Intel and AMD have announced fixes for many vulnerabilities on this Patch Tuesday, including for flaws that have been assigned a ‘high severity’ rating.
Intel
Intel, AMD Address Many Vulnerabilities With Patch Tuesday Advisories
Microsoft Scrambles to Thwart New Zero-Day Attacks
The zero-day attacks against Microsoft’s software products are showing no signs of slowing down.
Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge
The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks.
Binary Defense Raises $36 Million for MDR Platform
Managed detection and response provider Binary Defense this week announced it has raised $36 million in its first funding round, which was led by Invictus Growth Partners. Previously, Binary Defense was bootstrapped.
Founded in 2014, the Stow, Ohio-based firm helps organizations monitor, detect, and respond to cyberattacks in real time.
Apple Paid Out $20 Million via Bug Bounty Program
Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.
Windows Event Log Vulnerabilities Could Be Exploited to Blind Security Products
Remote attackers could exploit two Event Log vulnerabilities in Windows to crash the Event Log application and cause a denial-of-service (DoS) condition, Varonis warns.
Event Log is an Internet Explorer-specific application that exists in all Windows iterations, due to the deep integration of the browser with the operating system.
Apple Patches Over 100 Vulnerabilities With Release of macOS Ventura 13
Apple on Monday announced the official launch of macOS Ventura 13, the 19th major release of its desktop operating system. In addition to several new features, macOS Ventura 13 brings patches for more than 100 vulnerabilities.
CISA Warns of Attacks Exploiting Cisco, Gigabyte Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two Cisco and four Gigabyte product flaws to its Known Exploited Vulnerabilities catalog. Only one of the Gigabyte vulnerabilities was previously mentioned as being involved in attacks.
Apple Fixes Exploited Zero-Day With iOS 16.1 Patch
Apple on Monday shipped a major iOS update with fixes at least 20 documented security defects, including a kernel flaw that’s already being actively exploited in the wild.
New PowerShell Backdoor Poses as Part of Windows Update Process
Cybersecurity firm SafeBreach has issued a warning about a new PowerShell backdoor that disguises itself as part of the Windows update process to remain fully undetected.
