Stories by Brad Chacos

Brad Chacos's image

How to remove the dangerous Superfish adware preinstalled on Lenovo PCs

Lenovo's been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.

Brad Chacos | 20 Feb | Read more

Windows 7 exits mainstream support: What you need to know

Yet another end is nigh for Windows 7. After months of buildup--Microsoft killed standalone software sales of the operating system in October 2013, and Windows 7 consumer PCs stopped being manufactured in October 2014--the venerable OS is finally exiting "mainstream support" on January 13, 2015. And for months now, the Web has been flooded with a wave of confused or downright fearmongering headlines and articles implying that Windows 7 is following Windows XP into the graveyard.

Brad Chacos | 13 Jan | Read more

Safe from Shellshock: How to protect your home computer from the Bash shell bug

On the surface, the critical "Shellshock" bug revealed this week sounds devastating. By exploiting a bug in the Bash shell command line tool found in Unix-based systems, attackers can run code on your system--essentially giving them access to your system. Bad guys are already developing exploits that use Shellshock to crack your passwords and install DDoS bots on computers. And since Bash shell is borderline ubiquitous, a vast swath of devices are vulnerable to Shellshock: Macs, Linux systems, routers, web servers, "Internet of Things" gizmos, you name it.

Brad Chacos | 27 Sep | Read more

'Bigger than Heartbleed' Shellshock flaw leaves OS X, Linux, more open to attack

Well, this isn't good. Akamai security researcher, Stephane Chazelas, has discovered a devastating flaw in the Unix Bash shell, leaving Linux machines, OS X machines, routers, older IoT devices, and more vulnerable to attack. "Shellshock," as it's been dubbed, allows attackers to run code on your machine after exploiting the flaw, but the true danger here lies in just how old Shell Shock is - this vulnerability has apparently been lurking in the Bash shell for years.

Brad Chacos | 25 Sep | Read more

The 10 most terrifying security nightmares revealed at the Black Hat and Def Con hacker conferences

It's that time of year again: The wonderful, terrifying week when hackers and security gurus descend upon Las Vegas to show off their skills and unleash presentation after presentation full of scary-sounding exploits. This year is no different. Over the previous week, we've heard tales of planes brought down by rogue code, snoops spying on your security cameras, and secretive, undetectable code that can turn any USB drive into an unstoppable malware vessel.

Brad Chacos | 22 Aug | Read more

CryptoLocker decrypted: Researchers reveal website that frees your files from ransomware

The CryptoLocker ransomware is as simple as it is devastating: Once it worms its way onto your system, it encrypts all of your precious files using strong AES-256-bit cryptography, which is virtually impossible to break if you don't know the private key (read: secret code) required to unlock it. Pay the attackers $300, and they'll give you the key. Don't pay, and your files stay scrambled forever.

Brad Chacos | 07 Aug | Read more

Watch the web get hacked in real time on this mesmerizing map

The constant barrage of headlines trumpeting high-profile security breaches makes it easy to understand at a high level that hack attacks are on the rise, but mere words alone don't truly convey the scope of the constant threats. A mesmerizing example of data visualization by computer security firm Norse lets you see penetration attempts in real time, via a DEFCON-esque map that feels like it was ripped right from the old WarGames movie.

Brad Chacos | 26 Jun | Read more

How to change your eBay password

For all of eBay's talk about notifying users about its deep, devastating database breach--in which hackers swiped customer names, email addresses and physical addresses, phone number, date of birth, and yes, encrypted passwords--an official notification of the incident has yet to hit my inbox, and judging from reactions on Twitter, I'm not the only one being left in the dark.

Brad Chacos | 23 May | Read more