Learn About Cyber Security, Why it’s important, and how to get started building a cyber security program.
Microsoft blocks Windows 10 updates for some AVG, Avast antivirus users, provides workaround
Microsoft started rolling out the latest version of Windows 10 to eligible devices a couple of weeks ago. Called the Windows 10 November 2019 Update (or version 1909), the latest feature update brings a few new features to Microsoft’s popular PC operating system. Unfortunately, not all users are able to update to it. More specifically, users of AVG and Avast antivirus products are reportedly seeing an error that’s preventing them from updating Windows to version 1909. Microsoft has since addressed the update issue in a support document on its website.
According to an investigation by Microsoft and Avast, any software product by AVG or Avast that’s of the antivirus version 19.5.4444.567 or earlier, poses compatibility issues with the latest versions of Windows 10, i.e., versions 1903 and 1909. For this reason, the Redmond-based software giant has “applied a hold on devices with affected Avast and AVG Antivirus from being offered or installing Windows 10, version 1903 or Windows 10, version 1909, until the application is updated.”
Digital Gurukul awarded Asia’s Best Digital Marketing Institute from Indore partnered with German based company – Certif-ID to issue blockchain-powered certificates to its students a feat that has yet to be achieved by any other Digital institutes in India, and among the very few to have taken this disruptive step globally.
The rollout of the diplomas on Blockchain will allow the students of Digital Gurukul and their prospective employers to access the diploma from any geographical location, without any need to send or present physical certificates. All students graduating from Digital Gurukul will now be able to share the credential of their diplomas with future employers and higher education institutions around the world without any hassle.
What is IPv6?
IPv6 is the latest version of the main communications method that identifies and locates computers and other devices on the internet. It provides more efficient packet handling, improving performance and security. Yet despite this, the rest of the internet is taking its sweet time to transition from IPv4. Here’s what’s at stake.
Information Technology Security also known as, IT Security is the process of implementing measures and systems designed to securely protect and safeguard information (business and personal data, voice conversations, still images, motion pictures, multimedia presentations, including those not yet conceived) utilizing various forms of technology developed to create, store, use and exchange such information against any unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby preserving the value, confidentiality, integrity, availability, intended use and its ability to perform their permitted critical functions.
Why your providers should support IPv6
IPv6 can help provide better performance than IPv4 for customers, employees and third parties trying to access your hosted applications.
As enterprises rely more on cloud, colocation and hosting providers, they should check whether their services support IPv6, which can provide better experiences for their customers, partners, suppliers, vendors and employees.
Here is a look at how three top infrastructure-as-a-service (IaaS) providers – Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) – stack up for IPv6. There are other IPv6-capable public cloud service providers, but we mention these three to show that there is a broad spectrum of IPv6 capabilities even among the behemoth public clouds.
That’s followed by why enterprises should pay attention to these capabilities when choosing providers.
Microsoft is working to offer more IPv6 services. Azure virtual machines can utilize IPv6, the basic and standard IPv6 Public Load Balancer works with IPv6 health checks (probes), and Azure Front Door Services are IPv6-capable.
Azure offers a public preview of IPv6-enabled VNets virtual networking infrastructure. It offers IPv6 Network Security Group policies, flow logs, packet capture, and IPv6 user-defined routes. Azure DNS supports AAAA records. The Azure portal can be used to configure for IPv6 settings, and PowerShell and Azure command line interface both have IPv6 capabilities.
Google Cloud Platform
Google lags behind the others with the only Google Cloud Platform service that is IPv6-capable being a public-facing load balancer.
What is a supply chain attack? Why you should be wary of third-party providers
The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.
A supply chain attack, also called a value-chain or third-party attack, occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data. This has dramatically changes the attack surface of the typical enterprise in the past few years, with more suppliers and service providers touching sensitive data than ever before.
The risks associated with a supply chain attack have never been higher, due to new types of attacks, growing public awareness of the threats, and increased oversight from regulators. Meanwhile, attackers have more resources and tools at their disposal than ever before, creating a perfect storm.
Supply chain attack examples
There’s no end to major cyber breaches that were caused by suppliers. The 2014 Target breach was caused by lax security at an HVAC vendor. This year, Equifax blamed its giant breach to a flaw in outside software it was using. It then blamed a malicious download link on its website to yet another vendor.
How to manage third-party risk:
Proper oversight of third-party cyber security risk pays dividends beyond just the compliance benefits. it actually reduces the likelihood of a breach, according to the Ponemon report. “You can reduce the incident of a breach by 20 percentage points,” says Dov Goldman, VP for innovation and alliances at Opus Global, Inc., the company that sponsored the study.
Specifically, if a company evaluates the security and privacy policies of all its suppliers, the likelihood of a breach falls from 66 percent to 46 percent. That does include all suppliers, Goldman added.
Amazon Web Services
AWS has numerous IPv6 capabilities in its public cloud IaaS service offerings. It offers IPv4/IPv6 web-tier application load balancer and CloudFront distributions with an IPv6-capable web-application firewall.
AWS automatically IPv6-enables Simple Storage Service object-storage services. AWS Virtual Private Cloud virtual (VPC) networks are IPv6-capable and the Elastic Compute Cloud instances in those virtual networks can use DHCPv6 to obtain their IPv6 address. IPv6 works for VPC routing, network access control lists, security groups, and VPC flow logs. AWS allows IPv6 external connectivity to VPCs with Direct Connect and Transit Gateway. AWS uses IPv6 on its public DNS service Route 53, AWS WorkSpaces, API Gateway, and its IoT services.
Why choose IPv6-capable providers?
Enterprises should IPv6-enable their hosted applications in order to provide the best performance to network users accessing the network on IPv6 devices, and the best way to find out whether providers support IPv6 is to ask. There are many reasons providers might have that capability but don’t advertise it or they might not turn it on by default. Or it may be turned on, and you just didn’t realize it.
For example, a hosted application could already have a globally reachable IPv6 address, but you didn’t recognize that the long hexadecimal number you see is an IPv6 address, which looks very different from an IPv4 address. In such a case, to take advantage the capability, you simply need to enter the IPv6 address into the DNS, creating an AAAA resource record for the fully qualified domain name, and that will allow clients to initiate connections to your Web application over IPv6.
It is also feasible that your colocation or hosting provider is already IPv6 capable but forgot to tell you or may have IPv6 capability, but you need to ask for it to be turned on.
Knowing whether a provider can turn on IPv6 support is important because when an enterprise decides it needs to enable that support, the transition becomes that much easier.
It would be disappointing to discover that a service provider has not yet implemented IPv6 at all. That would be a huge red warning flag that the service provider is not innovative when it comes to network technology. If the provider isn’t offering IPv6 services at this stage, it calls into question its prioritization of innovation and whether it is falling behind the competition in other areas.
This situation really puts the enterprise into a bind if they may need IPv6 capabilities sooner rather than later because the enterprise’s ability to enable IPv6 is based on the IPv6 deployment schedule of the provider.
Each enterprise is different and has a different motivation for enabling IPv6 on their public-facing applications and services. IPv6 deployment is an inevitable technology as there is no other alternative to the IPv4 address exhaustion problem. Given that IPv6 is an eventuality for enterprises, they should start to plan for the deployment and assess the constraints to their deployment schedules.
Enterprises should ask providers what services they offer with IPv6 to determine where they stand and what options they have. Maybe companies don’t need IPv6 internet reachability immediately, but they still need to know what the vendors’ IPv6 roadmaps look like. Only then can enterprises start to plan for the implementation of IPv6.