Check Point IPS update in response to Superfish
You may have heard about the recent Superfish SSL Adware and how it compromises the security of Lenovo laptops. The good news is that Check Point have now updated their IPS signature definition to detect and block any SSL session secured with this certificate. This recent update to their IPS (Intrusion Prevention System), once installed on your gateway, will give you instant protection against any web-based communication secured by Superfish until the software can be removed from the laptop.
To recap, the Superfish is an Ad injecting software installed onto Lenovo laptops. The idea of the program was to target ads towards the consumer, based on the websites they were visiting. The program does this by intercepting all web based communication and passing it through their inspection engine in order to extract and pass back a result. The problem comes from the fact that HTTPS communication has to be encrypted from the source to the destination in order to keep the data secure and private. Superfish gets around this problem by essentially mimicking the same function as an attacker would and becoming a “man-in-the-middle.” The SSL communication from the web server is terminated with the Superfish program and then creates a new SSL connection between itself and the browser, presenting the web page back to you. If you were to check the SSL certificate from a website on a Lenovo laptop, installed with Superfish, you would see the certificate is signed by Superfish.
Intercepting an SSL session poses security risks because hackers can use the same process to steal information such as credit card details and personal information unbeknownst to the end user. As the software and root certificate/private key to perform this function is already installed on several laptops, it would make it easier for an attacker to attempt an exploit.
Lenovo have issued an advisory on Thursday 19th February 2015 and a automated tool earlier today on how to help users remove the software and certificate.
Infrastructure & Hosting
We deliver reliable and robust infrastructure and hosting. Our technical team can help design your network, or alternatively we have our own resilient Data Centre, where we can fully manage your hosted solution. Whatever your needs, we will accommodate them.
Physical Security
Atomos Networks specializes in the installation and management of advanced door access systems and CCTV surveillance. We deliver tailored security solutions that combine cutting-edge technology with expert service, ensuring seamless access control and 24/7 monitoring for businesses and facilities. From planning and installation to ongoing maintenance and system management, Atomos provides end-to-end support designed to keep premises secure and operations running smoothly. Committed to reliability and innovation, the company helps clients protect their assets, monitor activity in real time, and maintain a safe environment for staff and visitors.
Firewalls
We treat the business of network security very seriously indeed. We're experts in this field and along with security vendors like Check Point, we view security as a business process which requires significant consideration and investment (if the scope so requires). We can provide you with world-class firewall products, all of which are next generation. Since we’re not a ‘one size fits all’ IT consultancy, we ensure that the firewall product we recommend meets the exact network security needs of your business.
Site Survey
Considering the best way to configure your network starts with a site survey, where we discuss all of your network needs (now and in the near future), so that we can create an accurate functional scope of what’s available to you.