Top 10 Things You Must Do to Avoid Getting Hacked

This link may be behind a paywall at medium.com, depending on how many “members only” articles you’ve read there (medium is a hosted blogging platform which seems to be growing in popularity). I thought there might be some useful information for some readers.

https://medium.com/@terence-kam/top-10-things-you-must-do-to-avoid-getting-hacked-ab76ccdbf842

The PDF Attachment Scam(s)

The PDF Attachment Scam(s)

Caution should be taken when receiving an unsolicited email that contains a PDF document. If the email looks at all suspicious be extra careful. The PDF may be infected with malware that steals login credentials and other data. If not infected, any links inside the PDF may take you to an illegitimate phishing site.

DO NOT OPEN THE PDF DOCUMENT OR CLICK ANY LINKS IN THE PDF

For more information on what to do if you receive a phishing email check out “What to Do if You Click on a Phishing Link?

Use PowerBI to access PowerBI Rest APIs

At the November 2021 Atlanta Microsoft BI User Group meeting (https://www.meetup.com/Atlanta-Microsoft-Business-Intelligence-Users) there was an update on the PowerBI Rest APIs. The scope of API support for PowerBI has grown exponentially, as illustrated by the documentation home page (https://docs.microsoft.com/en-us/rest/api/power-bi/). The documentation even includes support for interactive use of the APIs, avoiding the need to write code (PowerShell, .Net) or use a 3rd party app like Postman to test the API. In addition, the interactive application displays the url and http headers which are used to access the data, allowing them to be copied and pasted into PowerQuery to connect PowerBI to the Rest APIs to provide interactive, formatted views of the returned data.

The example used at the meeting was the Unused Artifacts API, which lists items in a selected Workspace by date of last use. The data returned by the interactive tool is JSON, as shown in the walkthrough below. By querying this same URL with PowerQuery, it’s possible to parse and format the JSON for ease of use.

To use the interactive feature, select the Admin group (where the Unused Artifact API lives), and scroll down to the API:

Click Admin to open the list of Admin APIs
Click “Groups GetUnusedArtifactsAsAdmin” to view API details
The Workspace (Group) ID needs to be retrieved from app.PowerBI.com

You can actually retrieve a list of Workspace IDs using the Admin – Groups GetGroupsAsAdmin Rest API, but it may be easier just to get it from the URL of the Workspace home page on PowerBI (it’s the GUID after the word “groups” in the URL (app.powerbi.com/groups/{WORKSPACE ID}/list, for example). Click the green Try it button to open the interactive application interface.

Paste the copied WorkspaceId into the text box. You can ignore the optional parameters.
The application will generate an HTTP request with an Authorization header. Copy the request to a text editor so you can use the URL and header in PowerQuery.
Click the green Run button to see the raw results of the query. As shown in the Body section, the results are in JSON – readable, but not easy to sort or filter if you have a lot of artifacts.

In PowerBI Desktop (or Excel PowerQuery), select Get Data->Web

In the Advanced view of the Web request, paste the URL from the copied Request Preview (the part AFTER the GET command) into the URL parts input box. In a more advanced scenario, you could retrieve all your workspaceIds with another API call, then feed them to this URL as a parameter, but in this case we’ll just use the URL as is. Under optional parameters, type Authorization as the header name (it’s not in the default list), then paste the entire Authorization string, including the word Bearer, from the Request Preview.

Click OK on the From Web dialog. PowerBI will ask how you want to authenticate to the web – we’ve already included the Authorization header, so Anonymous access is fine. Click Connect.

PowerBI will retrieve the JSON response and generate a pretty decent PowerQuery script as shown in this image (edited to remove proprietary data). The only change I made was to modify the Expanded unusedArtifactEntities1 step to NOT use the column name prefix, which meant I had to modify the Changed Type step as well, as shown below.
 #"Expanded unusedArtifactEntities1" = Table.ExpandRecordColumn(#"Expanded unusedArtifactEntities", "unusedArtifactEntities", {"artifactId", "displayName", "artifactType", "artifactSizeInMB", "createdDateTime", "lastAccessedDateTime"}, {"artifactId", "displayName", "artifactType", "artifactSizeInMB", "createdDateTime", "lastAccessedDateTime"}),
 #"Changed Type" = Table.TransformColumnTypes(#"Expanded unusedArtifactEntities1",{{"createdDateTime", type datetime}, {"lastAccessedDateTime", type datetime}})
The end result is a neatly formatted table of my 4 artifacts (all datasets), which can be sorted or filtered by date created, date accessed, and artifact size.

The March release of SQL Operations Studio is now available

This post is authored by Alan Yu, Program Manager, SQL Server and Karl Burtram, Senior Software Engineer, SQL Server. We are excited to announce the March release of SQL Operations Studio is now available. Download SQL Operations Studio and review the Release Notes to get started.

Source: The March release of SQL Operations Studio is now available