#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Lenovo Backdoor Malware | Breaking Cybersecurity News | The Hacker News

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Sep 25, 2015
Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends users data directly to the company. This is not first time Lenovo has allegedly installed spyware onto consumers PCs. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware that opened up doors for hackers. In August, Lenovo again got caught installing unwanted and non-removable crapware into part of the BIOS reserved for custom drivers. Lenovo Laptops comes Pre-installed with 'Spyware' Now, the Chinese computer manufacturer is making news once again for embedding tracking software into its laptops and workstations from Lenovo ThinkPad, ThinkCentre, and ThinkStation series. Michael Horowitz from Comput
Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Lenovo Caught Using Rootkit to Secretly Install Unremovable Software

Aug 13, 2015
Two years ago Chinese firm Lenovo got banned from supplying equipment for networks of the intelligence and defense services various countries due to hacking and spying concerns. Earlier this year, Lenovo was caught red-handed for selling laptops pre-installed with Superfish malware . One of the most popular Chinese computer manufacturers 'Lenovo' has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit software on certain Lenovo laptop and desktop systems it sells. The feature is known as " Lenovo Service Engine " (LSE) – a piece of code presents into the firmware on the computer's motherboard.  If Windows is installed, the LSE automatically downloads and installs Lenovo's own software during boot time before the Microsoft operating system is launched, overwriting Windows operating system files. More worrisome part of the feature is that it injects software that updates drivers, firmware, and oth
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities

Feb 15, 2024SaaS Security / Risk Management
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023.  Their study reveals  how companies use SaaS today, and the wide variety of threats that result from that usage. This unique analysis provides rare and important insights into the breadth and depth of SaaS-related risks, but also provides practical tips to mitigate them and ensure SaaS can be widely used without compromising security posture.  The TL;DR Version Of SaaS Security 2023 brought some now infamous examples of malicious players leveraging or directly targeting SaaS, including the North Korean group UNC4899, 0ktapus ransomware group, and Russian Midnight Blizzard APT, which targeted well-known organizat
Lenovo Website has been Hacked

Lenovo Website has been Hacked

Feb 25, 2015
Lenovo.com , the official website of world's largest PC maker has been hacked. At the time of writing, users visiting Lenovo.com website saw a teenager's slideshow and hacker also added song "Breaking Free" from High School Musical movie to the page background. It appears that Lizard Squad hacking group is responsible for the cyber attack against Lenovo and it could be in retaliation to the Superfish malware incident. It was revealed earlier this week that Lenovo had been pre-installing controversial 'Superfish' adware to its laptops which compromised the computer's encryption certificates to quietly include more ads on Google search. In the Source code of the hacked webpage, description says," The new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey "  Rory Andrew Godfrey and Ryan King have been previously identified as members of Lizard Squad Hacking Group. It is not clear whether anyone of them is involve
cyber security

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.
Lenovo Admits and Released an Automatic Superfish Removal Tool

Lenovo Admits and Released an Automatic Superfish Removal Tool

Feb 23, 2015
The computer giant Lenovo has released a tool to remove the dangerous "SuperFish" adware program that the company had pre-installed onto many of its consumer-grade Lenovo laptops sold before January 2015. The Superfish removal tool comes few days after the story broke about the nasty Superfish malware that has capability to sneakily intercept and decrypt HTTPS connections, tamper with pages in an attempt to inject advertisements. WE JUST FOUND 'SUPERFISH' - LENOVO The Chinese PC maker attempted to push the perception that Superfish software was not a security concern and avoid the bad news with the claim that it had "stopped Superfish software at beginning in January". However, Lenovo has now admitted that it was caught preloading a piece of adware that installed its own self-signing Man-in-the-Middle (MitM) proxy service that hijacked HTTPS connections. " We did not know about this potential security vulnerability until yesterday ," Lenovo said
Lenovo Shipping PCs with Pre-Installed 'Superfish Malware' that Kills HTTPS

Lenovo Shipping PCs with Pre-Installed 'Superfish Malware' that Kills HTTPS

Feb 19, 2015
One of the most popular computer manufacturers Lenovo is being criticized for selling laptops pre-installed with invasive marketing software, or malware that, experts say, opens up a door for hackers and cyber crooks. The software, dubbed ' Superfish Malware ', analyzes users' Internet habits and injects third-party advertising into websites on browsers such as Google Chrome and Internet Explorer based on that activities without the user's permission. Security researchers recently discovered  Superfish Malware  presents onto new consumer-grade Lenovo computers sold before January of 2015. When taken out of the box for the first time, the adware gets activated and because it comes pre-installed, Lenovo customers might end up using it inadvertently. SUPERFISH CERTIFICATE PASSWORD CRACKED The  Superfish Malware  raised serious security concerns about the company's move for breaking fundamental web security protocols, carrying out " Man in the Middle " (MitM) at
Cybersecurity Resources