Lenovo's been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.
Brad Chacos |
20 Feb |
Read more
Hey, Radeon owners: It's time to change your password if you use the AMD Gaming Evolved software to optimize your PC games, chat with others, earn rewards, or record and stream your gameplay.
Brad Chacos |
04 Feb |
Read more
Yet another end is nigh for Windows 7. After months of buildup--Microsoft killed standalone software sales of the operating system in October 2013, and Windows 7 consumer PCs stopped being manufactured in October 2014--the venerable OS is finally exiting "mainstream support" on January 13, 2015. And for months now, the Web has been flooded with a wave of confused or downright fearmongering headlines and articles implying that Windows 7 is following Windows XP into the graveyard.
Brad Chacos |
13 Jan |
Read more
Yes, recent versions of Mac OS X are vulnerable to the critical "Shellshock" Bash bug revealed earlier this week, including OS X Mavericks--but don't sweat it unless you're doing ninja-level Unix tricks with shell commands already.
Brad Chacos |
27 Sep |
Read more
On the surface, the critical "Shellshock" bug revealed this week sounds devastating. By exploiting a bug in the Bash shell command line tool found in Unix-based systems, attackers can run code on your system--essentially giving them access to your system. Bad guys are already developing exploits that use Shellshock to crack your passwords and install DDoS bots on computers. And since Bash shell is borderline ubiquitous, a vast swath of devices are vulnerable to Shellshock: Macs, Linux systems, routers, web servers, "Internet of Things" gizmos, you name it.
Brad Chacos |
27 Sep |
Read more
Well, this isn't good. Akamai security researcher, Stephane Chazelas, has discovered a devastating flaw in the Unix Bash shell, leaving Linux machines, OS X machines, routers, older IoT devices, and more vulnerable to attack. "Shellshock," as it's been dubbed, allows attackers to run code on your machine after exploiting the flaw, but the true danger here lies in just how old Shell Shock is - this vulnerability has apparently been lurking in the Bash shell for years.
Brad Chacos |
25 Sep |
Read more
Crowdfunded hardware ideas sputter out all too often, but a particularly intriguing one just became reality. The--ahem--USB Condom is now shipping, ready to protect your dongles from infected ports for $10 a pop.
Brad Chacos |
28 Aug |
Read more
It's that time of year again: The wonderful, terrifying week when hackers and security gurus descend upon Las Vegas to show off their skills and unleash presentation after presentation full of scary-sounding exploits. This year is no different. Over the previous week, we've heard tales of planes brought down by rogue code, snoops spying on your security cameras, and secretive, undetectable code that can turn any USB drive into an unstoppable malware vessel.
Brad Chacos |
22 Aug |
Read more
The CryptoLocker ransomware is as simple as it is devastating: Once it worms its way onto your system, it encrypts all of your precious files using strong AES-256-bit cryptography, which is virtually impossible to break if you don't know the private key (read: secret code) required to unlock it. Pay the attackers $300, and they'll give you the key. Don't pay, and your files stay scrambled forever.
Brad Chacos |
07 Aug |
Read more
Earlier this week, Microsoft reminded the world that it will stop providing "mainstream support" for Windows 7 (and a slew of other products) in January of 2015. Immediately, the Web was flooded in a wave of confused or downright fearmongering headlines and articles implying that Windows 7 is following Windows XP into the graveyard.
Brad Chacos |
11 Jul |
Read more
Brendan Eich's reign as Mozilla's CEO may have only lasted less than two short weeks, but he already had long-term plans about how to help Firefox regain some of its lost glory--plans that meant competing against Mozilla's biggest benefactor, as Eich revealed in a series of tweets on Sunday.
Brad Chacos |
09 Jul |
Read more
The constant barrage of headlines trumpeting high-profile security breaches makes it easy to understand at a high level that hack attacks are on the rise, but mere words alone don't truly convey the scope of the constant threats. A mesmerizing example of data visualization by computer security firm Norse lets you see penetration attempts in real time, via a DEFCON-esque map that feels like it was ripped right from the old WarGames movie.
Brad Chacos |
26 Jun |
Read more
Microsoft's latest batch of Patch Tuesday updates broke Office 2013 for some users, leaving the productivity suite unable to run whatsoever, the company admitted in a Friday blog post.
Brad Chacos |
17 Jun |
Read more
For all of eBay's talk about notifying users about its deep, devastating database breach--in which hackers swiped customer names, email addresses and physical addresses, phone number, date of birth, and yes, encrypted passwords--an official notification of the incident has yet to hit my inbox, and judging from reactions on Twitter, I'm not the only one being left in the dark.
Brad Chacos |
23 May |
Read more
Antivirus is dead.
Brad Chacos |
06 May |
Read more