October 2023
Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)
On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). …
SailPoint Atlas helps enterprises manage and secure their identities
SailPoint unveiled the SailPoint Atlas platform. SailPoint Atlas is the next-generation multi-tenant SaaS platform that delivers the critical elements needed to build, …
Vanta AI reduces the manual, repetitive tasks hampering security teams
Vanta launched Vanta AI, a new suite of tools leveraging the latest in AI and LLMs to accelerate compliance, efficiently assess vendor risk and automate security questionnaire …
Riskonnect and Control Risks strengthen business resilience for companies
Riskonnect announces a new partnership with Control Risks, a global specialist risk consultancy. Control Risks is joining Riskonnect’s PartnerKonnect program to help clients …
SpyHunter Web Security blocks dangerous sites and web-based threats
EnigmaSoft Limited has released SpyHunter Web Security – a browser extension that helps users block dangerous sites and web-based threats. SpyHunter Web Security offers …
N-able and SentinelOne help MSPs boost endpoint security services
N-able is deepening its ties with SentinelOne by announcing new and enhanced joint endpoint security solutions that will help MSPs capitalize on opportunities to grow their …
Verato and CLEAR join forces to accelerate the adoption of digital identity in healthcare
Verato announced a partnership with CLEAR to accelerate the adoption of digital identity in healthcare. By joining forces, Verato’s proven, purpose-built-for-healthcare hMDM …
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …
Pulumi ESC gives organizations a central way to define and scale cloud applications
Pulumi announced Pulumi ESC, a new solution to manage environments, secrets, and configurations for cloud infrastructure and applications. Pulumi ESC enables developers to …
Fortanix adds data sovereignty to enhance DSM for global data security and privacy compliance
Fortanix has unveiled new capabilities for Fortanix Data Security Manager (DSM) to help public and private organizations address growing data sovereignty requirements …
GNOME users at risk of RCE attack (CVE-2023-43641)
If you’re running GNOME on you Linux system(s), you are probably open to remote code execution attacks via a booby-trapped file, thanks to a memory corruption …
Be prepared to patch high-severity vulnerability in curl and libcurl
UPDATE (October 11, 2023, 07:15 a.m. ET): Curl v8.4.0 is out and fixes both CVE-2023-38545, a SOCKS5 heap buffer overflow vulnerability and CVE-2023-38546, a cookie injection …