tools and insights to start a conversation promoting healthier habits online and in the real world. The new Microsoft Family Safety app is the only app that manages screen time across Windows PCs, Android, and Xbox while also giving you peace of mind when your kids aren’t home.

Microsoft Family Safety helps you stay connected with location sharing and notifications when a family member arrives or departs a location like home, school, or work, to help give you the peace of mind that your family is where they need to be. And, for inexperienced drivers in the household, you can use driving reports to help build better habits behind the wheel with the peace of mind knowing that we don’t share your information with third parties, such as insurance companies.

You’ll also be able to help protect your kids as they explore and play games online and on their devices. The Microsoft Family Safety app helps you understand how your kids are spending their time across their Xbox, Windows 10 PCs, and Android phones, plus you can set limits to help promote healthy digital habits. Additionally, you’ll be able to help steer them away from content that you feel is not age appropriate as they start browsing the web.

We are starting with a limited preview of the app across iOS and Android that will be available in the coming months.

Access to popular wellbeing, creativity, and enrichment apps

Wellbeing, creativity, and enrichment play important roles in helping you be your best self. So, in addition to all the new value in the Microsoft 365 Personal and Family subscriptions, we announced that subscribers will receive limited-time access to popular apps and premium services such as Adobe, Bark, Blinkist, Creative Live, Experian, Headspace, and TeamSnap. In the U.S. these are valued at over $500 USD. Visit this page to learn more about the partner benefits program for Microsoft 365 Personal and Family subscribers.

Microsoft 365 Personal and Family subscriptions broadly available on April 21—more value, same price

The new Office features start rolling out to current Office 365 customers today. Microsoft 365 Personal and Family subscriptions will be available worldwide on April 21st. With Microsoft 365 Personal and Family subscriptions you get everything in Office 365, like premium desktop Office apps, 1 TB of OneDrive cloud storage per person, 60 Skype minutes for calling mobile phones and landlines, advanced security features to protect you from malware and phishing attacks, ongoing technical support, plus all the new features and benefits announced today. Microsoft 365 Personal costs $6.99 USD a month. For the best value, a family of up to six people can use Microsoft 365 Family for $9.99 USD a month.

To learn more about Microsoft 365 Personal and Family subscriptions as well as the market and language availability of the new features, visit this page. For more information about the changes that are coming to Microsoft 365 Business and Microsoft 365 Apps for Enterprise plans, visit this page here.

For more information, please refer to Microsoft

[Special Announcement]

Dear Valued Customers,

Following the Prime Minister announcement on the Movement Control Order, our office will be temporarily closed from 18th-31st March 2020. 

However our business operation is as usual from 9am to 6pm, Mon-Fri. Our team will be working from home and are still reachable via emails, Whatsapp and mobile.

As for Sales Order operation, we are still able to process all software licensing order, renewal and limited hardware delivery (case to case).

For any technical support, please forward your request to [email protected] or reach to our support phone number  -1700818782.
For any sales inquiries, please write to [email protected].

We apologise for any inconvenience caused and look forward to serve you soon.

Stay safe and healthy, everyone!

Management of
CLL Systems Sdn Bhd

Coronavirus and remote working: what you need to know

Coronavirus has brought remote working to the top of everyone’s mind. With many organizations already enabling or exploring remote working, here are 11 tips to help your users, and your company, stay secure while protecting everyone’s physical health.

1. Make it easy for users to get started

Remote users may need to set up devices and connect to important services (Mail, Internal Services, SalesForce, etc.) without physically handing them over to the IT department. Look for products (security and otherwise) that offer a Self Service Portal (SSP) that allows users to do things themselves.

2. Ensure devices and systems are fully protected

Go back to basics – ensure all devices, operating systems and software applications are up to date with the latest patches and versions.  All too often malware breaches an organization’s defenses via a rogue unpatched or unprotected device.

3. Encrypt devices wherever possible

When people are out of the office there is often a greater risk of lost or stolen devices; for example, phones left in cafes, laptops stolen from cars. Most devices include native encryption tools such as BitLocker – be sure to use them.

4. Create a secure connection back to the office

Using a Virtual Private Network (VPN) ensures that all the data transferred between the home user and the office network is encrypted and protected in transit. Plus, it makes it easier for employees to do their jobs.

5. Scan and secure email and establish healthy practice

Home working will likely lead to a big increase in email as people can no longer speak to colleagues in person. The crooks are wise to this and already using the coronavirus in phishing emails as a way to entice users to click on malicious links. Ensure your email protection is up-to-date and raise awareness of phishing.

6. Enable web filtering

Applying web filtering rules on devices will ensure that users can only access content appropriate for ‘work’ while protecting them from malicious websites.

7. Enable use of cloud storage for files and data

Cloud storage enables people to still access their data if their device fails while working remotely. Don’t leave files and data in the cloud unprotected and accessible by anyone. At the very least, employees must successfully authenticate. Multi factor authentication takes that a step further.

8. Manage use of removable storage and other peripherals

Working from home may increase the chance of people connecting insecure devices to their work computer – to copy data from a USB stick, or to charge another device. Considering that 14% of cyberthreats get in via USBs/external devices*, it’s a good idea to enable device control within your endpoint protection to manage this risk.

9. Control mobile devices

Mobile devices are susceptible to loss and theft. You need to be able to lock or wipe them should this happen. Implement application installation restrictions and a Unified Endpoint Management solution to manage and protect mobile devices.

10. Make sure people have a way to report security issues

With home working people can’t walk over to the IT team if they have an issue. Give people a quick and easy way to report security issues, such as an easy-to-remember email address.

11. Make sure you know about “Shadow IT” solutions

With large numbers of people working from home, Shadow IT – where non-IT staff find their own ways of solving issues – will likely increase. Sophos recently discovered ‘public’ Trello boards containing names, emails, dates of birth, ID numbers, and bank account information. Ensure users report use of such tools.

For more information, please refer to SOPHOS

Introducing vSphere 7: Features & Technology for the Hybrid Cloud

We are excited to share that  VMware introduced the most comprehensive software stack for modern applications – the VMware Tanzu portfolio, VMware Cloud Foundation 4 and vSphere 7. These offerings provide a new way for organizations to think about their application modernization initiatives.

vSphere 7 is the biggest release of vSphere in over a decade and delivers these innovations and the rearchitecting of vSphere with native Kubernetes that we introduced at VMworld 2019 as Project Pacific.

The headline news is that vSphere now has native support for Kubernetes, so you can run containers and virtual machines on the same platform, with a simple upgrade of the system that you’ve currently standardized on and adopting VMware Cloud Foundation. In addition, this release is chock-full of new capabilities focused on significantly improving developer and operator productivity, regardless of whether you are running containers.

vSphere 7 powers VMware Cloud Foundation, which enables customers to deliver apps to any cloud while ensuring security, performance, and resiliency. Using vSphere 7 and VMware Cloud Foundation, you can improve the security, performance, and resiliency of your infrastructure as you accelerate your digital transformation journey without incurring big disruptions to your people, process and technology investments.

Now, let us look at some of the key capabilities in vSphere 7.

vSphere 7 Features in a Circular Diagram

vSphere with Kubernetes

The first of the vSphere 7 features is vSphere with Kubernetes (formerly Project Pacific). This is a big topic and we have plenty of content planned to dive deeper into how vSphere has been transformed in order to support both VMs and containers. As Krish mentioned, Tanzu Kubernetes Grid Service is how customers can run fully compliant and conformant Kubernetes with vSphere. However, when complete conformance with the open source project isn’t required, the vSphere Pod Service can provide optimized performance and improved security through VM-like isolation. Both of these options are available through VMware Cloud Foundation 4.

The important takeaway is that Kubernetes is now built into vSphere which allows developers to continue using the same industry-standard tools and interfaces they’ve been using to create modern applications. vSphere Admins also benefit because they can help manage the Kubernetes infrastructure using the same tools and skills they have developed around vSphere. To help bridge these two worlds we’ve introduced a new vSphere construct called Namespaces, allowing vSphere Admins to create a logical set of resources, permissions, and policies that enable an application-centric approach.

vSphere with Kubernetes Namespaces

If Kubernetes isn’t on your radar, we still have plenty of new and improved features in this release. In fact, we’ve made large steps forward for two of our most mature technologies: DRS and vMotion. In addition to Namespaces, we have quite a few brand new features to discuss.

Improved Distributed Resource Scheduler (DRS)

vSphere DRS has been reimagined to better serve both containers and VMs. DRS used to focus on the cluster state and the algorithm would recommend a vMotion when it would benefit the balance of the cluster as a whole. This meant that DRS used to achieve cluster balance by using a cluster-wide standard deviation model.

vSphere 7 Improved DRS UI Chart

But, what about individual VMs? How would that vMotion impact the VM that was moved or it’s old or new neighbors? The new DRS logic takes a very different approach that addresses these questions. It computes a VM DRS score on the hosts and moves the VM to a host that provides the highest VM DRS score. The biggest difference from the old DRS version is that it no longer balances host load. This means DRS cares less about the ESXi host utilization and prioritizes the VM “happiness”. The VM DRS score is also calculated every minute and this results in a much more granular optimization of resources.

Assignable Hardware

In vSphere 7, there is a new framework called Assignable Hardware that was developed to extend support for vSphere features when customers utilize hardware accelerators. It introduces vSphere DRS (for initial placement of a VM in a cluster) and vSphere High Availability (HA) support for VM’s equipped with a passthrough PCIe device or a NVIDIA vGPU. Related to Assignable Hardware is the new Dynamic DirectPath I/O which is a new way of configuring passthrough to expose PCIe devices directly to a VM. The hardware address of a PCIe device is no longer directly mapped to the configuration (vmx) file of a virtual machine. Instead, it is now exposed as a PCIe device capability to the VM.

Together, Dynamic DirectPath I/O, NVIDIA vGPU, and Assignable Hardware are a powerful new combination unlocking some great new functionality. For example, let’s look at a VM that requires an NVIDIA V100 GPU. Assignable Hardware will now interact with DRS when that VM is powered on (initial placement) to find an ESXi host that has such a device available, claim that device, and register the VM to that host. If there is a host failure and vSphere HA kicks in, Assignable Hardware also allows for that VM to be restarted on a suitable host with the required hardware available.

vSphere Lifecycle Manager

vSphere Lifecycle Manager accounts for a number of the new vSphere 7 features, bringing a suite of capabilities to make lifecycle operations better. With vSphere Lifecycle Manager we have a paradigm shift in both vCenter Server and ESXi host configuration management. Using a desired state configuration model, vSphere Administrators can create configurations once, apply them, and continue to monitor that desired state through new tools called vCenter Server Profiles and Image Cluster Management. vCenter Server Profiles enable administrators to standardize on a configuration for all of their vCenter Servers and monitor to protect against configuration drift.

vSphere Lifecycle Manager

Cluster Image Management allows administrators to create images at the cluster level that dictate how hosts within the cluster will be configured. A cluster image can comprise the vSphere (ESXi) release, a vendor add-on (which would be the delta between the gold ESXi image and the OEM ISO in VUM terminology), and a firmware add-on which would allow vSphere Lifecycle Manager to communicate with a vendor provided firmware management tool (or Hardware Support Manager) such as Dell OMIVV. Our partners at this launch are Dell EMC and HPE with more to come.

vCenter Server Update Planner

Third, inside vSphere Lifecycle Manager we have vCenter Server Update Planner. vCenter Server Update Planner provides native tooling to help plan, discover, and upgrade customer environments successfully. Receive notifications when an upgrade is available directly in the vSphere Client. Then use Update Planner to easily monitor the VMware product interoperability matrix to ensure that the available upgrade is compatible with other VMware software in the environment. Run a suite of available prechecks to assist with version compatibility prior to beginning an upgrade. Everything is good? You’ll have a successful upgrade, with no surprises.

It is important to note that vCenter Server Update Planner only works with vSphere 7 and onwards. So, Update Planner cannot help plan your upgrade from vSphere 6.x to vSphere 7 but it will drastically simplify your upgrades once you are running vSphere 7.

Refactored vMotion

As with DRS, we needed to review the vMotion process and look closely at how we could improve vMotion to support today’s workloads. VMs with a large memory & CPU footprint, like SAP HANA and Oracle database backends, had challenges being live-migrated using vMotion. The performance impact during the vMotion process and the potentially long stun-time during the switchover phase meant that customers were not comfortable using vMotion for these large workloads. With vSphere 7, we are bringing back that capability as we have greatly improved the vMotion logic.

At a high level, vMotion is comprised of several processes. For most VMs these processes can execute very quickly, often fast enough to not be noticed. For VMs that have large CPU and memory allocations these processes can become noticeable, and even last long enough for the application running within the VM to think there is a problem. So, several of those processes have been improved to mitigate vMotion issues for those larger VMs. One such process uses page tracers where vMotion keeps track of memory paging activity during a migration. Prior to vSphere 7, page tracing occurred on all vCPUs within a VM, which could cause the VM and its workload to be resource constrained by the migration itself. With vSphere 7, a dedicated vCPU is used for page tracing which means that the VM and its applications can keep working while the vMotion processes are occurring.

Another process that was improved was the memory copy. Prior to vSphere 7, memory was transferred between the hosts in 4k pages. vSphere 7 now uses 1 GB pages, along with a few other optimizations, to make this data transfer much more efficient. To make sure the stun time stays within the 1 second target (the time when the switch over between hosts occurs), the VM state and the bitmap of the memory pages are transferred. This stun time is important and with very large VMs, it becomes difficult to transfer that bitmap in less than the desired 1 second. So, instead of transferring the entire bitmap – which could be hundreds of megabytes in size for large VMs – only the pages required are transferred. Most of the pages are actually already on the destination host from the original transfer so we can reduce the transfer time from seconds to milliseconds.

As with all topics in this post, more details will be available – as upcoming posts here – on this new process. The key end result is that vMotion can now be used for even the largest of VMs.

Intrinsic Security

One of the biggest ways that our customers can improve their security is through good password policies, and one of the easiest ways to do that is to implement multifactor authentication (MFA). The problem, then, is that there are so many ways to implement MFA, and it’s nearly impossible to extend vCenter Server with all of them. Furthermore, even if VMware implements some of them, we’re duplicating what many customers already have in their corporate identity management systems, and that doesn’t mesh with our desire to make life better for our users, the vSphere Admins.

vSphere 7 Identity Federation

The solution is federation using open authentication & authorization standards like OAUTH2 and OIDC. With vSphere 7 and Identity Federation, vCenter Server can talk to an enterprise identity provider and get the vSphere Admins and vCenter Server out of the process. This simplifies the vSphere Admin’s job and reduces helps reduce compliance audit scope. It also opens the door to lots of different MFA methods because they already know how to plug into things like Active Directory Federation Services (ADFS). With vSphere 7 we are supporting ADFS out of the box and will build support for more providers over time.

vSphere Trust Authority

We’re also introducing vSphere Trust Authority (vTA), helping to make it easier to establish trust throughout the entire stack – from bare metal all the way through the workloads. vSphere Trust Authority creates a hardware root of trust using a small, separately-managed cluster of ESXi hosts which takes over the task of attestation. Host attestation is where the UEFI Secure Boot process, a server’s Trusted Platform Module (TPM), and an external service work together using cryptographic to verify that the host is running authentic software, in a good configuration.

In vSphere 7, vTA gives attestation the ability to enforce the rules by having the trusted hosts take over the communications with the key management systems (KMSes). This simplifies the connections to the KMSes, which simplifies risk auditing, as well as ensuring that a host that fails attestation doesn’t get access to secrets. Without those secrets the host can’t run an encrypted VM, which is good. We don’t want a secured VM on an untrusted server.

Certificate management also continues to be improved by reducing the amount of certificates that are required to be managed as well as the introduction of a new certificate import wizard. Solution User certificates no longer need to be managed and ESXi has also been simplified so that its services use a common certificate. Last, there is a REST API for operations such as renewing a certificate from the VMware Certificate Authority (VMCA), making the process easier to automate.

Other Improvements

This blog post is not meant to be exhaustive but there are a few other vSphere 7 features that I’d like to mention. First, we’ve continued to simplify the vCenter Server architecture. With vSphere 7, there is no longer the ability to deploy external Platform Services Controllers (PSCs) or vCenter Server for Windows. If you have either of these types of deployments, the vCenter Server 7 installer will automatically migrate that vCenter Server instance to a vCenter Server appliance with an embedded PSC. There is no multi-step process that involves multiple tools. It is an integrated, seamless experience.

Support has also been added for multiple NICs for the vCenter Server appliance, new CLI Tools, and an improved Developer Center in the vSphere Client. There is a new VM Hardware version, 17, that brings more new features like a precision clock for PTP support, vSGX, and a virtual watchdog to help monitor clustered applications. Over the course of the next few weeks we’ll be releasing detailed blogs on all these vSphere 7 features and more. Please stay up to date through the links and information posted in the footer below.


As you may have gathered by now, vSphere 7 really is a substantial and game-changing release. There has been a big focus on making our customers’ lives better through the lifecycle and security improvements. We also continue to keep pushing the boundaries of what is possible thanks to our great partnerships and customers. And, with the addition of Kubernetes, we’re not slowing down any time soon. vSphere 7 is technology for the hybrid cloud.

For more information, please refer to VMware

HPE GreenLake with Nutanix is ready!

HPE and Nutanix promised to bring as a Service consumption to the Nutanix enterprise cloud platform, and now it’s ready.

IT shops are getting seriously sophisticated about hybrid cloud these days, and cloud software and hyperconverged infrastructure vendors like Nutanix. It isn’t a new technology, but companies like Nutanix have made it easy and fast, while enabling a number of specific workloads. Now HPE and Nutanix have joined forces to deliver an integrated hybrid cloud as a Service (aaS) solution to the market. This offering will leverage Nutanix’s Enterprise Cloud OS software, including its built-in, free AHV hypervisor, delivered through HPE GreenLake to provide customers with a fully HPE-managed hybrid cloud that dramatically lowers total cost of ownership and accelerates time to value.

HPE GreenLake services bring consumption-based IT to our customers’ workloads and data – across their datacenters or colocations. Consumption-based IT for your top workloads delivers business agility with the right cost and control.

There’s no doubt in my mind that the cloud is not a destination but rather an experience. And that experience – fast access to the VMs you need, hands-off IT operation, and pay for what you need – brings many advantages. Customers are looking for choice, ease and simplicity in how they build and manage applications across environments. They want to spend time on innovation, move faster without compromising security, and minimize complexity. This is why we’ve teamed up together.

Why Nutanix?

With Nutanix, customers can now leverage a built-in, free hypervisor through an aaS offering, and benefit from Nutanix’s single-click simplicity to deploy and scale virtualized workloads. The Nutanix technology can reduce IT staff hours by 61% for deployment, management and support when compared to traditional infrastructure, allowing HPE GreenLake services to be delivered more quickly and efficiently.

Why HPE GreenLake?

HPE GreenLake is the industry-leading aaS solution for on-premises IT. With variable payments based on actual metered usage of the workload or resources, rapid scalability ahead of customer capacity needs, and enterprise-grade management and support, HPE GreenLake delivers a cloud experience to customers’ data center or co-location environment. And HPE GreenLake can take on the parts of IT operations that really don’t help to drive business innovation, delivering a managed environment but leaving the customer in control.

Customers are putting this solution to work in many ways. But here are three important ways to get value from this solution.

  • A platform for end user computing — a high performance VDI infrastructure that you pay for as it delivers value.
  • A database platform tailored to the needs of the most common databases, delivered as a service.
  • A general private cloud with the automation that Nutanix has developed and the cloud-like experience of HPE GreenLake.

Put these two industry leaders together and you get the best of both: cloud economics, simpler IT, and an elastic hyperconverged platform that practically runs itself. 

For more information, please refer to Nutanix

VMware vSAN 7

We’re excited to announce the latest release of the industry-leading hyperconverged infrastructure software, VMware vSAN 7. vSAN, with its rich ecosystem of partners, has evolved as the platform of choice for private and public clouds. This article discusses how vSAN 7 accelerates modernizing the data center with newer features and enhancements.

HCI is being rapidly adopted by organizations of all sizes, across industries to support better business outcomes. Organizations need to deliver new goods and services to customers and employees faster than ever before, as new technology is rapidly reducing product development and delivery times. IT infrastructure decision-makers need platforms that can enable quick delivery of new solutions. They’ve identified a few ways to make that happen:

• Simplify infrastructure management and accelerate provisioning
• Unify block and file storage
• Support emerging technologies, such as containers

(*Source: Perry, Christian. Voice of the Enterprise, Servers and Converged Infrastructure, Budget and Outlook, 2019. 451 Research.)

Resonating with the industry trends and needs, vSAN 7 simplifies infrastructure management by reducing the number of tools required to manage server lifecycle. Organizations can now unify block and file storage with vSAN, thus reducing the need for third party solutions and accelerating file share provisioning. vSAN 7 also includes new capabilities enhancing cloud-native applications, enabling support for file-services and vSphere add-on for Kubernetes (formerly known as Project Pacific) through VMware Cloud Foundation.

Simplify Cluster Updates with vSphere Lifecycle Manager

Lifecycle management is a time-consuming task. It is common for admins to maintain their infrastructure with many tools that require specialized skills. VMware customers currently use two different interfaces for day two operations: vSphere Update Manager (VUM) for software and drivers and server vendor-provided utility for firmware updates. In this latest release, VMware HCI sets the foundation for a new, unified mechanism to update software and firmware management that is native to vSphere called vSphere Lifecycle Manager (vLCM).

vLCM is built off a desired-state model that provides lifecycle management for the hypervisor and the full stack of drivers and firmware for the servers powering your data center. vLCM can be used to apply an image, monitor the compliance, and remediate the cluster if there is a drift. This reduces the effort to monitor compliance for individual components and helps maintain a consistent state for the entire cluster in adherence to the VMware Compatibility Guide (VCG). vLCM is a powerful new approach to creating simplified consistent server lifecycle management at scale.
vsphere lifecyle management vsan 7

Native File Services for vSAN

Native file services integrated within vSAN simplifies storage management, as it helps reduce the dependency on external solutions. vSAN 7 now supports NFS v3 and v4.1, catering to a variety of use cases. Enabling file services in vSAN is similar to enabling other cluster-level features such as iSCSI services, encryption, deduplication and compression. The entire lifecycle of provisioning and managing file services can be seamlessly performed through the vCenter UI. This feature helps address a broader set of use cases requiring file services with the simplicity of integration.

Deploy More Modern Applications on vSAN with Enhanced Cloud Native Storage

vSAN 7 extends and strengthens the cloud-native storage capabilities first introduced in vSAN 6.7 Update 3. vSAN now supports using native file services as persistent volumes for Kubernetes clusters. Persistent volumes are now able to support the use of encryption and snapshots. In addition to file services, vSAN enables vSphere Add-on for Kubernetes (formerly known as Project Pacific), which enables stateful containerized workloads to be deployed on vSAN datastores.

vsan 7 kubernetes

Overall enhancements

Integrated DRS awareness of Stretched Cluster configurations

vSAN 7 has tighter integration with data placement and DRS. After recovering from a failure condition, DRS will keep the VM running at the same site until data is fully resynchronized between the two sites. Once resynchronization is complete, DRS will move the VM to the appropriate site in accordance with DRS rules. This improvement reduces unnecessary read operations occurring across the ISL, thereby ISL resources are prioritized to complete resynchronizations post site recovery.

Immediate repair operation after a vSAN Witness Host is replaced

vSAN 7 enhances the replacement and resynchronizing logic of a vSAN Witness Host for Stretched Cluster and 2-node topologies. When a vSAN Witness Host appliance is impacted or needs to be replaced, it can be easily done using a “Replace Witness” button in vCenter. After the replacement, vSAN invokes an immediate repair operation, quickly reinstating the vSAN Witness Host to a consistent state. This enhancement helps mitigate a transient vulnerability to site-level protection by expediting vSAN Witness Host restoration.

Stretched Cluster I/O redirect based on an imbalance of capacity across sites

A vSAN Stretched Cluster topology provides the resilience of VM and data in the event of a site outage. The agility of vSAN enables administrators to fine-tune configuration parameters for individual VMs with different protection levels or affinities. As a result, there could be an imbalance of available capacity at one site versus the other. vSAN 7 introduces new intelligence to minimize impact due to capacity strained conditions. When an imbalance is detected, vSAN checks multiple parameters based on which it limits the IO to the capacity-constrained site and redirects active IO to the healthy site. These mitigation steps occur non-disruptively to the operation of the VM. This optimization is an excellent example of introducing more intelligence to vSAN to ensure predictable operation under a wide variety of conditions.

Accurate VM level space reporting across vCenter UI for vSAN powered VMs

vSAN 7 introduces a new level of consistency in VM level capacity reporting in vCenter for vSAN powered VMs. The initial design of vCenter accommodated for VM-level capacity reporting similar to how traditional storage operates. These improvements will help reconcile the reporting differences that may have been found between vSAN centric areas of vCenter and traditional VM reporting areas such as at the cluster and host view.

Improved Memory reporting for ongoing optimization

A new time-based memory consumption metric is exposed in the UI and through API to provide deeper insight into resource consumption. With the robust architecture of vSAN, as the environment evolves (through scale-up or scale-out), time-based metrics help correlate the change in memory consumption with hardware and software configuration changes made in the cluster. This helps systematically assess the impact of configuration changes and continually optimize the design.

Visibility of vSphere Replication objects in vSAN capacity views

VMware vSphere Replication is a hypervisor-based, asynchronous replication solution for vSphere VMs. It provides a simple and effective mechanism to protect and recover VMs. vSphere replication is included with vSphere Essentials Plus Kit and higher license editions. vSAN 7 introduces a significant improvement for environments using vSphere Replication. Administrators will now be able to easily identify vSphere Replication related object data at the VM object level, as well in the cluster-level capacity views. This awareness for vSphere Replication data goes a long way toward helping an administrator determine resources used for asynchronous replication needs.

Support for larger capacity devices

vSAN demonstrates great agility to meet the evolving storage needs. vSAN 7 supports newer and larger density storage devices. vSAN’s support of higher density storage devices can bring inherent improvements to customer environments, such as improved deduplication and compression ratios and a lower cost per terabyte (TB). The support for higher density drives presents a benefit unique to vSAN’s architecture: Incrementally adding or replacing existing disk groups with new disk groups consisting of much higher density drives without any additional licensing cost.

Native support for planned and unplanned maintenance with NVMe hotplug

NVMe has helped usher in all-new levels of performance capabilities for storage systems. vSphere 7 introduces one feature that meets or exceeds the capability associated with older SAS and SATA devices: Hotplug support for NVMe devices in vSphere and vSAN. This introduces a new level of flexibility and serviceability to hosts populated with NVMe devices, improving uptime by simplifying maintenance tasks around adding, removing, and relocating storage devices in hosts. Modern hosts can potentially have dozens of NVMe devices, and the benefits of hotplug most help environments large and small.

Removal of Eager Zero Thick (EZT) requirement for shared disk in vSAN

This release also introduces improved flexibility for VM applications using shared virtual disks, such as Oracle RAC. vSAN 7 eliminates the prerequisite that shared virtual disks with multi-writer flags must use the eager zero thick format. This streamlined set of requirements improves simplicity and efficiency.


vSAN 7 modernizes hyperconverged infrastructure by providing administrators a unified storage control plane for both block and file protocols, and provides significant enhancements that make it a great solution for traditional virtual machines as well cloud-native applications. vSphere Lifecycle Manager reduces the complexity of monitoring and maintaining infrastructure by consolidating software, driver and firmware update tools and introducing a desired-state model of implementing a desired image. vSAN 7’s file shares enable admins to rapidly provision a file share via a single workflow; integrated file shares also reduce dependencies on expensive third-party solutions and eases lifecycle management. As Kubernetes-orchestrated cloud-native apps will also be able to take advantage of vSAN file shares, IT can consolidate more workloads onto vSAN-powered HCI efficiently. Additional improvements provide a wide variety of benefits, from enhanced infrastructure monitoring, which helps admins plan for future needs, to future-proofing infrastructure by supporting larger capacity drives and improving uptime with NVMe hotplug. vSAN continues to be the platform of choice for both traditional applications and evolving modern applications because of seamless evolution and rapid innovation.

For more information, please refer to VMware

7 types of virus – a short glossary of contemporary cyberbadness

OK, technically, this article is about malware in general, not about viruses in particular.

Strictly speaking, virus refers to a type of malware that spreads by itself, so that once it’s in your system, you may end up with hundreds or even thousands of infected files…

…on every computer in your network, and in the networks your network can see, and so on, and so on.

These days, however, the crooks don’t really need to program auto-spreading into their malware – thanks to always-on internet connectivity, the “spreading” part is easier than ever, so that’s one attention-grabbing step the crooks no longer need to use.

But the word virus has remained as a synonym for malware in general, and that’s how we’re using the word here.

So, for the record, here are seven categories of malware that give you a fair idea of the breadth and the depth of the risk that malware can pose to your organisation.

To jump to a specific item, click in the list below:

  4. BOTS, aka ZOMBIES
  6. RATS (Remote Access Trojans)
  8. WHAT TO DO?


Keyloggers are surprisingly simple, and can be implemented in many different ways.

Simply put, they hook into the stream of data that comes from your keyboard, allowing them to tell what you typed and when.

In fact, keyloggers often don’t merely know “you typed F” – they get enough detail to tell that you pressed the left Shift key down, then depressed F, then released F, then let go of the shift.

That means they can even keep track of keystrokes that don’t produce any visible output, such as function keys, backspaces and other key combinations that turn options on or off.

Importantly, keyloggers don’t always need to be implemented down at the operating system level, and they often don’t need administrative or root powers to hook themselves into the keystroke data stream.

For example, JavaScript code inside your browser can monitor (and alter, if it wants) the flow of keystrokes as you browse, meaning that rogue JavaScript injected into a login page could, in theory, recognise and steal your usernames and passwords.

Banking trojans [q.v.] very commonly include a keylogger module so they can try to capture your passwords when they recognise that you’re in the middle of logging in to your bank.

Interestingly, keyloggers also exist in hardware form – a tiny device that’s connected between an external keyboard and the computer port it’s plugged into.

Hardware keyloggers can’t reliably be detected by software (they usually just identify themselves to your computer as a regular keyboard), but they can often be spotted by visual inspection of your normal keyboard or cable.



A data stealer is malware that does pretty much what its name suggests: it goes hunting around your hard disk, and perhaps even around your whole network if it can, looking for files that contain data that’s worth money to the crooks.

In the early days of malware, most attacks were true computer viruses, meaning that they spread automatically by theselves, often by spewing out emails containing an infected attachment.

Back then, many viruses included a data-matching toolkit that went through pretty much every file on your computer looking for text strings that matched a pattern such as [spaces][alphanumerics]AT[alphanumerics]DOT[alphanumerics], on the reasonable assumption that this was probably an email adddress.

By deliberately harvesting email addresses from everywhere, not just from your email software, they came up with exensive lists of potential new victims, even people whom you’d never contacted but whose addresses showed up in documents, marketing material, or saved pages from websites.

These days, the crooks are interested in much more than email addresses to steal – anything that can be reduced to a text-matching pattern is surprisingly easy to hunt out and thieve, including bank account details, ID numbers, passport data, credit cards and account passwords.

Data stealers also know how to recognise special files by their name or their internal structure, such as password vaults that contain login details, and browser databases that may contain tell-tale data such as authentication tokens and browsing history.

Many other types of malware, notably bots [q.v.] and banking trojans [q.v.], include data stealing modules as one useful way of extending their criminality.



Malware can’t always find what it wants in files on your computer, even if the malware itself already has administrator or root level access.

That’s because some data only ever exists temporarily in memory, and then gets scrubbed without ever reaching disk.

One reason for that concerns data security regulations such as PCI-DSS, the Payment Card Industry Data Security Standard, and GDPR, the European General Data Protection Regulation.

Those regulations say that there are some data items you simply aren’t allowed to keep after you’ve finished with them – you should use them only at the moment you need them, and then get rid of them forever.

An obvious example is the CVV number (the short code) on the back of your credit card – that code is used to authorise a transaction but should never be saved to disk or otherwise retained beyond that point.

That’s bad news for cybercrooks, because it means they can’t easily get hold of CVV codes for transactions that have already happened…

…but with RAM scraping malware that keeps an eye on data as it is stored temporarily in memory, the crooks may be able to identify critical data such as CVVs and full credit card information and “scrape” it straight out of RAM.

Other secret data often appears in RAM, albeit briefly, such as decryption keys, plaintext paswords and website authentication tokens, and RAM scrapers can watch for these, too.



A bot, short for robot program, is malware that opens a backdoor into your computer so that crooks can send it commands from afar.

A collection of bots is known, in turn, as a botnet, short for robot network, and crooks who control an army of networked bots can command them remotely all at the same time, with much more dramatic results that just having control over one or two computers on the internet.

Bots are also commonly known as zombies, because they act a bit like “sleeper agents” that the crooks can turn against you on demand.

Commands often built into bots include: sending spam in vast quantities, searching locally for files, sniffing out passwords, attacking other people’s websites, and secretly clicking online ads to generate pay-per-click revenue.

One important thing to remember about bots is that they don’t rely on the crooks connecting inwards to your computer to send them commands, so they aren’t automatically blocked by your home router, which usually prevents all incoming network connections.

Most bots work by regularly calling home, only ever making outbound connections – something your home router probably does allow – and downloading the latest list of commands published by the crooks.

Another important fact about bots is that almost every bot ever released includes a command that allows the crooks to upgrade or even to replace it whenever they want.

Sadly, that means it’s hard to predict in advance what damage crooks might do to your computer if you find you’re infected with a bot, because it could have been doing something else yesterday and might move on to a completely new attack tomorrow.



This is the general term for malware that goes after information about your online banking.

As you can imagine, banking trojans typically include a keylogger [q.v.] component, to sniff out passwords as you type them in.

They also often have a data stealer [q.v.] part to trawl through likely files such as browser databases and password vaults in the hope of finding unencrypted passwords or account details.

Another trick widely used by banking trojans is known as web form injection, where the malware sneakily adds extra data fields into forms that are displayed in your browser.

By doing this they hope to trick you into entering additional data, such as your credit card number or date of birth, at a point where you wouldn’t normally be asked such questions.

Perhaps the best known name in the banking trojan scene is Gozi, a large and loosely-defined family of malware that first appeared more than a decade ago.

The original Gozi source code was published online many years ago, and this threat family has proliferated and evolved ever since.



The name RAT is short for Remote Access Trojan, typically the sort of remote access tool that lets creeps spy on you by taking surreptitious screenshots or secretly turning on your webcam.

The best-known RAT is probably Blackshades, which made the headlines a few years ago when a variant of this malware family was used by a cybercriminal called Jared James Abrahams to spy on hundreds of women, including then Miss Teen USA, Cassidy Wolf.

Abrahams ended up with an 18-month prison sentence; the authors and distributors of the Blackshades malware itself were variously arrested and convicted, too.

One question that RATware often raises is, “Can a malware author activate my webcam without the light turning on?”

The answer is, “It depends.”

Some webcams have their LED wired in with the webcam itself, so that it comes on with the webcam no matter what; others have the LED set up so that it can be programmed independently of the webcam, and on this sort of webcam you could, in theory at least, record without any visible sign.

If in doubt, a webcam cover or a tiny piece of electrical tape will provide you with a web shield that malware can’t deactivate!



This is probably the most feared sort of malware of the past decade: generally speaking, ransomware scrambles all your files, uploads the one-and-only copy of the decryption key to the crooks, and then offers to sell you back the decryption key so you can unlock your computer and get back to work.

In an ideal world, ransomware wouldn’t work for the crooks at all, because you’d simply wipe your computer clean (handily removing the ransomware at the same time), restore your most recent backup, and be up and running without paying the crooks anything.

But life is seldom that simple, and today’s ransomware crooks maximise their leverage against you in several ways:

  • They usually find a way into your network first, so they can scramble hundreds or even thousands of computers at the same time. Even if you have backups for all of them, reimaging and restoring thousands of computers might take longer than just paying up.
  • They look around for online backups on the network, and wipe them out in advance of the ransomware attack. Unless you have a reliable process of regularly making and keeping offline backups, the crooks may have you over a barrel.
  • They spend time researching your cybersecurity setup first so they can turn off parts that might stop or limit the ransomware. Never ignore anything in your logs that looks like unusual or unexpected changes to network security settings – it might be crooks loosening you up for attack.

Ransomware demands have risen dramatically since 2013, when the Cryptolocker ransomware extorted $300 per computer.

Modern ransomware attacks such as SamSam, Bitpaymer and Ryuk typically take out whole networks and demand anywhere from $50,000 to $5,000,000 to undo the damage across an entire infected network.



  • Patch early, patch often. A lot of attacks start because someone, somewhere, has left a security hole open that the crooks already know how to exploit. Even if you’re using automated updating everywhere, check up on the state of your patching regularly – if you don’t check your own networks, the crooks will do it for you!
  • Look for and act on warning signs in your logs. Many malware attacks last for some time, or follow up on previous attacks or “scouting expeditions” that leave telltale signs in your logs. The unusual creation of new accounts; the use of administration tools where you wouldn’t expect them; and evidence of someone fiddling about with security settings should always be investigated. Authorised staff should know better, and can be counselled accordingly; unauthorised users can be identified and booted off the system sooner rather than later.
  • Go for defence in depth. Look for an anti-virus with behaviour-blocking and web filtering as well as plain file scanning. Most modern malware attacks involve a sequence of small steps. The crooks have to succeed at every step to complete their attack, whereas you can often stop the attack by blocking any one of the stages.

For more information, please refer to SOPHOS


Hewlett Packard Enterprise and Veeam Introduce New Data Protection Solutions

Veeam Availability Suite v10 integration with HPE Primera and enhancements to HPE StoreOnce enable enterprises to recover crucial data in minutes1 whether from human error or malicious attack.

Hewlett Packard Enterprise (HPE) announced advancements in its data protection offerings with Veeam support for HPE Primera storage and enhancements to HPE StoreOnce backup. HPE and Veeam have partnered to protect customer data for the past decade, and this new support for HPE Primera, together with the just announced Veeam Availability Suite v10, ensures customers’ data is always available, recoverable and protected. In addition, HPE StoreOnce with Veeam v10 delivers higher data availability by efficiently moving backup copies offsite for disaster recovery.

Seventy-seven percent2 of enterprises lack an effective data protection strategy, putting their business at risk. In a hyper-connected world, where everyone – and increasingly everything – shares data, businesses have the opportunity to turn all of it into value. However, ensuring data is always available and always protected can be complex and costly. Current legacy backup technologies struggle to manage and protect the expanding scope of data types and sources, expanding security threats, and the increasing need to support data across an edge to cloud environment. Together, HPE and Veeam enable customers to simplify data protection, remove cost and risk, and improve efficiency.

The integration of Veeam v10 with HPE Primera provides customers with a modern, best-in-class backup and data protection solution. Powered by HPE InfoSight, the industry’s most advanced AI for infrastructure, HPE Primera redefines mission-critical storage by delivering superior simplicity, availability and performance. HPE Primera provides 93% less time spent on managing storage3, backed by a 100% availability guarantee. Together with Veeam v10 backup support, HPE Primera customers are able to rapidly recover their data at its most granular level from storage snapshots, including virtualized environments.

“Veeam Availability Suite v10 is a new generation and industry leader of data backup and protection, with capabilities that increase data availability, portability and extensibility,” said Danny Allan, chief technology officer and senior vice president of product strategy, Veeam. “By leveraging full HPE Primera support with v10, businesses can harness the simplicity and reliable performance required for critical applications and data, empowering them to utilize intelligent data to elevate business value – a driving focus of both Veeam and HPE.”

“Data is at the heart of HPE’s edge-to-cloud platform as-a-Service strategy. Enterprises that can distill intelligence from their data will be the ones to lead in their industries,” said Jim Jackson, Chief Marketing Officer, HPE. “However, in order to utilize data to gain business insights, it needs to be readily available. Together, HPE and Veeam are helping enterprises accelerate their data’s value by ensuring it’s always on, always fast, hybrid by design, and delivers global intelligence.”

The enhanced capabilities for HPE StoreOnce and Veeam v10 provide:

  • HPE StoreOnce Catalyst Copy support for disaster recovery, delivering the only federated backup solution, managed through Veeam
  • A single interface for data protection
  • Storing, replicating and archiving additional copies of data for disaster recovery use cases without impacting backup SLAs or constraining server CPU resources

HPE and Veeam ensure data is available everywhere, and can be rapidly recovered in minutes, ensuring business resilience, and reducing risk and resource constraints. HPE has broad support for Veeam across primary storage and secondary storage. Veeam v10 now also supports the HPE hyperconverged infrastructure portfolio, including HPE SimpliVity. These solutions can be consumed as-a-service on and off-premises, and customers only pay for what they need via HPE Greenlake.

For more information, please refer to HPE


1 Based on HPE internal testing

2 Source: IDC White Paper, The business Value of High Availability Storage Environments from HPE and Veeam

3 Based on HPE internal testing, compared to previous generation storage arrays