HackDig : Dig high-quality web security articles for hackers

How to chain flaws in Lenovo VIBE smartphones to gain root privileges

Researchers from Mandiant found a way to gain root privileges on Lenovo VIBE smartphones by chaining three vulnerabilities. The Lenovo VIBE smartphones were affected by security vulnerabilities that could allow an attacker with physical access to the device to gain root privileges. Researchers from Lenovo confirmed that the vulnerabilities could be exploited
Publish At:2017-07-04 19:20 | Read:3065 | Comments:0 | Tags:Breaking News Hacking Mobile Android Lenovo Lenovo VIBE smar

Lenovo warns of IBM Storwize shipped with infected initialization USB drives

Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo contain a malicious file. Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo V3500, V3700 and V5000 Gen 1 storage systems contain a file that has been infected with malicious code. The Initialization Tool on the USB
Publish At:2017-05-01 03:35 | Read:2766 | Comments:0 | Tags:Breaking News Hacking Malware IBM Storwize Lenovo malware su

ThinkPwn UEFI Zero-Day flaw allows hackers to disable security features

The researcher Dmytro Oleksiuk published details of ThinkPwn flaw, a UEFI zero-day that could be exploited by hackers to disable security features. Once again the IT giant Lenovo is in the headlines, some products of the company and some others from other PC vendors, are affected by a UEFI vulnerability, dubbed ThinkPwn, that can be exploited by an attacker
Publish At:2016-07-04 21:50 | Read:3989 | Comments:0 | Tags:Breaking News Hacking Security Bios Lenovo ThinkPwn UEFI zer

Threat Recap: Week of May 30th

  There’s a lot that happens in the security world, with many stories getting lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week. MySpace Hack Could Be Largest in Recent History Recently, LeakedSource announced that they had obtained th
Publish At:2016-06-03 23:35 | Read:3762 | Comments:0 | Tags:Headlines US hack lenovo Malware myspace phishing ransomware

Lenovo fixes serious flaw in pre-installed Lenovo Solution Center

Lenovo fixed the Lenovo Solution Center, once again the company faces problems with pre-installed bloatware causing major security problems for users. Lenovo has fixed a security vulnerability in the Lenovo Solution Center (LSC) support tool that could be exploited by attackers to execute code with system privileges and take over the machine. Lenovo Solution
Publish At:2016-05-07 07:05 | Read:4433 | Comments:0 | Tags:Breaking News Hacking Security Lenovo Lenovo Solution Center

Lenovo SHAREit affected by hard-coded password and many other flaws

Security experts at Core Security’s CoreLabs have discovered a hard-coded password and other vulnerabilities in the Lenovo SHAREit File-Sharing App. Lenovo today has patched several security issues related to the presence of a hard-coded password the file-sharing application Lenovo ShareIT application for Android and Windows t
Publish At:2016-01-26 12:15 | Read:3887 | Comments:0 | Tags:Hacking Mobile cyber security Lenovo Lenovo SHAREit

3 OEMs Vulnerable To 3 Vulnerabilities. Your PCs At Risk

Bad news for PC users, Lenovo machines can be hijacked by visiting a malicious website, meanwhile Dell and Toshiba PC are affected by serious flaws. Security Researcher slipstream/RoL posted Proof-of-concept exploits online (3 OEMs Vulnerable To Three Vulnerability Your PCs At Risk) demonstrating how to compromise machines ava
Publish At:2015-12-07 18:45 | Read:3498 | Comments:0 | Tags:Breaking News Hacking Dell exploit Lenovo PC security Toshib

Security Bug in Dell PCs Shipped Since 8/15

All new Dell laptops and desktops shipped since August 2015 contain a serious security vulnerability that exposes users to online eavesdropping and malware attacks. Dell says it is prepping a fix for the issue, but experts say the threat may ultimately need to be stomped out by the major Web browser makers. At issue is a root certificate installed on newer D
Publish At:2015-12-02 02:10 | Read:3712 | Comments:0 | Tags:A Little Sunshine Latest Warnings Security Tools Ars Technic

Privilege Escalation Vulnerabilities Found in Lenovo System Update

By Sofiane Talmat @_Sud0Lenovo released a new versionof the Lenovo System Update advisory (https://support.lenovo.com/ar/es/product_security/lsu_privilege) abouttwo new privilege escalation vulnerabilities I had reported to Lenovo a coupleof weeks ago (CVE-2015-8109, CVE-2015-8110). IOActive and Lenovo have issuedadvisories on these issues. Before digging
Publish At:2015-11-25 13:35 | Read:7391 | Comments:0 | Tags:application security elevation privileges hacking Lenovo Sof

Dell does a Superfish, ships PCs with easily cloneable root certificates

In a move eerily similar to the Superfish debacle that visited Lenovo in February, Dell is shipping computers that come preinstalled with a digital certificate that makes it easy for attackers to cryptographically impersonate Google, Bank of America, and any other HTTPS-protected website.Further ReadingLenovo PCs ship with man-in-the-middle adware that break
Publish At:2015-11-24 01:20 | Read:5556 | Comments:0 | Tags:Law & Disorder Risk Assessment Technology Lab Uncategorized

Lenovo caught with pre-installed tracking application for the third time

Michael Horowitz from Computerworld discovered an application called “Lenovo Customer Feedback Program 64,” which is used to gather customers feedback data. Once, two, three … this is the third time that security experts discover a spyware pre-installed on Lenovo laptops and workstations, and also in this c
Publish At:2015-09-25 17:05 | Read:4088 | Comments:0 | Tags:Breaking News Digital ID Hacking Malware Lenovo marketing pr

This Week in Security: Oracle’s Blog Blunder, Facebook’s Privacy Flaw and Lenovo Strikes Again

Our security roundup series covers the week’s trending topics in the world of information security. In this compilation, we’ll let you know of the latest announcements, reports and controversies that the industry has been talking about recently.Here’s what you don’t want to miss from the week of August 9th, 2015:The biggest controversy of the week goes to Or
Publish At:2015-08-14 20:10 | Read:3598 | Comments:0 | Tags:This Week in Security Dropbox Facebook Lenovo Mary Ann David

Yet malicious software found on Lenovo PCs

Chinese computer manufacturers Lenovo has been caught once again using a hidden Windows feature to preinstall unwanted and unremovable rootkit. Lenovo firm was accused several times to supplying equipment for networks of the intelligence and defense services various countries that allowed the Chinese Government to run espion
Publish At:2015-08-13 10:50 | Read:3125 | Comments:0 | Tags:Breaking News Hacking espionge Lenovo rootkit spyware

Lenovo Hit With Criticism Over Second Rootkit-Like Utility

Lenovo is under fire again for installing a covert utility on laptops and desktops that some users have compared to a rootkit.The issue stems from a utility called the Lenovo Service Engine, that is designed to collect some system information and send it to Lenovo at the time the machine connects to the Internet. But some Lenovo users discovered that even af
Publish At:2015-08-13 10:10 | Read:4590 | Comments:0 | Tags:Malware Vulnerabilities Lenovo malware rootkit Superfish

Samsung Program Disables Windows Update on PCs

Samsung PC owners could soon find themselves in an endless carousel of enabling Windows Update with each reboot of their machine after a computing enthusiast discovered that a Samsung feature disables Microsoft’s update mechanism by default.Windows Update is a service that delivers, among other features, security updates and patches to Windows machines
Publish At:2015-06-26 16:21 | Read:3156 | Comments:0 | Tags:Featured Malware Microsoft Vulnerabilities Adware Lenovo Len


Share high-quality web security related articles with you:)