The city of Oakland, California issued a local state of emergency late Tuesday as a result of the ongoing impact following a ransomware attack that first hit city IT systems on Wednesday, February 8. According to an update, the city "continues to experience a network outage that has left several non-emergency systems including phone lines within the City of Oakland impacted or offline." READ MORE...
?A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses. Code signing certificates are digital signatures used to sign an application so that users, software, and operating systems can verify that the software has not been tampered with since the publisher signed it. READ MORE...
Citrix Systems has released security updates for vulnerabilities in its Virtual Apps and Desktops, and Workspace Apps products. The addressed security problems are categorized as high-severity and could enable attackers with local access to the target to elevate their privileges and take control of the affected system. Citrix products are widely used by organizations worldwide, so it's critical to apply the available security updates. READ MORE...
Apple has released information about the new security content of macOS Ventura 13.2.1 and of iOS 16.3.1 and iPadOS 16.3.1. Most prominent is a vulnerability in WebKit that may have been actively exploited. In December, 2022, we warned our readers about another actively exploited vulnerability in Apple's WebKit. The currently patched vulnerability was a type confusion issue that Apple says has been addressed with improved checks. READ MORE...
Cisco on Wednesday announced updates for endpoint, cloud, and web security products to address a critical vulnerability in third-party scanning library ClamAV. An open-source cross-platform antimalware toolkit, ClamAV can detect trojans, viruses, and other types of malware. On February 15, ClamAV's maintainers announced critical patches that address two vulnerabilities in the library, the most severe of which could lead to remote code execution. READ MORE...
A week after the US Cybersecurity and Infrastructure Security Agency (CISA) and FBI released a recovery script to help victims of the widespread ESXiArgs ransomware attacks recover infected systems, an updated variant of the malware aimed at vulnerable VMware ESXi virtual machines can't be remediated with the government agencies' code, according to Malwarebytes. READ MORE...
Quantum computing has entered a bit of an awkward period. There have been clear demonstrations that we can successfully run quantum algorithms, but the qubit counts and error rates of existing hardware mean that we can't solve any commercially useful problems at the moment. So, while many companies are interested in quantum computing and have developed software for existing hardware (and have paid for access to that hardware), the efforts have been focused on preparation. READ MORE...