Time to FREAK out? How to tell if you're vulnerable
Nervous about the FREAK flaw? Freakin' out?
Nervous about the FREAK flaw? Freakin' out?
Three days after Chinese computer maker Lenovo promised to flush "crapware" from its consumer PCs, Connecticut's state attorney general announced a probe into the company's practice of bundling adware.
Lenovo today said that it would immediately begin reducing the amount of "crapware" on its consumer PCs, a move triggered by last week's admission that adware pre-loaded onto the Chinese company's machines posed a critical security threat.
Lenovo's "brand buzz" rating fell by half since news broke last week that it had pre-loaded hacker-vulnerable adware onto consumer PCs, a brand quality measurement firm said today.
Lenovo and adware maker, Superfish, has come under more legal fire yesterday as two new lawsuits were filed in California federal courts taking the firms to task for putting consumers at risk of hacker spying and information theft.
Lenovo has released a promised tool to delete the Superfish Visual Discovery adware from its consumer PCs.
Microsoft today updated its free Windows Defender and Security Essentials antivirus programs with a signature that sniffs out and deletes the rogue certificate linked to Superfish Visual Discovery, the "crapware" that blew up in Lenovo's face this week.
Well, the crapware certainly hit the fan.
The Equation cyberespionage group that used tools similar to those deployed in the past by U.S. intelligence agencies appears to have targeted Macs as well as Windows PCs, Moscow-based Kaspersky Lab said yesterday.
Google today relaxed its strict 90-day vulnerability disclosure that put it at odds with rival Microsoft last month, saying it would give vendors a 14-day grace period if they promised to fix a flaw within the two-week stretch.
Hewlett-Packard's Zero Day Initiative (ZDI) today outlined the rules for its annual hacking contest, Pwn2Own, which will run March 18-19 with $465,000 in prize money on the table.
Security experts yesterday were still frustrated about Microsoft's decision last month to halt advance warnings of each month's patch slate, with one calling it a "blockade" and another arguing that it makes it difficult for IT administrators to do their job.
Microsoft today took another step in a drawn-out move to protect Internet Explorer 11 (IE11) against POODLE attacks, and said it would finally disable SSL 3.0 in the browser in April.
Google has let fly two new disclosures of Windows vulnerabilities before Microsoft was able to patch them, marking the third and fourth times it's done so in the past 17 days.
After Google posted detailed information about a second Windows vulnerability in less than two weeks - before Microsoft was able to patch the flaws - Microsoft has lashed out, calling its rival's move a "gotcha" that puts users at risk.