The OpenSSL vulnerability disclosures (and fixes) are, thankfully, not nearly as bad as all the speculation would have led us to believe. Vendors and operators should update their dependencies on OpenSSL to 3.0.7 when it’s practical to do so, respecting normal change control procedures and taking into account the specific risk profile for those organizations. For most people, this is not actually the emergency situation we were all expecting.
Specifically, implementations that are configured for mutual authentication, where both the client and the server are providing OpenSSL-provided certificates for authentication, should definitely be fast-tracking this update. But, this is an unusual use case, so if you don’t know if you are supporting that or not, you’re probably not. For most installations, it’s okay to take your time with this one.
Amelia launches Digital Employee Builder to democratise conversational AI
Despite a fall in sales in August, eCommerce is here to stay
Fax machines – a chance for organisations to rethink document management
iDTRONIC announce a new product from the proven BLUEBOX series: The BLUEBOX MICRO IA UHF.
Command Alkon Chosen by Clients for SupplyChainBrain Great Partner Award
SAP sustainability research: UK businesses motivated to be sustainable, but clouded by lack of data