Security

Many web sites and mobile devices are at risk of electronic attack thanks to a newly discovered security vulnerability that dates back to the 1990s. Dubbed FREAK, this vulnerability was inadvertently caused by the lifting of strong encryption requirements for products exported from the United States over two decades ago. FREAK—for “Factoring Attack on RSA-EXPORT…

The embarrassment isn’t over for Lenovo: the web site for the world’s biggest PC maker was taken offline by a malicious hacker group as retribution for the bundling of the Superfish malware on its PCs. The site was down for much of Wednesday but appears to be operational again as of this writing. “We regret…

Gemalto this week admitted that it had indeed been hacked. But the world’s biggest maker of SIM cards says its encryption keys were never stolen or compromised.

Last week was a moment of reckoning for the world’s biggest PC maker as Lenovo was thrust awkwardly into the spotlight for preinstalling malware on its consumer PCs. Lenovo belatedly did the right thing, but not before it tried to defend the indefensible and argue that the Superfish malware it was bundling on PCs was…

Poorly imitated but never duplicated, this week’s other news includes Lenovo’s about-face on Superfish, an NSA and GCHQ hack of SIM cards, AT&T jump the shark moment, a confirmation that, yes, North Korea did hack Sony, Microsoft reneges on promise of Finland data center, and Microsoft partners with Mozilla on web games. “Microsoft Has Suddenly…

Jeff James explains the who, what, why, and how of Lenovo Superfish adware, including how to detect and remove the software from your Lenovo PC.

Crapware and bloatware has been making PC user experiences horrible for decades. Jeff Hicks explains why the Superfish fiasco carries some lessons for PC makers and IT pros as well.

Lenovo, the world’s biggest maker of PCs, has been installing adware on its PCs in order to deliver custom ads. Lenovo says the software is not malicious, but the software could easily be used to spy on users and hack PCs. So the PC maker has stopped shipping it on new PCs and has asked…

President Obama this past week signed an executive order calling on the private sector and government to formally share cybersecurity threat information. Noting that frictionless information sharing was key to this effort, president Obama said that US companies and the government should work hand-in-hand to help thwart cyber-attacks. “Government cannot do this alone,” the president…

Security researchers at Kaspersky Lab in Russia report that they have discovered how American intelligence agencies have subverted computer hardware, software and networks in an effort to spy on other countries. The surveillance and sabotage technologies have been discovered in systems in China, Iran, Pakistan, Russia, and elsewhere. Kaspersky has a policy of not naming…