New features for your Google Docs and Sheets mobile apps

Today’s updates to the Google Docs and Sheets mobile apps bring several new and useful features to your Android and iOS devices. Read on for more information.

On your Android phone or tablet, you can now:

Image Manipulation

On your iPhone or iPad, you can now:

iOS Page Setup 2

Download the latest versions of these apps from Google Play or the App Store.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Gradual rollout (potentially longer than 3 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI

 

 

 

New built-in Gmail protection to combat malware in attachments

Today we announced new security features for Gmail customers, including early phishing detection using machine learning, click-time warnings for malicious links, and unintended external reply warnings. In addition, we have also updated our defences against malicious attachments.

Let’s take a deeper look at the new defences against malicious attachments. We now correlate spam signals with attachment and sender heuristics, to predict messages containing new and unseen malware variants. These protections enable Gmail to better protect our users from zero-day threats, ransomware and polymorphic malware.

In addition, we block the use of file types that carry a high potential for security risks including executable and javascript files.

Machine learning has helped Gmail achieve more than 99% accuracy in spam detection, and with these new protections, we’re able to reduce your exposure to threats by confidently rejecting hundreds of millions of additional messages every day.

Constantly improving our automatic protections

These new changes are just the latest in our ongoing work to improve our protections as we work to keep ahead of evolving threats. For many years, scammers have tried to use dodgy email attachments to sneak past our spam filters, and we’ve long blocked this potential abuse in a variety of ways, including:

  • Rejecting the message and notifying the sender if we detect a virus in an email.
  • Preventing you from sending a message with an infected attachment.
  • Preventing you from downloading attachments if we detect a virus.

While the bad guys never rest, neither do we.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace:
Full rollout (1-3 days for feature visibility)

Impact:
All end users

Action:
Change management suggested/FYI

 

Reference by Google.com

 

Save time with Smart Reply in Gmail

It’s pretty easy to read your emails while you’re on the go, but responding to those emails takes effort. Smart Reply, available in Inbox by Gmail and Allo, saves you time by suggesting quick responses to your messages. The feature already drives 12 percent of replies in Inbox on mobile. And starting today, Smart Reply is coming to Gmail for Android and iOS too.

Smart Reply suggests three responses based on the email you received:

Smart reply
Once you’ve selected one, you can send it immediately or edit your response starting with the Smart Reply text. Either way, you’re saving time.
Smart Reply
Smart Reply utilises machine learning to give you better responses the more you use it. So if you’re more of a “thanks!” than a “thanks.” person, we’ll suggest the response that’s, well, more you! If you want to learn about the smarts behind Smart Reply, check out the Google Research Blog.

Smart Reply will roll out globally on Android and iOS in English first, and Spanish will follow in the coming weeks. Stay tuned for more languages coming soon!

Launch Details
Release track:  
Launching to both Rapid release and Scheduled release

Editions:
Available to all G Suite editions

Rollout pace: 
Gradual rollout (up to 15 days for feature visibility)

Impact: 
All end users

Reference by Google.com

Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable

Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable (CVE-2017-0290)

A vulnerability has been identified in the malware protection engine (Windows Defender) that is used in almost every recent version of Windows (7, 8, 8.1, 10, and Server 2016). Since Windows Defender is installed by default on all Windows PCs, it leaves many enterprises and users vulnerable to it.
This exploit allows remote attackers to take over the system, without any intervention by the system owner. Attackers could craft an email or an instant message, which when scanned by the vulnerable system, could lead to remotely taking over the system. Anything that can be automatically scanned by Windows Defender e.g. file shares, websites etc. could be used to attack the system. This exploit could also be written as a worm to scan other vulnerable systems and replicate it.
Microsoft has released and pushed an immediate patch against this code execution vulnerability. According to Microsoft, the risk is lower on Windows 10 and Windows 8.1 system because of its security feature to protect against memory corruption on these systems.
You are advised to perform a manual check whether your PC has been updated. To do so, go to “Windows Defender settings” and if the Engine version number is 1.1.13704.0 or higher means the system is patched. For others, you need to act immediately to install the latest updates to avoid being vulnerable to future attacks.

Reference by Gajshield

How to prevent Wannacry or WannaCrypt Ransomware

Best practices to prevent ransomware attacks:

  • Perform regular backups of all critical information to limit the impact of data or system loss and to help expedite the recovery process. Ideally, this data should be kept on a separate device, and backups should be stored offline.
  • Establish a Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) for your domain, which is an email validation system designed to prevent spam by detecting email spoofing by which most of the ransomware samples successfully reaches the corporate email boxes.
  • Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organisation’s website directly through browser
  • Restrict execution of PowerShell /WSCRIPT in enterprise environment Ensure installation and use of the latest version (currently v5.0) of PowerShell, with enhanced logging enabled. script block logging and transcription enabled. Send the associated logs to a centralised log repository for monitoring and analysis.
  • Application whitelisting/Strict implementation of Software Restriction Policies (SRP) to block binaries running from %APPDATA%, %PROGRAMDATA% and %TEMP% paths. Ransomware sample drops and executes generally from these locations. Enforce application whitelisting on all endpoint workstations.
  • Deploy web and email filters on the network. Configure these devices to scan for known bad domains, sources, and addresses; block these before receiving and downloading messages. Scan all emails, attachments, and downloads both on the host and at the mail gateway with a reputable antivirus solution.
  • Disable macros in Microsoft Office products. Some Office products allow for the disabling of macros that originate from outside of an organisation and can provide a hybrid approach when the organisation depends on the legitimate use of macros. For Windows, specific settings can block macros originating from the Internet from running.
  • Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.
  • Maintain updated Antivirus software on all systems
  • Consider installing Enhanced Mitigation Experience Toolkit, or similar host-level anti-exploitation tools.
  • Block the attachments of file types, exe|pif|tmp|url|vb|vbe|scr|reg|cer|pst|cmd|com|bat|dll|dat|hlp|hta|js|wsf
  • Regularly check the contents of backup files of databases for any unauthorized encrypted contents of data records or external elements, (backdoors /malicious scripts.)
  • Keep the operating system third party applications (MS office, browsers, browser Plugins) up-to-date with the latest patches.
  • Follow safe practices when browsing the web. Ensure the web browsers are secured enough with appropriate content controls.
  • Network segmentation and segregation into security zones – help protect sensitive information and critical services. Separate administrative network from business processes with physical controls and Virtual Local Area Networks.
  • Disable remote Desktop Connections, employ least-privileged accounts.
  • Ensure integrity of the codes /scripts being used in database, authentication and sensitive systems, Check regularly for the integrity of the information stored in the databases.
  • Restrict users’ abilities (permissions) to install and run unwanted software applications.
  • Enable personal firewalls on workstations.
  • Implement strict External Device (USB drive) usage policy.
  • Employ data-at-rest and data-in-transit encryption.
  • Carry out vulnerability Assessment and Penetration Testing (VAPT) and information security audit of critical networks/systems, especially database servers from CERT-IN empaneled auditors. Repeat audits at regular intervals.
  • Individuals or organisations are not encouraged to pay the ransom, as this does not guarantee files will be released. Report such instances of fraud to CERT-In and Law Enforcement agencies

 

Reference by google.com

Using Google Migration Tool for Outlook Migration

Steps on how to setup Google Migration Tool for Outlook Migration

  1. Download and run the G Suite Migration for Microsoft Outlook® tool using the button on the top right of the page if it has not already been installed.
  2. Make sure to make Google chrome your default browser. Also make sure you take backup of your existing outlook pst file before starting any of the steps below for safety. Also make sure to close your ms outlook before starting migration
  3. Go to the Windows Start menu, type in “Google apps migration” and click the “Google Apps Migration for Microsoft Outlook” to open it
    gsuitemigration1
  4. Enter your Gsuite username and password when prompted
  5. Allow the migration tool to manage Google items by clicking “Allow” at the bottom of the page.
    gsuitemigration2
  6. You will see the “Authorization has been granted successfully. Please switch to your application.” notification.
  7. Select “From PST file(s)…” at the bottom of the pull down menu.
  8. Select your backup PST file
  9. Choose the default, “Migrate all data” and click “Next”
    gsuitemigration3
  10. Choose the default, “Migrate all data” and click “Next” (if you are migrating your emails first time, else you will choose migrate only new data)
  11. Use the defaults selected for the Calendar, Contacts, and Email messages and click “Migrate”.
    gsuitemigration4
  12. The process will display a progress screen with “Pause Migration” and “Cancel” buttons at the bottom similar to the one below. The buttons will change to “Start new migration” and “Close” once the migration is complete.
    Google Migration Tool for Outlook Migration

Brute force attack on Microsoft SQL

In recent events, we have been observing that hackers have started targeting Microsoft SQL (MSSQL) servers using its open TCP port. The database is configured with a weak password, despite administrators agreeing to the importance of it. The reasons could be ease of use to the operator, lack of security awareness or simply underestimating risk factors.

By default, Microsoft SQL runs on TCP ports 1433/1434 with ‘SA’ as an administrator user.

Microsoft SQL Brute Force Attack Flow:

  1. The attacker uses port scanning techniques to identify the open ports on target system
  2. Once the attacker found port 1433/1434 in open state, it starts brute forcing the SA login which is a default administrator account
  3. The attacker usually holds a dictionary with the most common passwords used by database administrators, thus making the attack faster and successful in most cases
  4. Once the attacker has access to the ‘SA’ user, he gets the complete access of the database. Attacker may further exploit the system if Microsoft SQL server has vulnerabilities allowing the attacker to gain complete access of the operating system

The Indication of Infection:

  1. Microsoft SQL ‘SA’ user password changed unknowingly
  2. Multiple failed attempts to access ‘SA’ user

How much damage this attack can cause:

  1. Hacker can get the administrative access of database which is an integral part of any organization further which may result in loss of data and/or data getting stolen

How you can safeguard your system from this attack:

  1. Set complex password for database user like ‘SA’ user
  2. Disable the default user ‘SA’ and create another user with same privileges
  3. Change default TCP port i.e. 1433 to random port so that attacker cannot guess it easily
  4. Disable the Microsoft SQL(MSSQL) service if not used.

Ensuring above actions are in place is the primary prevention to stay away from these type of attacks. We also recommend customising ‘Quick Heal Firewall’ which allows users to set the firewall rules to suit individual needs. If properly configured, Quick Heal Firewall can protect against these intrusion attacks by bottlenecking the network traffic to safeguard your network infrastructure.

Also, use Quick Heal Vulnerability Scanner to identify vulnerabilities and further patch/fix them to avoid getting exploited by such miscreants.

 

Reference by Quick heal ( http://blogs.quickheal.com/brute-force-attack-microsoft-sql/ )

Move Google Drive files and folders into Team Drives

Following the launch of Team Drives in March, it’s likely you and your users have existing content that needs to be moved from traditional Google Drive locations (e.g. My Drive) into these new shared spaces. As a G Suite admin, there are three ways you can do this:

1. Allow users to migrate files 
If you enable this setting in the Admin console (Apps > G Suite > Drive and Docs > Migration settings > User options > Allow users to migrate files to Team Drives), users in your domain will be able to move individual files into Team Drives, as long as they have Edit access to those files and the current file owners are members of the destination Team Drive.

Migration Settings

2. Migrate folders as a super admin
If you’re a super admin and have view access or higher to an existing My Drive folder, you can move that folder to a Team Drive yourself. Check out the Help Center for detailed instructions.

3. Delegate admin migration rights to individual users
If you’re a super admin, you can delegate the admin rights described in option 2 to any user in your domain. He or she will then be able to move My Drive folders into Team Drives. For a step-by-step guide to granting these admin migration rights, see the Help Center.

Migration Privilege

No matter which option you choose, there are a few important things to remember when moving files and folders into Team Drives:

  • Any file moved to a Team Drive will then be owned by the Team Drive—not an individual.
  • Moved files will remain in the user’s Shared with me and Recent locations, but they’ll be removed from all other Drive locations (e.g. My Drive).
  • A file’s permissions and sharing link will not change when it’s moved into a Team Drive. People who aren’t Team Drive members will still be able to access that file with their previously granted permissions.

For additional details and key considerations, please visit the Help Center.

Launch Details
Release track:
Launching to both Rapid release and Scheduled release

Editions:
Available to G Suite Business, Education, Nonprofit, and Enterprise editions only

Rollout pace:
Full rollout (1–3 days for feature visibility)

Impact:
Admins and end users

Action:
Admin action suggested/FYI

 

 Reference by Google.com

 

Quick Heal supports the Windows 10 Creators Update

A couple of years ago, Microsoft launched Windows 10 and it created quite a spur among PC users all around the world. Celebrating the anniversary of this launch, Microsoft released the Windows 10 Anniversary Update in August last year. In 2017, Microsoft is ready with the Windows 10 Creators Update. This post lists some of the highlights of the Creators Update and Quick Heal’s compatibility with the OS.

The Windows 10 Creators Update highlights

  • The concept of 3D in Windows. For example, the Paint application is now 3D
  • Microsoft Edge is now faster and safer with better browsing and entertainment
  • Additional security and privacy protection

You can learn more about the Creators Update here.

Which versions of Quick Heal will support the Windows 10 Creators Update?

Support via Builds
The latest Quick Heal Builds of v17.00 onwards, downloaded from Quick Heal website, support the Windows 10 Creators Update.

Support via Quick Heal update
Support for the Creators Update is being rolled out to existing users via the latest Quick Heal updates.

What must Quick Heal users do before getting the Creators Update?
Quick Heal users with Win10 RS1 or lower Operating System must take the latest Quick Heal updates and then proceed with the Creators Update. Failing to do so might cause Quick Heal or the system to behave abnormally.

How to apply the latest Quick Heal Update?

  • The update will be applied automatically if your Quick Heal’s Automatic Update is turned ON.
  • You can also apply the update manually. You can do this by following any one of the following methods:
    1. Click on the Update Now button on your Quick Heal dashboard
    2. Go to Help -> About, click on Update Now
    3. Right click on the Quick Heal icon in the system tray and click on Update Now
    4. Go to Start -> All Programs -> Quick Heal -> Click on Quick Update

How to know if the Quick Heal update has been successfully installed and is compatible with the Creators Update?
If your Quick Heal Virus Database Date falls after 1st Feb 2017, it means that the latest updates compatible with the Creators Update have been installed on your computer.

Note – Fresh installation of Quick Heal version 16.00 and below is not supported by the Creators Update.

 

 

 

Reference by Quick Heal

Setup Journaling , Backup, watchdog , routing in Gsuite

The following is a step to setup Journaling, backup, watchdog, routing in Gsuite

  1. Login to google admin console.
  2. Go to manage users
  3. There create email id for journaling
  4. Now go back to admin console page in search just type routing you will land to Apps > Gsuite > Settings For Gsuite> Advance settings or  From the Admin console dashboard, go to Appsand thenG Suiteand thenGmailand thenAdvanced settings.
  5. On the left, select the organization.
  6. Scroll to the Routing setting in the Routing section, hover over the setting and click Configure. If the setting is already configured, hover over the setting and click Edit or Add another.
  7. Enter a unique name that’ll help you identify the setting.
  8. Go to the next step to configure the setting.
  9. You can set up the routing policy for:Inbound (any incoming messages)
    Outbound (any outgoing messages)
    Internal sending (internal message sent to another user in your organization)
    Internal receiving (internal message received by another user in your organization)
    Note: This includes messages originating outside of Gmail that are SPF or DKIM authenticated by one of
    your domains.For example, select Inbound, Internal-receiving, or both, to set up split delivery, dual delivery, or a catch-all address (or all 3) and to route messages to additional recipients.

    Check the boxes next to the messages you want the policy to apply to.
    For split delivery or dual delivery, select Inbound, Internal-receiving, or both.
    To set up a catch-all address or to route messages to additional recipients, select Inbound, Internal-receiving, or both.

    Go to the next step to continue.

    After that you will see Also Deliver to: there you will have to mention your journalling email id.

    10.You will have to save it.

    11. You will see a message at bottom of the screen to save it. You will have to  save it again.

    12.At last you will see something like below

     

    Setup Journaling , Backup, watchdog , routing in Gsuite

  10. All your policy is created.