Blog Archives

Why Lenovo’s Superfish blunder is so bad…

Not only did they squander good will, they also opened a serious security hole.

Steal All The SIMs

The Great SIM Heist is the story of how (supposedly) the US and UK govts stole the encryption keys protecting cellular traffic.

Dissecting Superfish

Some Lenovo devices came with preinstalled SSL intercepting “adware” known as Superfish.

Lenovo users, beware of preinstalled Superfish

Some Lenovo devices came with “adware” preinstalled.  Superfish, which reportedly searches for cheaper prices, had its own SSL certs installed that would combine with software and allow it to intercept https connections (secure browsing.)  Lenovo has stopped shipping the software and issued patches to remove it.

The Equation Group, The most advanced malware campaign.

A scary read.

Jeb Bush posts senstitive info online

In an effort to increase transparency, the FLA governor released emails containing personal data.

Security researcher releases 10million username/passwords

He thinks it will do more good than harm.

New Linux malware, “Xnote”

With a variety of functions but no clearly indicated infection vector.

OS X 10.10.3 brings Google 2-factor authentication

You’ll be able to use 2-factor auth to check your gmail via the Mail app.

Anthem Breach brings Phishing

The bad guys are sending out bogus emails (phishing) about “your Anthem account information”.