Cryptography Services, a team of consultants from several security research firms, have announced that they have been tasked with auditing OpenSSL, the popular and widely used open-source implementation of the SSL and TLS protocols.
Microsoft has released a security advisory on Thursday, confirming that all supported releases of Microsoft Windows are vulnerable to the recently documented FREAK (Factoring RSA Export Keys) attack.
A flaw in OpenSSL and Apple's Secure Transport implementation of SSL and TLS protocols is putting millions of Android and Apple device users as well as visitors of secured sites in danger of having their encrypted connections decrypted, and the information exchanged with the servers behind them intercepted.
When the issue of Lenovo's pre-installed SSL-breaking Superfish adware first gained widespread media recognition, the company's CTO Peter Hortensius tried to do some damage control and stated that the adware posed no security risk for users.
As Lenovo backtracked on its initial position that the Superfish adware pre-installed on some of its notebooks is not a security danger, and released a security advisory about the "vulnerability" that allows it to install a self-signed root certificate in the local trusted CA store, Superfish CEO Adi Pinhas did the same.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.