Collaborate Disseminate
On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploi… Continue reading Microsoft fixes exploited zero-day (CVE-2024-49138)
Here’s a look at the most interesting products from the past week, featuring releases from Datadog, Fortinet, Radiant Logic, Sweet Security, Tenable, and Veza. FortiAppSec Cloud simplifies web application security management With FortiAppSec Cloud, cus… Continue reading New infosec products of the week: December 6, 2024
Tenable released Tenable Patch Management, an autonomous patch solution built to close vulnerability exposures in a unified solution. A strategic partnership and integration with Adaptiva provides the foundation of the solution. Vulnerability remediati… Continue reading Tenable Patch Management prevents problematic updates
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-… Continue reading PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. Continue reading Microsoft Patch Tuesday, November 2024 Edition
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (… Continue reading Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
There are a great many vulnerability management tools available. But which is best? Here are our top picks for a variety of use cases. Continue reading Top Vulnerability Management Tools: Reviews & Comparisons 2024
Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access. Continue reading How AI Is Changing the Cloud Security and Risk Equation
Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 “Sequoia” update that broke many cybersecurity tools. Continue reading Patch Tuesday, October 2024 Edition
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution fl… Continue reading Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)