by Scott Muniz | Jan 31, 2022 | Security
This article was originally posted by the FTC. See the original article here.
It’s almost February and you know what that means…it’s getting close to National Consumer Protection Week (NCPW)! This year, NCPW is March 6-12, 2022, so now’s the time to jump into planning.
NCPW is the time of year when government agencies, consumer protection groups, and people like you work together to help remind your family, friends, and neighbors of their consumer rights and avoid frauds and scams. Want to join in? Here are some ideas:
- Help your family, friends and community avoid scams. Order free materials to share in English or Spanish. Order by February 7th to ensure delivery by NCPW.
- Plan a virtual consumer protection event. Find ideas at ftc.gov/ncpw for how to get involved.
- Share resources on COVID-19 scams. Share ways to avoid these scams, from COVID tests to vaccine scams. Check out ftc.gov/coronavirus/scams for free resources, including one-page handouts and graphics to share on social media.
- Visit ftc.gov/ncpw for even more resources.
We’ll be back next month to tell you more about the virtual events we have planned for NCPW. See you then.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Scott Muniz | Jan 31, 2022 | Security
This article was originally posted by the FTC. See the original article here.
Today we’re kicking off Identity Theft Awareness Week 2022. Identity thieves have been busier than ever during the pandemic, with scammers and identity thieves after people’s information to apply for credit, unemployment benefits, file taxes, buy things, or get medical services. But there are some things you can do to protect yourself, and this week, you’ll learn how.
Each day this week, we’ll cover topics from the steps you can take to protect your personal information, to what to know about credit freezes and fraud alerts. Follow along with these alerts to help keep your money and personal information safe from scammers.
But wait, there’s more! This week, tune into free webinars, podcasts, and other events to hear experts discussing how to spot, protect against, and recover from identity theft. There’s something for everyone — including some events that spotlight resources for active duty service members, veterans, and older adults.
Start by joining a Facebook Live discussion at 3 p.m. ET today: Impersonator Scams & Identity Theft. You’ll hear from experts from the FTC and AARP’s Fraud Watch Network about impersonators who pretend to be from the government or well-known businesses, how they try to steal your information, and how to spot and stop them.
For details on the week’s webinars, podcasts, and Facebook Live programs, as well as how to participate, visit Identity Theft Awareness Week 2022. Then join us on Friday, when we’ll wrap up with a Twitter chat discussing identity theft trends, advice on spotting and avoiding identity theft, and how to recover.
Learn more about identity theft at ftc.gov/idtheft. And, if identity theft happens to you or someone you know, visit IdentityTheft.gov to report it and get a personalized recovery plan.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Contributed | Jan 30, 2022 | Technology
This article is contributed. See the original author and article here.
Final Update: Sunday, 30 January 2022 15:00 UTC
We’ve confirmed that all systems are back to normal with no customer impact as of 01/30, 14:25 UTC. Our logs show the incident started on 01/30, 13:25 UTC and that during the 1 hour that it took to resolve the issue some of customers using Azure Log Analytics or Azure Sentinel might have experienced delayed or missed Log Search Alerts and issues accessing data in West US2 region.
- Root Cause: The failure was due one of our backend service was unhealthy.
- Incident Timeline: 1 Hour – 01/30, 13:25 UTC through 01/30, 14:25 UTC
We understand that customers rely on Azure Log Analytics or Azure Sentinel as a critical service and apologize for any impact this incident caused.
-Sai Kumar
by Contributed | Jan 28, 2022 | Technology
This article is contributed. See the original author and article here.
Hello friends,
Welcome to a new year and the first AKS on Azure Stack HCI update in 2022. The January update is now available!
As always, you can also evaluate AKS-HCI any time by registering here. If you do not have the hardware handy to evaluate AKS on Azure Stack HCI you can follow our guide for evaluating AKS-HCI inside an Azure VM: https://aka.ms/aks-hci-evalonazure.
Here are some of the changes you’ll see in the January update:
Kubernetes 1.22 support
We’re delighted to share that AKS-HCI now supports Kubernetes 1.22. Notable new features in Kubernetes 1.22 include Windows enhancements, a new PodSecurity admission feature, API server tracing feature, generic data populators, and more. Learn more
Please note that Kubernetes release 1.22 comes with a number of deprecated APIs. Please migrate to non-deprecated/stable APIs and test your workloads and environments before upgrading your production environments. To read more about the deprecation of old Kubernetes APIs, click here.
Support for AKS on Azure Stack HCI and Windows Server clusters with SDN enabled
With the latest AKS-HCI January release, we support running AKS on Azure Stack HCI and Windows Server clusters with Software Defined Networking (SDN) enabled by using the same external virtual switch. With this support, your AKS-HCI cluster and pods running on a traditional VLAN network will co-exist with SDN VMs running on a SDN logical network or a SDN virtual network.
Improved error messages and new PowerShell warnings for Restart-AksHci and Uninstall-AksHci
January includes updated warnings and a confirmation prompt for both Restart-AksHci and Uninstall-AksHci to prevent unexpected data/configuration loss.
Documentation for fixing certificates after a break
Many of us shut down our deployments (management and target clusters) for the holidays then came back to find our local deployments in an unmanageable state. Under the hood, this is because cluster certificates are rotated every 3-4 days for security reasons.
We have published a series of guides to help get going again after deferred use or maintenance. That includes a guide for:
- Repairing a cluster that has been shutoff for more than 4 days
- Repairing a cluster that hasn’t been used for more than 60 days
- How to recover if the certificate renewal pod enters a crash loop state (rare)
Documentation for getting applications up and running in Kubernetes
There are new docs this month to help get a scoped set of applications up and running in AKS on Azure Stack HCI. Check out our docs for:
While not a specific application – we also have a new doc on setting up an ingress controller, which is important for all web apps.
Once you have downloaded and installed the AKS on Azure Stack HCI January 2022 Update – you can report any issues you encounter and track future feature work on our GitHub Project at https://github.com/Azure/aks-hci. And, if you do not have the hardware handy to evaluate AKS on Azure Stack HCI you can follow our guide for evaluating AKS-HCI inside an Azure VM: https://aka.ms/aks-hci-evalonazure.
I look forward to hearing from you all!
Cheers,
Sarah
by Contributed | Jan 28, 2022 | Technology
This article is contributed. See the original author and article here.
We’ve all been eagerly waiting for it!
You’ll find the Power BI Roadmap here covering April – September 2022: https://powerbi.microsoft.com/en-us/roadmap/
by Scott Muniz | Jan 28, 2022 | Security, Technology
This article is contributed. See the original author and article here.
CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.
| CVE Number |
CVE Title |
Required Action Due Date |
| CVE-2022-22587 |
Apple IOMobileFrameBuffer Memory Corruption Vulnerability |
2/11/2022 |
| CVE-2021-20038 |
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability |
2/11/2022 |
| CVE-2014-7169 |
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability |
7/28/2022 |
| CVE-2014-6271 |
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability |
7/28/2022 |
| CVE-2020-0787 |
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability |
7/28/2022 |
| CVE-2014-1776 |
Microsoft Internet Explorer Use-After-Free Vulnerability |
7/28/2022 |
| CVE-2020-5722 |
Grandstream Networks UCM6200 Series SQL Injection Vulnerability |
7/28/2022 |
| CVE-2017-5689 |
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability |
7/28/2022 |
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the meet the specified criteria.
by Scott Muniz | Jan 28, 2022 | Security
This article was originally posted by the FTC. See the original article here.
Anyone who sells you contact lenses without first getting a copy of your prescription or properly verifying your prescription information with your prescriber is selling them illegally — and putting your eye health at risk. That’s because wearing contacts that haven’t been fitted to your eyes can cause corneal scratches, eye sores and irritation, and conjunctivitis (pink eye).
The FTC just filed a complaint against Vision Path, doing business as Hubble, alleging that the company failed to get or properly verify contact lens prescription information submitted by customers, sold lenses after prescription verification requests were denied, altered prescriptions from the prescribed brands to Hubble lenses, and failed to maintain required records.
The complaint also alleges that Hubble deceptively claimed it would ensure customers got lenses with valid and accurate prescriptions, as determined by their eye care provider; falsely claimed that certain consumer reviews were independent when they were not; and failed to disclose material connections between Hubble and some reviewers.
The next time you’re shopping for contact lenses, remember that under the Contact Lens Rule:
- Sellers must have a process for verifying prescriptions. This includes letting you submit a copy of your contact lens prescription. If you don’t submit your prescription, but instead give your prescription information, the seller must verify your prescription information with your prescriber.
- Sellers must not substitute another brand of contact lens for the one prescribed. If you want a different brand than the one written on your prescription, you’ll need your eye care provider’s approval. The only time you don’t need your provider’s approval to switch brands is if a manufacturer offers a brand name and a generic or store brand version of the same lens.
If you come across someone selling contact lenses without getting or properly verifying a prescription, take your business elsewhere and report it to the FTC at ReportFraud.ftc.gov.
For a more in-depth look at your prescription rights for contacts — and glasses — read Buying Prescription Glasses or Contact Lenses: Your Rights. Your eyes will thank you.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Scott Muniz | Jan 27, 2022 | Security, Technology
This article is contributed. See the original author and article here.
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or
https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
by Scott Muniz | Jan 27, 2022 | Security
This article was originally posted by the FTC. See the original article here.
In 2021, more than 95,000 people told the FTC that they’d been scammed with a con that started on social media. In fact, more than one in four people who reported to the FTC that they lost money to any scam said the transaction started with a post, an ad, or a message on a social media platform. And the losses amount to about $770 million.
Today’s
Data Spotlight gives us insights into how scammers use social media to con people. Reports point to rampant investment, romance, and online shopping scams on social. People reported losing the most money to investment scams (particularly those involving bogus cryptocurrency investments) and romance scams. More than a third of the people who lost money to romance scams said it started on Facebook or Instagram.
The largest number of reports came from people who lost money trying to buy something they saw marketed on social media. Most said they didn’t get the stuff they paid for, while some reported ads that impersonated a real online retailer. Reports of social media fraud increased for all age groups in 2021, but people 18 to 39 were more than twice as likely to report losing money than older adults.
Scammers trying to get your money are always looking for new ways to reach people. And they’ll use whatever they know about you to target their pitch. Here are some things to do to protect yourself, no matter which social media platform you use:
- Try to limit who can see your posts and information on social media. Of course, all platforms collect information about you from your activities on social media, but visit your privacy settings to set some restrictions.
- Check if you can opt out of targeted advertising. Some platforms let you do that.
- If you see urgent messages from a “friend” asking for money, stop. It could be a hacker behind that post pretending to be your friend.
- Check out a company before you buy. Read Shopping Online for advice.
- Don’t deal with a vendor that requires payment by cryptocurrency, gift card, or wire transfer. That’s sure to be a scam.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Contributed | Jan 27, 2022 | Technology
This article is contributed. See the original author and article here.
We’re energized to hear of customers already using Windows Server 2022 to power their apps, data, and infrastructure. We also understand that some customers need more time to modernize as support for older versions of Windows Server will eventually end. The purpose of this blog is to remind customers of the key dates and options for Windows Server 2008/R2 and 2012/R2 versions.
As outlined in this blog, there are several options to continue to run and protect Windows Server workloads. Customers can migrate to Azure to get free Extended Security Updates (ESUs) to protect their workloads while they are planning their upgrade to the latest version of Windows Server. They can also combine Extended Security Updates (ESUs) with Azure Hybrid Benefit to further increase savings on Azure. If customers need to remain on-premises for regulatory or compliance reasons, they can purchase Extended Security Updates (ESUs) for their on-premises servers, more about that below. For their on-premises servers, customers can use Azure Arc to take advantage of automated/scheduled ESU updates and installation as well as the security and governance capabilities in Azure.
Windows Server 2008/2008 R2 end of Year 2 of Extended Security Updates
For Windows Server 2008/2008 R2 customers, the end date for Year 2 of Extended Security Updates (ESUs) was January 11th, 2022. End of Support for the third year of ESUs will be January 10th, 2023 for Windows Server licenses.
Customers can get an additional fourth year of free ESUs only on Azure (including Azure Stack HCI, Azure Stack Hub, and other Azure products). With this, customers will have until January 9th, 2024 for Windows Server 2008/2008 R2 to upgrade to a supported release.
Windows Server 2012/2012 R2 End of Support
For Windows Server 2012/2012 R2 customers, the end of support date is October 10th, 2023. These Extended Security Updates will be available for purchase no later than October 2022, but available for installation after the EOS date, October 10, 2023. ESUs will continue for three years, renewable on an annual basis, until the final date on October 13th, 2026.
Purchasing Extended Security Updates
For customers that cannot meet the end of support deadline and have Software Assurance or subscription licenses under an enterprise agreement enrollment, and they cannot migrate their Windows Server to Azure, they will have the option to buy Extended Security Updates. For detailed instructions on how to purchase and activate Windows Server 2008/R2 Extended Security Updates, please see this blog post on Tech Community. More details about the purchase of Windows Server 2012/R2 Extended Security Updates will be published closer to the End of Support date.
Learn more about End of Support options
Recent Comments