After the recent revelation that Lenovo has been shipping some of it laptops with pre-installed adware that's also breaking the security of secure connections by using self-signed MITM SSL certificates, the company has attempted to minimize the fallout by reiterating the initial explanation about why they did it: to help their customers.
Gogo, a noted provider of in-flight broadband Internet service, has been spotted serving a fake Google SSL certificate to fliers trying to access YouTube, effectively performing a Man-in-the-Middle attack against them.
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with Man-in-the-Middle attacks.
HP has announced to its customers that it will soon revoke a specific private digital certificate that they used to sign some software components that ship with some of its older products, because the certificate has also been used to sign malicious software.
If you are a Mozilla Firefox, Thunderbird or Seamonkey user, you should implement the latest patches issued by the company as soon as possible, as they fix a critical bug whose exploitation can lead to successful Man-in-the-Middle attacks.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.