A boutique cyber security consultancy offering a variety of information security consultancy and compliance services designed to meet the individual needs of SME’s, public sector organisations and larger corporations, who want to protect their business and enhance the overall security of their internal and external information systems.
A boutique cyber security consultancy offering a variety of information security consultancy and compliance services designed to meet the individual needs of SME’s, public sector organisations and larger corporations, who want to protect their business and enhance the overall security of their internal and external information systems.

Lenovo Computers Vulnerable to HTTPS Spoofing

Original release date: February 20, 2015

Lenovo consumer personal computers employing the pre-installed Superfish Visual Discovery software contain a critical vulnerability through a compromised root CA certificate. Exploitation of this vulnerability could allow a remote attacker to read all encrypted web browser traffic (HTTPS), successfully impersonate (spoof) any website, or perform other attacks on the affected system.

US-CERT recommends users and administrators review Vulnerability Note VU#529496 and US-CERT Alert TA15-051A for additional information and mitigation details.


This product is provided subject to this Notification and this Privacy & Use policy.

via US-CERT Current Activity http://ift.tt/1LlEHzN Stay safe *”This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the US-CERT (DHS).