OFFICIAL SECURITY BLOG

We’ve moved! You can now read the latest and greatest on Mac adware and malware at Malwarebytes.

Avast’s man in the middle

Posted on February 24th, 2015 at 12:47 PM EDT

The security community is ablaze with news of Superfish being pre-installed on some Lenovo computers. The primary issue concerning experts is that Superfish replaced SSL certificates, used for ensuring secure connections on the internet, with its own certificates. It turns out that the same behavior is being exhibited by software that many people are inclined to trust: Avast’s anti-virus software!
Read the rest of this entry »

67 Comments

Should you worry about POODLE bites?

Posted on October 15th, 2014 at 7:38 AM EDT

Yesterday, Google revealed a vulnerability that one of their researchers found in SSL3, a technology used to secure many network connections, including those used by secure websites. This bug – which is being called “POODLE” – could allow for an attacker to gain access to encrypted transmissions sent between the browser and a secure site. The question many Mac users will be asking this morning is: how much should we worry?
Read the rest of this entry »

19 Comments