Lenovo finds itself at the center of a security storm today over concerns related to the so-called Superfish adware that was included on some of the company’s PCs.
The concern is that Superfish bypasses Secure Sockets Layer/Transport Layer Security best practices and could potentially enable man-in-the-middle attacks. Lenovo denies consumers were ever at risk and claims Superfish was intended only to help consumers discover new products.
In a statement, Lenovo admitted that Superfish was on some of its consumer notebooks that shipped between October and December. Lenovo added that since January it has also disabled Superfish’s server-side interactions and has pledged not to preload Superfish on its hardware in the future.
Hewlett-Packard is joining the likes of Dell and Juniper Networks in the trend toward network disaggregation, where organizations can buy hardware from one vendor and software from another, a break from traditional networking where companies like Cisco Systems sell their software running on their own gear.
HP is teaming up with Accton Technology to build two new software-independent switches that will run Cumulus’ Linux networking OS.
Google has released to beta testing a new security-leak scanner for apps built on its cloud platform. The Google Cloud Security Scanner identifies security vulnerabilities in Google App Engine Web applications.
It crawls the application, follows all links within the scope of the starting URLs, and attempts to exercise as many user inputs and event handlers as possible.
The U.S Department of Justice announced on Feb. 17 that Russian national Vladimir Drinkman appeared in a federal court in New Jersey in connection with cyber-attacks that occurred between 2007 and 2009 and affected up to 160 million credit cards.
Drinkman has pleaded not guilty and is being detained without bail ahead of a trial scheduled for April 27, 2015. Before being extradited to the United States to stand trial,
Drinkman had been in detention by authorities in the Netherlands since he was first arrested June 28, 2012. According to the indictment, Drinkman did not act alone in his activities and there were other co-conspirators.