#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Superfish Malware | Breaking Cybersecurity News | The Hacker News

Category — Superfish Malware
'Ridiculous' Bug in Popular Antivirus Allows Hackers to Steal all Your Passwords

'Ridiculous' Bug in Popular Antivirus Allows Hackers to Steal all Your Passwords

Jan 12, 2016
If you have installed Trend Micro's Antivirus on your Windows computer, then Beware. Your computer can be remotely hijacked, or infected with any malware by even through a website – Thanks to a critical vulnerability in Trend Micro Security Software. The Popular antivirus maker and security firm Trend Micro has released an emergency patch to fix critical flaws in its anti-virus product that allow hackers to execute arbitrary commands remotely as well as steal your saved password from Password Manager built into its AntiVirus program. The password management tool that comes bundled with its main antivirus is used to store passwords by users and works exactly like any other password manager application. Even Websites Can Hack Into Your Computer Google's Project Zero security researcher, Tavis Ormandy, discovered the remote code execution flaw in Trend Micro Antivirus Password Manager component, allowing hackers to steal users' passwords. In short, o...
Dell's Laptops are Infected with 'Superfish-Like' pre-installed Malware

Dell's Laptops are Infected with 'Superfish-Like' pre-installed Malware

Nov 24, 2015
Similar to the Superfish malware that surrounded Lenovo laptops in February, another big computer manufacturer Dell spotted selling PCs and laptops pre-installed with a rogue SSL certificate that could allow attackers: To impersonate as any HTTPS-protected website and spy on when banking or shopping online. The rogue certificate, dubbed eDellRoot , was first discovered over the weekend by a software programmer named Joe Nord . The certificate is so creepy that it automatically re-installs itself even when removed from the Windows operating system. Also Read:  Lenovo Caught Using Rootkit to Secretly Install Unremovable Software Superfish 2.0: Unkillable Zombie The self-signed transport layer security (TLS) credential came pre-installed as a root certificate on Dell PCs and laptops that are signed with the same private cryptographic key, which is stored locally. That means an attacker with moderate technical skills can extract the key and abuse it to sig...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
Google Removes 200 Ad-Injectors Chrome Extensions

Google Removes 200 Ad-Injectors Chrome Extensions

Apr 02, 2015
In the War against Ad injectors , Google has started removing ad-injecting extensions for its Chrome browser after it discovered as many as 200 Chrome extensions that exposed Millions of its users to malicious software and fraudulent activities. While working with a team of researchers from the University of California, Berkeley, the search engine giant found that over 5 percent of its users were infected with ' Ad Injectors ' — software that inserts ads or replace existing ads into the pages you visit while browsing the web. In last three months, Google received more than 100,000 complaints from its Chrome users about ad injection, which is far more than what the company receives for network errors, performance problems, or any other issue. Ad Injectors are sometimes more than just intrusive. A visitor to a website can be tricked into downloading an unwanted software and programs that could result in a major security risk, just what happened in the recent Sup...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Lenovo Website has been Hacked

Lenovo Website has been Hacked

Feb 25, 2015
Lenovo.com , the official website of world's largest PC maker has been hacked. At the time of writing, users visiting Lenovo.com website saw a teenager's slideshow and hacker also added song "Breaking Free" from High School Musical movie to the page background. It appears that Lizard Squad hacking group is responsible for the cyber attack against Lenovo and it could be in retaliation to the Superfish malware incident. It was revealed earlier this week that Lenovo had been pre-installing controversial 'Superfish' adware to its laptops which compromised the computer's encryption certificates to quietly include more ads on Google search. In the Source code of the hacked webpage, description says," The new and improved rebranded Lenovo website featuring Ryan King and Rory Andrew Godfrey "  Rory Andrew Godfrey and Ryan King have been previously identified as members of Lizard Squad Hacking Group. It is not clear whether anyone of them is involve...
Superfish-like Vulnerability Found in Over 12 More Apps

Superfish-like Vulnerability Found in Over 12 More Apps

Feb 23, 2015
'SuperFish' advertising software recently found pre-installed on Lenovo laptops is more widespread than what we all thought. Facebook has discovered at least 12 more titles using the same HTTPS-breaking technology that gave the Superfish malware capability to evade rogue certificate. The Superfish vulnerability affected dozens of consumer-grade Lenovo laptops shipped before January 2015, exposing users to a hijacking technique by sneakily intercepting and decrypting HTTPS connections, tampering with pages and injecting advertisements. Now, it's also thought to affect parental control tools and other adware programmes. Lenovo just released an automated Superfish removal tool to ensure complete removal of Superfish and Certificates for all major browsers. But, what about others? SSL HIJACKING Superfish uses a technique known as " SSL hijacking ", appears to be a framework bought in from a third company, Komodia, according to a blog post written ...
Lenovo Admits and Released an Automatic Superfish Removal Tool

Lenovo Admits and Released an Automatic Superfish Removal Tool

Feb 23, 2015
The computer giant Lenovo has released a tool to remove the dangerous "SuperFish" adware program that the company had pre-installed onto many of its consumer-grade Lenovo laptops sold before January 2015. The Superfish removal tool comes few days after the story broke about the nasty Superfish malware that has capability to sneakily intercept and decrypt HTTPS connections, tamper with pages in an attempt to inject advertisements. WE JUST FOUND 'SUPERFISH' - LENOVO The Chinese PC maker attempted to push the perception that Superfish software was not a security concern and avoid the bad news with the claim that it had "stopped Superfish software at beginning in January". However, Lenovo has now admitted that it was caught preloading a piece of adware that installed its own self-signing Man-in-the-Middle (MitM) proxy service that hijacked HTTPS connections. " We did not know about this potential security vulnerability until yesterday ," Lenovo said...
Lenovo Shipping PCs with Pre-Installed 'Superfish Malware' that Kills HTTPS

Lenovo Shipping PCs with Pre-Installed 'Superfish Malware' that Kills HTTPS

Feb 19, 2015
One of the most popular computer manufacturers Lenovo is being criticized for selling laptops pre-installed with invasive marketing software, or malware that, experts say, opens up a door for hackers and cyber crooks. The software, dubbed ' Superfish Malware ', analyzes users' Internet habits and injects third-party advertising into websites on browsers such as Google Chrome and Internet Explorer based on that activities without the user's permission. Security researchers recently discovered  Superfish Malware  presents onto new consumer-grade Lenovo computers sold before January of 2015. When taken out of the box for the first time, the adware gets activated and because it comes pre-installed, Lenovo customers might end up using it inadvertently. SUPERFISH CERTIFICATE PASSWORD CRACKED The  Superfish Malware  raised serious security concerns about the company's move for breaking fundamental web security protocols, carrying out " Man in the Middle " ...
Expert Insights / Articles Videos
Cybersecurity Resources