Dell laptops are coming preloaded with a self-signed root digital certificate that lets attackers spy on traffic to any secure website.

 

The reports first surfaced on Reddit and were soon confirmed by other users and security experts on Twitter and blogs. The root certificate, which has the power of a certificate authority on the laptops it's installed on, comes bundled with its corresponding private key, making the situation worse.

 

With the private key, which is now available online, anyone can generate a certificate for any website that will be trusted by browsers such as Internet Explorer and Google Chrome that use the Windows certificate store on affected laptops. Security experts have already generated proof-of-concept certificates for *.google.com and bankofamerica.com.

The CryptoWall ransomware has been updated to make it increasingly difficult for users to recover encrypted data.

 

The latest version of CryptoWall, version 4.0, will now alter the file names of data that it has encrypted to prevent victims from determining exactly what has been affected by the program. In addition, ransomware will now delete all system restore points upon its installation in an effort to ensure that data remains unrecoverable. If infected, the app will be accompanied by a message to victims, shown in the screenshot posted above, which states that they will be unable to recover their data unless they pay the ransom, and that any other attempt to recover data may result in irreversible loss.

According to the report from Globes, Microsoft is planning to acquire Secure Islands, a data security startup in Israel for about $100 – $150 million. If it happens, it will be Microsoft’s 5th acquisition in Israel in past year alone. Just few months back, Microsoft acquired Adallom, an another Israeli security startup.

In an exclusive interview to Tecmundo – a famous tech news group in Brazil -, Ondrej Vlcek, the Chief Operations of Avast, stated that the company is planning to release a security app for the platform in 2016. No specific date was given. One of the reasons is, according to Vlcek, the large number of pirate apps for Windows Phone that pretend to be official names, which collect thousands of users’ data and show an absurd amount of ads.