You've heard me talk about the Lenovo Superfish issue, and Dell's Superfish 2.0. Both these vendors shipped products with identical digital certificates, which makes it easier for attackers to trick these devices into trusting them, if they can get into the path of the devices' communications. Well, the news just got even worse. Watch today's episode to learn about the latest … [Read more...]
Dell Superfish 2.0 – Daily Security Byte EP. 180
Remember Superfish? That was when Lenovo shipped bloatware on their laptops that included the same self-signed root certificate. Once attackers extracted the private key, they could leverage this root certificate to make every HTTPS connection look good, even if it was a fake site. Apparently, Dell made the same mistake. Watch today's video to learn more. Show note: I … [Read more...]
Evasive Malware & No More Patch Day – WSWiR Episode 151
In one short week there's been two new variants of evasive malware, a zero day flaw in a popular blogging framework, some proof-of-concept GPU malware, and a major change to the biggest OS vendor's patching cycle. How is one poor IT guy to keep up with this every changing Information Security (InfoSec) news? Don't worry. We got you covered in our weekly InfoSec news round … [Read more...]
Lenovo Security Fail – Daily Security Byte EP.78
A few months ago, some of Lenovo's preinstalled adware got them into security hot water. Looks like their pre-installed software has struck again. Watch today's video to learn about the latest Lenovo vulnerabilities and what you can do about them. (Episode Runtime: 1:54) Direct YouTube Link: https://www.youtube.com/watch?v=2jU2b42iVY4 EPISODE REFERENCES: Security advisory … [Read more...]
NSA Get Out of Our Phones – WSWiR Episode 140
According to the news cyber criminals, nation states, and even our own employees are attacking our digital networks. In fact there's so much information security news each day, it's hard to keep up. If you find yourself falling behind, perhaps my weekly summary video can help. Today's episode covers, nation-state malware, booby-trapped popular web sites, dangerous pre-loaded … [Read more...]