You’ve heard me talk about the Lenovo Superfish issue, and Dell’s Superfish 2.0. Both these vendors shipped products with identical digital certificates, which makes it easier for attackers to trick these devices into trusting them, if they can get into the path of the devices’ communications. Well, the news just got even worse. Watch today’s episode to learn about the latest research that found hundreds of devices, from many manufacturers, that are vulnerable to the same type of issue.
(Episode Runtime: 2:32)
Direct YouTube Link: https://www.youtube.com/watch?v=AVW5aFOg3Dg
EPISODE REFERENCES:
- Security firms research on the duplicate cert issue – Sec Consult
- Good article covering the problem – Forbes
- CERT vulnerability note on this issue – CERT
— Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply