This article is contributed. See the original author and article here.
Hello friends,
Welcome to a new year and the first AKS on Azure Stack HCI update in 2022. The January update is now available!
As always, you can also evaluate AKS-HCI any time by registering here. If you do not have the hardware handy to evaluate AKS on Azure Stack HCI you can follow our guide for evaluating AKS-HCI inside an Azure VM: https://aka.ms/aks-hci-evalonazure.
Here are some of the changes you’ll see in the January update:
Kubernetes 1.22 support
We’re delighted to share that AKS-HCI now supports Kubernetes 1.22. Notable new features in Kubernetes 1.22 include Windows enhancements, a new PodSecurity admission feature, API server tracing feature, generic data populators, and more. Learn more
Please note that Kubernetes release 1.22 comes with a number of deprecated APIs. Please migrate to non-deprecated/stable APIs and test your workloads and environments before upgrading your production environments. To read more about the deprecation of old Kubernetes APIs, click here.
Support for AKS on Azure Stack HCI and Windows Server clusters with SDN enabled
With the latest AKS-HCI January release, we support running AKS on Azure Stack HCI and Windows Server clusters with Software Defined Networking (SDN) enabled by using the same external virtual switch. With this support, your AKS-HCI cluster and pods running on a traditional VLAN network will co-exist with SDN VMs running on a SDN logical network or a SDN virtual network.
Improved error messages and new PowerShell warnings for Restart-AksHci and Uninstall-AksHci
January includes updated warnings and a confirmation prompt for both Restart-AksHci and Uninstall-AksHci to prevent unexpected data/configuration loss.
Documentation for fixing certificates after a break
Many of us shut down our deployments (management and target clusters) for the holidays then came back to find our local deployments in an unmanageable state. Under the hood, this is because cluster certificates are rotated every 3-4 days for security reasons.
We have published a series of guides to help get going again after deferred use or maintenance. That includes a guide for:
While not a specific application – we also have a new doc on setting up an ingress controller, which is important for all web apps.
Once you have downloaded and installed the AKS on Azure Stack HCI January 2022 Update – you can report any issues you encounter and track future feature work on our GitHub Project at https://github.com/Azure/aks-hci. And, if you do not have the hardware handy to evaluate AKS on Azure Stack HCI you can follow our guide for evaluating AKS-HCI inside an Azure VM: https://aka.ms/aks-hci-evalonazure.
This article is contributed. See the original author and article here.
CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.
CVE Number
CVE Title
Required Action Due Date
CVE-2022-22587
Apple IOMobileFrameBuffer Memory Corruption Vulnerability
2/11/2022
CVE-2021-20038
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability
2/11/2022
CVE-2014-7169
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
7/28/2022
CVE-2014-6271
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
7/28/2022
CVE-2020-0787
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
7/28/2022
CVE-2014-1776
Microsoft Internet Explorer Use-After-Free Vulnerability
7/28/2022
CVE-2020-5722
Grandstream Networks UCM6200 Series SQL Injection Vulnerability
7/28/2022
CVE-2017-5689
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.
This article was originally posted by the FTC. See the original article here.
Anyone who sells you contact lenses without first getting a copy of your prescription or properly verifying your prescription information with your prescriber is selling them illegally — and putting your eye health at risk. That’s because wearing contacts that haven’t been fitted to your eyes can cause corneal scratches, eye sores and irritation, and conjunctivitis (pink eye).
The FTC just filed a complaint against Vision Path, doing business as Hubble, alleging that the company failed to get or properly verify contact lens prescription information submitted by customers, sold lenses after prescription verification requests were denied, altered prescriptions from the prescribed brands to Hubble lenses, and failed to maintain required records.
The complaint also alleges that Hubble deceptively claimed it would ensure customers got lenses with valid and accurate prescriptions, as determined by their eye care provider; falsely claimed that certain consumer reviews were independent when they were not; and failed to disclose material connections between Hubble and some reviewers.
The next time you’re shopping for contact lenses, remember that under the Contact Lens Rule:
Sellers must have a process for verifying prescriptions. This includes letting you submit a copy of your contact lens prescription. If you don’t submit your prescription, but instead give your prescription information, the seller must verify your prescription information with your prescriber.
Sellers must not substitute another brand of contact lens for the one prescribed. If you want a different brand than the one written on your prescription, you’ll need your eye care provider’s approval. The only time you don’t need your provider’s approval to switch brands is if a manufacturer offers a brand name and a generic or store brand version of the same lens.
If you come across someone selling contact lenses without getting or properly verifying a prescription, take your business elsewhere and report it to the FTC at ReportFraud.ftc.gov.
This article was originally posted by the FTC. See the original article here.
In 2021, more than 95,000 people told the FTC that they’d been scammed with a con that started on social media. In fact, more than one in four people who reported to the FTC that they lost money to any scam said the transaction started with a post, an ad, or a message on a social media platform. And the losses amount to about $770 million.
Today’s Data Spotlight gives us insights into how scammers use social media to con people. Reports point to rampant investment, romance, and online shopping scams on social. People reported losing the most money to investment scams (particularly those involving bogus cryptocurrency investments) and romance scams. More than a third of the people who lost money to romance scams said it started on Facebook or Instagram.
The largest number of reports came from people who lost money trying to buy something they saw marketed on social media. Most said they didn’t get the stuff they paid for, while some reported ads that impersonated a real online retailer. Reports of social media fraud increased for all age groups in 2021, but people 18 to 39 were more than twice as likely to report losing money than older adults.
Scammers trying to get your money are always looking for new ways to reach people. And they’ll use whatever they know about you to target their pitch. Here are some things to do to protect yourself, no matter which social media platform you use:
Try to limit who can see your posts and information on social media. Of course, all platforms collect information about you from your activities on social media, but visit your privacy settings to set some restrictions.
Check if you can opt out of targeted advertising. Some platforms let you do that.
If you see urgent messages from a “friend” asking for money, stop. It could be a hacker behind that post pretending to be your friend.
Check out a company before you buy. Read Shopping Online for advice.
Don’t deal with a vendor that requires payment by cryptocurrency, gift card, or wire transfer. That’s sure to be a scam.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
This article is contributed. See the original author and article here.
We’re energized to hear of customers already using Windows Server 2022 to power their apps, data, and infrastructure. We also understand that some customers need more time to modernize as support for older versions of Windows Server will eventually end. The purpose of this blog is to remind customers of the key dates and options for Windows Server 2008/R2 and 2012/R2 versions.
As outlined in this blog, there are several options to continue to run and protect Windows Server workloads. Customers can migrate to Azure to get free Extended Security Updates (ESUs) to protect their workloads while they are planning their upgrade to the latest version of Windows Server. They can also combine Extended Security Updates (ESUs) with Azure Hybrid Benefit to further increase savings on Azure. If customers need to remain on-premises for regulatory or compliance reasons, they can purchase Extended Security Updates (ESUs) for their on-premises servers, more about that below. For their on-premises servers, customers can use Azure Arc to take advantage of automated/scheduled ESU updates and installation as well as the security and governance capabilities in Azure.
Windows Server 2008/2008 R2 end of Year 2 of Extended Security Updates
For Windows Server 2008/2008 R2 customers, the end date for Year 2 of Extended Security Updates (ESUs) was January 11th, 2022. End of Support for the third year of ESUs will be January 10th, 2023 for Windows Server licenses.
Customers can get an additional fourth year of free ESUs only on Azure (including Azure Stack HCI, Azure Stack Hub, and other Azure products). With this, customers will have until January 9th, 2024 for Windows Server 2008/2008 R2 to upgrade to a supported release.
Windows Server 2012/2012 R2 End of Support
For Windows Server 2012/2012 R2 customers, the end of support date is October 10th, 2023. These Extended Security Updates will be available for purchase no later than October 2022, but available for installation after the EOS date, October 10, 2023. ESUs will continue for three years, renewable on an annual basis, until the final date on October 13th, 2026.
Purchasing Extended Security Updates
For customers that cannot meet the end of support deadline and have Software Assurance or subscription licenses under an enterprise agreement enrollment, and they cannot migrate their Windows Server to Azure, they will have the option to buy Extended Security Updates. For detailed instructions on how to purchase and activate Windows Server 2008/R2 Extended Security Updates, please see this blog post on Tech Community. More details about the purchase of Windows Server 2012/R2 Extended Security Updates will be published closer to the End of Support date.
This article is contributed. See the original author and article here.
An accurate view of your inventory is key to many decisions that you make as a company, but it is more and more challenging to get timely, correct data drawn from storage locations, sales channels, and a variety of source data systems. Visibility into your inventory is the basis for replenishment decisions, your fulfillment strategy, and even the financial status of the company, yet nearly every activity related to your supply chain can affect inventory at some point.
One of the goals of inventory management is to maintain a flexible stock level and good turnover ratio, but disruptive situations in the supply chain, coupled with delayed or inaccurate data, make forecasting a nightmare.
Perhaps this is why supply chain professionals overwhelmingly plan to invest in agility and resiliency for their supply chains. A 2021 Gartner study about “responding to a disrupted world” found that 89% want to make their supply chains more agile and 87% want more resiliency.
To address these concerns, Microsoft now offers the Inventory Visibility Add-in as part of Microsoft Dynamics 365 Supply Chain Management.
Solution to inventory pain points
The Inventory Visibility Add-in can help you transform your supply chain by tackling your inventory pain points. Inventory Visibility is a highly scalable microservice that can be enabled as an add-in to Dynamics 365 Supply Chain Management and integrate with data sources from Microsoft or third-party logistics providers (3PL). It enables real-time global inventory visibility without the need to do a full-fledged enterprise resource planning (ERP) implementation.
High-volume retailers and manufacturers can easily handle millions of transactions per minute and accurately determine cross-channel inventory.
Inventory currency enables a faster response
For most businesses, it is essential to make decisions based on current, accurate data. Tracking inventory is especially important. Changes in inventory might suggest an understock or overstock situation that demands a fast reaction. Inventory Visibility lets you explore the immediate physical status of inventory, including a status of in-transit, on hand, ordered, or a custom status. This allows the organization to adjust production or sales plans in time.
The following shows an Inventory Visibility dashboard with on-hand inventory as well as the supply, demand, and reserved inventory statuses.
Scaling to support resiliency
One way to increase resiliency in your supply chain is to adopt multiple sales channels and storage locations. The combination of online, call center, and in-store sales channels helps companies maximize sales opportunities. Setting up more storage locations, including ones closer to local markets, can better support shipping and fulfillment, especially when disruptions occur.
But companies also find that those new sales channels and expanded storage locations can have different systems, making it difficult to consolidate data for real-time information about stock level and supply and demand. Having that information is crucial to support business operations. Inventory Visibility was designed for this scenario; it is capable of handling millions of transactions across different channels and geographies in seconds.
Another strategy that supply chain executives pursue to gain resiliency is to diversify their vendor sourcing. We have heard from more customers who would like to have a view into their vendors’ inventory. This can support the sell-through or direct sales scenarios or provide better insight about potentially accessible inventory. Such companies want to integrate with the inventory systems of their vendors, and this use case is also supported by Inventory Visibility.
One of our customers, a beverage giant, uses Inventory Visibility to calculate in real time the consumption of the bill of materials (BOM) for every unit of their beverage sold in every store. This supports better planning and accurate cost calculations. Previously, the customer used a time-consuming, manual process to consolidate data from several thousand stores and across regions. Now, all inventory changes can be reflected in less than a minute, with a batch job that pushes data to Inventory Visibility every minute. We are also helping this customer to establish a direct connection between their point-of-sales (POS) systems and Inventory Visibility, which will provide a data sync within seconds.
Next steps
If your organization is on the journey to transition from siloed systems to a unified and transparent inventory platform, consider taking the next step with Inventory Visibility.
Existing Dynamics 365 Supply Chain Management customers can enable Inventory Visibility as a free add-in by simply following the installation instructions. Reach out to the Inventory Visibility product team by email for any installation issues.
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
In 2021, more than 95,000 people told the FTC that they’d been scammed with a con that started on social media. In fact, more than one in four people who reported to the FTC that they lost money to any scam said the transaction started with a post, an ad, or a message on a social media platform. And the losses amount to about $770 million.
Recent Comments