Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Researchers uncover signs of Superfish-style attacks

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 27 Feb 2015 09:28:02 +0000 (UTC)
http://www.computerworld.com/article/2889469/researchers-uncover-signs-of-superfish-style-attacks.html

By Gregg Keizer
Computerworld
Feb 26, 2015
Researchers at the Electronic Frontier Foundation (EFF) yesterday said that they had found evidence that implies attackers have exploited a security vulnerability in the Superfish adware and a slew of other programs.
Superfish, a company that markets a visual search product, made the news last week when Lenovo was found to have pre-loaded the program on its consumer-grade PCs during a four-month span late last year. Lenovo has acknowledged that Superfish poses a security threat to customers, and has released a tool to eradicate the software.
Microsoft, McAfee -- both Lenovo partners -- and Symantec have also issued anti-malware updates that scrub Superfish from PCs.
But the problem extends beyond Superfish, security experts have discovered. Other programs also rely on the same code library -- one created by Israeli company Komodia -- to circumvent Web encryption with a proxy. 

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
Previous By Date Next
Previous By Thread Next

Current thread: