Superfish not the only app using Komodia’s SSL-busting code
As Lenovo backtracked on its initial position that the Superfish adware pre-installed on some of its notebooks is not a security danger, and released a security advisory about …
How to wipe Superfish adware and offending cert from your Lenovo laptop
After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that’s also breaking the security of secure connections by using …
Lenovo computers come with pre-installed adware and MITM proxy
If you have recently bought a new Lenovo computer, you’re in for a nasty surprise: the company has been shipping them with pre-installed adware. And, what’s even …
OpenSSL release patches 8 vulnerabilities
The OpenSSL Project has released updates for the popular eponymous open-source library that implements the SSL and TLS protocols. The new releases – 1.0.1k, 1.0.0p and …
POODLE attack now targeting TLS
There’s a new SSL/TLS problem being announced today and it’s likely to affect some of the most popular web sites in the world, owning largely to the popularity of …
New OpenSSL updates fix POODLE, DoS bugs
The OpenSSL Project has pushed out new releases of the popular eponymous open-source cryptographic library, which fix four serious vulnerabilities, including the POODLE …
POODLE vulnerability: The end of life of SSL 3.0
There is a critical security vulnerability in SSL 3.0 which allows attackers to calculate the plaintext of encrypted connections, and it will likely spell the end of the use …
Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
CloudFlare offers free SSL encryption
Web performance and security company CloudFlare today launched Universal SSL, making Secure Socket Layer (SSL) encryption available to anyone at no cost. “Yesterday …
Critical SSL flaw patched in Firefox, Thunderbird, Chrome
If you are a Mozilla Firefox, Thunderbird or Seamonkey user, you should implement the latest patches issued by the company as soon as possible, as they fix a critical bug …
Bulletproof SSL and TLS
Deploying SSL or TLS in a secure way is a great challenge for system administrators. This book aims to simplify that challenge by offering extensive knowledge and good advice …
Coder tries shaming apps and site owners into using HTTPS
How can we force website owners and software developers to start using HTTPS? Coder Tony Webster believes shaming might be the right answer. To that point, he created a …